Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c91ab8e7-8370-48ed-9e25-0dc260ba196b.roa
File: c91ab8e7-8370-48ed-9e25-0dc260ba196b.roa (raw, json)
Hash identifier: VO3C5bsagK/BGzpEF2eRqi0yV4vJSGH4cCwaz6rpQ7A=
Subject key identifier: 2E:FD:AF:33:09:C3:CA:E5:59:47:82:01:A7:BA:03:56:14:CE:3A:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 754CB9AF889F4EB503C5D4C487AED37D7E4B16D4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c91ab8e7-8370-48ed-9e25-0dc260ba196b.roa
Signing time: Mon 16 Jun 2025 20:01:24 +0000
ROA not before: Mon 16 Jun 2025 20:01:24 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:4c:b9:af:88:9f:4e:b5:03:c5:d4:c4:87:ae:d3:7d:7e:4b:16:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:01:24 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=e7433bc23cfcdfe142b192c14e7a089d421f6353cde55bfe17651e2872073fa1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:44:60:e5:f2:88:c7:4f:75:5a:d5:e7:56:1d:
40:f0:d1:47:25:f8:ee:1b:2c:3f:b6:08:0a:97:a8:
6a:b2:e5:eb:40:c1:c6:7d:5f:8b:5d:5c:e8:3b:6e:
bd:2d:14:71:75:17:5d:9f:74:26:4b:35:99:ed:13:
10:fd:01:55:35:b2:0f:82:bc:33:4d:f7:3c:f5:7a:
92:dd:47:f0:e7:c4:1e:27:5d:9d:19:59:03:8b:fa:
62:2b:e6:12:c4:28:b8:8b:01:07:a6:88:7a:5c:f1:
29:4b:c2:22:6f:ca:9c:4f:c6:46:17:97:98:3c:d9:
64:94:1c:73:71:79:51:07:70:e2:fa:46:d2:b7:3a:
9c:f4:55:cd:43:82:15:39:bb:ea:25:a5:c0:68:e0:
17:9f:0f:fb:ba:4a:2c:0b:68:dd:5c:a5:8c:93:8a:
2a:41:dd:47:38:6d:3c:56:67:0d:1b:ba:01:9c:64:
41:8b:dc:ea:17:c0:61:68:24:3f:92:05:5f:c7:c2:
8f:b3:d5:d8:8e:cb:2c:67:ab:2b:5f:e4:cc:5d:02:
0d:5a:94:c8:e1:1d:88:2d:b6:55:91:19:d7:74:59:
c8:1a:4c:fa:f1:60:d6:55:9f:cf:18:01:0f:de:da:
81:79:81:90:4c:96:17:54:34:e3:0a:52:6f:b0:10:
88:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:FD:AF:33:09:C3:CA:E5:59:47:82:01:A7:BA:03:56:14:CE:3A:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c91ab8e7-8370-48ed-9e25-0dc260ba196b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
95:30:83:51:eb:d9:c9:31:2c:f1:05:0a:a3:bc:56:ef:81:cb:
e3:b8:82:2b:72:f5:6e:ce:98:d7:09:85:e7:99:dc:cc:4c:0e:
8e:27:0f:dc:5e:da:e2:b9:9f:88:01:2c:a0:4d:f5:c7:78:61:
9b:3e:04:76:39:68:f8:26:ad:0b:18:5e:29:9e:c1:26:35:3b:
dd:75:73:85:02:a1:6e:35:1a:38:ff:28:53:1e:f8:f0:ca:b6:
b2:56:c6:bc:01:f8:0a:0c:5f:a9:41:c6:f5:a2:be:e0:a3:12:
35:7f:a7:5c:52:d0:70:08:f5:f5:b1:d2:d5:e4:f1:1f:2f:be:
1f:49:e1:20:89:7e:04:01:41:19:2a:6b:ad:95:24:c3:1e:f4:
e9:af:5b:bd:75:a0:87:aa:56:cd:bc:be:7d:90:73:39:34:f1:
56:eb:18:c0:50:6b:c1:28:b6:63:22:c4:ec:4b:b7:cf:c6:86:
6a:6b:49:07:7e:c3:72:78:0d:18:77:06:61:a6:01:0c:1b:ff:
f2:f6:ae:cd:59:26:68:77:52:28:7a:f0:98:01:53:59:3e:dc:
47:78:71:25:9a:24:c1:0d:fd:44:f9:27:b4:78:81:99:2f:11:
3b:38:5a:52:f9:4a:ad:a4:aa:bd:6b:21:88:1c:5e:03:fc:25:
72:6b:b3:25
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdUy5r4ifTrUDxdTEh67TfX5LFtQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAxMjRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3NDMzYmMyM2NmY2RmZTE0MmIxOTJjMTRlN2EwODlkNDIxZjYzNTNjZGU1
NWJmZTE3NjUxZTI4NzIwNzNmYTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFEYOXyiMdPdVrV51YdQPDRRyX47hssP7YICpeoarLl60DBxn1fi11c6Dtu
vS0UcXUXXZ90Jks1me0TEP0BVTWyD4K8M033PPV6kt1H8OfEHiddnRlZA4v6Yivm
EsQouIsBB6aIelzxKUvCIm/KnE/GRheXmDzZZJQcc3F5UQdw4vpG0rc6nPRVzUOC
FTm76iWlwGjgF58P+7pKLAto3VyljJOKKkHdRzhtPFZnDRu6AZxkQYvc6hfAYWgk
P5IFX8fCj7PV2I7LLGerK1/kzF0CDVqUyOEdiC22VZEZ13RZyBpM+vFg1lWfzxgB
D97agXmBkEyWF1Q04wpSb7AQiI0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQu/a8z
CcPK5VlHggGnugNWFM46qDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzkxYWI4ZTctODM3MC00OGVkLTllMjUtMGRjMjYwYmExOTZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJg
wDANBgkqhkiG9w0BAQsFAAOCAQEAlTCDUevZyTEs8QUKo7xW74HL47iCK3L1bs6Y
1wmF55nczEwOjicP3F7a4rmfiAEsoE31x3hhmz4Edjlo+CatCxheKZ7BJjU73XVz
hQKhbjUaOP8oUx748Mq2slbGvAH4CgxfqUHG9aK+4KMSNX+nXFLQcAj19bHS1eTx
Hy++H0nhIIl+BAFBGSprrZUkwx706a9bvXWgh6pWzby+fZBzOTTxVusYwFBrwSi2
YyLE7Eu3z8aGamtJB37DcngNGHcGYaYBDBv/8vauzVkmaHdSKHrwmAFTWT7cR3hx
JZokwQ39RPkntHiBmS8ROzhaUvlKraSqvWshiBxeA/wlcmuzJQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:29 2025 by rpki-client