Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
File: cd129ecb-5978-40fd-ada8-5ab27adcb622.roa (raw, json)
Hash identifier: um+auBqyrCqjD7gfXTwETKWJPXW7prAd/afRmk9K/5U=
Subject key identifier: D7:9E:F5:03:FC:7E:A2:79:C5:3C:83:AD:08:98:83:29:46:25:AF:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17FD078E20E93F79A03AAFEAD24DD805AB745B17
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
Signing time: Mon 16 Jun 2025 20:11:01 +0000
ROA not before: Mon 16 Jun 2025 20:11:01 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:fd:07:8e:20:e9:3f:79:a0:3a:af:ea:d2:4d:d8:05:ab:74:5b:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:11:01 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=aa5f42804d9347cb7439c17c1b5a7e35aed6eb898c32f66b1d0e71a0c1d0df79, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:68:fb:00:1f:2c:34:cf:fa:d4:6d:85:5a:61:
96:6e:f4:15:b4:da:8f:c4:df:1c:68:dc:0f:5c:6a:
e9:68:d4:ed:9f:e0:55:f2:0a:7a:1e:a9:91:52:0e:
bc:a9:69:8e:e1:9b:23:6e:73:71:82:3c:ff:bc:e2:
7d:19:86:85:b7:4a:74:8f:c7:e3:0e:53:64:39:9f:
ef:f4:f1:e3:36:7a:7c:ee:cd:a0:ff:e9:d1:bd:38:
f0:8d:d0:92:73:62:57:a6:4a:30:0a:c6:53:d2:ed:
0d:63:6d:b1:aa:28:5d:0c:03:be:e8:3b:bd:f1:b6:
ae:16:96:b3:a5:b9:43:bc:8f:19:9d:11:37:b2:ee:
7a:df:9e:ab:c9:d7:3a:8c:ad:ff:29:d8:20:79:6d:
02:91:64:f1:a9:35:b9:c0:5f:d1:50:1f:6b:8b:5c:
fc:15:25:0e:e4:41:d5:2e:24:ae:b1:b6:51:80:79:
37:6b:b3:14:92:d7:b1:ba:e2:a0:7c:92:9a:5b:d1:
50:0f:a6:ac:ef:48:8d:c4:8a:ed:63:6f:54:d1:c6:
0d:93:39:97:79:8f:db:82:bd:ba:bc:7c:42:c1:06:
ad:d2:3a:c3:63:45:03:9f:3b:fc:0b:9f:e2:ec:f3:
e2:13:c9:33:1d:8e:6b:04:9e:e2:a6:aa:f7:cc:a1:
25:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:9E:F5:03:FC:7E:A2:79:C5:3C:83:AD:08:98:83:29:46:25:AF:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
8d:6c:67:07:7e:4f:9b:29:40:3d:20:7d:48:99:68:9c:1d:fe:
f4:ff:dc:fa:f7:6f:a7:92:0a:15:7c:cd:c9:3e:88:1c:38:8f:
4a:46:b7:1a:87:06:b3:b8:97:b3:b8:42:e9:7d:04:85:9f:6b:
53:68:5e:3d:ff:6b:5e:08:49:fe:a0:97:98:2d:4f:9a:2c:13:
9c:13:0e:eb:25:92:a8:94:74:b2:73:e2:68:49:47:78:45:3d:
5d:2d:a2:7d:91:67:5b:a8:38:69:5e:9d:61:f5:72:5e:a5:ed:
63:46:cb:90:84:e4:13:5f:b7:fc:47:30:ed:05:1a:50:99:25:
e7:13:b3:6e:d5:cf:0b:dd:49:54:e5:57:d2:55:ae:63:1b:c5:
e4:b4:94:e4:b8:f1:59:c0:31:24:8a:6f:c7:b6:17:f6:97:be:
db:48:72:ed:f3:05:03:77:64:94:56:8d:5c:ba:a3:1d:f1:34:
98:b3:22:2c:8d:f7:1a:86:c4:2a:57:6f:26:b7:99:34:a8:96:
b5:d9:28:9c:59:19:3a:24:19:97:0e:cd:d0:cc:b4:ac:44:8c:
dd:06:70:c3:2f:54:cf:fb:53:de:3d:80:01:8b:40:da:bb:b0:
ff:ae:b5:23:19:57:a8:88:03:b9:fe:a8:f7:87:97:17:d6:4a:
11:1a:3e:74
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUF/0HjiDpP3mgOq/q0k3YBat0WxcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDExMDFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhNWY0MjgwNGQ5MzQ3Y2I3NDM5YzE3YzFiNWE3ZTM1YWVkNmViODk4YzMy
ZjY2YjFkMGU3MWEwYzFkMGRmNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxo+wAfLDTP+tRthVphlm70FbTaj8TfHGjcD1xq6WjU7Z/gVfIKeh6pkVIO
vKlpjuGbI25zcYI8/7zifRmGhbdKdI/H4w5TZDmf7/Tx4zZ6fO7NoP/p0b048I3Q
knNiV6ZKMArGU9LtDWNtsaooXQwDvug7vfG2rhaWs6W5Q7yPGZ0RN7Luet+eq8nX
Ooyt/ynYIHltApFk8ak1ucBf0VAfa4tc/BUlDuRB1S4krrG2UYB5N2uzFJLXsbri
oHySmlvRUA+mrO9IjcSK7WNvVNHGDZM5l3mP24K9urx8QsEGrdI6w2NFA587/Auf
4uzz4hPJMx2OawSe4qaq98yhJccCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTXnvUD
/H6iecU8g60ImIMpRiWvzTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2QxMjllY2ItNTk3OC00MGZkLWFkYTgtNWFiMjdhZGNiNjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
wDANBgkqhkiG9w0BAQsFAAOCAQEAjWxnB35PmylAPSB9SJlonB3+9P/c+vdvp5IK
FXzNyT6IHDiPSka3GocGs7iXs7hC6X0EhZ9rU2hePf9rXghJ/qCXmC1PmiwTnBMO
6yWSqJR0snPiaElHeEU9XS2ifZFnW6g4aV6dYfVyXqXtY0bLkITkE1+3/Ecw7QUa
UJkl5xOzbtXPC91JVOVX0lWuYxvF5LSU5LjxWcAxJIpvx7YX9pe+20hy7fMFA3dk
lFaNXLqjHfE0mLMiLI33GobEKldvJreZNKiWtdkonFkZOiQZlw7N0My0rESM3QZw
wy9Uz/tT3j2AAYtA2ruw/661IxlXqIgDuf6o94eXF9ZKERo+dA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:43 2025 by rpki-client