Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce994b51-2051-4114-a1f2-9e4d82f52f31.roa
File: ce994b51-2051-4114-a1f2-9e4d82f52f31.roa (raw, json)
Hash identifier: RWgMMPgMKaKh9MTwdIHOMtVxxCgj5sTGJ8au2yrVDgc=
Subject key identifier: 5D:F5:76:B4:BA:D6:2E:74:4E:4A:C4:18:5D:D6:C1:CB:7A:7C:25:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3361637BF59EC983A42BCE459ECA1E1584EB83B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce994b51-2051-4114-a1f2-9e4d82f52f31.roa
Signing time: Mon 16 Jun 2025 21:01:16 +0000
ROA not before: Mon 16 Jun 2025 21:01:16 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:61:63:7b:f5:9e:c9:83:a4:2b:ce:45:9e:ca:1e:15:84:eb:83:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:01:16 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=c1b28f1eb64241ec709e58c1744224e54ff8cbfbb26de347ccc80645248b4998, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:68:eb:0c:60:be:56:5c:49:f2:7c:ae:df:c8:
9f:5a:1e:5b:64:82:57:2f:dc:71:00:0d:0a:ee:f9:
8f:d0:f2:91:8c:cd:da:45:a7:6d:6a:df:b2:59:aa:
75:58:2a:59:40:50:a8:97:b4:9b:91:35:48:8d:ba:
52:b7:be:2c:7f:00:92:03:80:98:38:9f:c0:2d:d3:
9d:39:db:18:12:0e:ae:f7:7b:b6:57:9a:3b:68:54:
cc:9d:c7:06:00:2c:9d:36:a1:81:28:01:37:5e:ca:
54:f7:e0:cb:20:7e:ed:f1:d6:ea:28:9b:0a:a9:61:
7e:8c:80:ac:f9:b7:11:03:6d:32:f7:a2:6a:52:47:
2f:26:84:24:94:6a:c6:d7:c0:91:2e:22:20:6a:26:
b9:b2:64:89:4d:7f:28:4a:7b:52:99:dd:9c:cc:3f:
2c:e4:11:56:e4:ae:44:90:82:55:08:5f:fa:f2:2c:
df:e8:fd:77:50:49:34:04:86:1e:0b:10:79:69:e6:
f7:92:4f:72:db:b9:32:f3:2e:c3:fc:6e:39:78:6c:
7e:43:12:0d:53:e7:6a:7a:61:83:ba:6e:de:1b:96:
06:6d:90:1c:91:95:97:4a:8b:b3:98:a4:32:d1:04:
e7:ca:94:1b:ee:1a:77:1b:05:ac:20:e6:10:f9:25:
96:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F5:76:B4:BA:D6:2E:74:4E:4A:C4:18:5D:D6:C1:CB:7A:7C:25:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce994b51-2051-4114-a1f2-9e4d82f52f31.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:c000::/40
Signature Algorithm: sha256WithRSAEncryption
af:9b:ca:87:17:91:28:b0:db:fa:b4:95:c0:70:66:37:0f:6e:
3e:fe:8f:95:63:e8:b6:d2:46:7b:fb:a3:d4:99:9e:7c:f0:b0:
b2:2c:3a:b2:7e:7e:44:c9:87:b2:10:ab:4d:26:cf:f3:b3:66:
14:ad:3b:fd:9e:5e:07:11:07:ad:56:c5:b6:d6:aa:9f:3c:eb:
17:50:ab:28:af:92:4b:91:2c:34:8c:21:02:84:f6:7d:12:60:
e3:4e:22:32:94:c1:10:26:8b:a6:e4:26:b6:b1:3b:3c:1d:fd:
f8:28:69:84:bf:25:99:83:f5:4d:cf:3e:94:d6:37:7b:fb:0a:
cb:1c:e0:ac:39:cb:cd:87:33:f8:71:20:31:2d:14:b8:b7:c1:
17:5c:33:38:c3:12:34:1b:a8:34:72:f8:f0:60:b8:be:31:53:
51:15:e1:c3:9a:4e:a7:6d:c6:d8:dc:ba:61:ae:3f:2e:3c:ef:
30:a1:41:2e:fd:0f:f3:c5:a4:4e:94:34:53:fc:07:e3:09:80:
d3:c3:35:b6:d5:00:95:7a:25:c3:b5:27:ed:7f:ea:8d:95:11:
fe:9b:2f:94:04:57:95:2a:43:3e:52:1d:2f:54:d7:41:f9:0b:
a6:16:e6:e5:a8:61:c4:3c:26:f8:a8:c8:f2:6f:31:56:c4:14:
a1:2f:58:1a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM2Fje/WeyYOkK85FnsoeFYTrg7gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTAxMTZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxYjI4ZjFlYjY0MjQxZWM3MDllNThjMTc0NDIyNGU1NGZmOGNiZmJiMjZk
ZTM0N2NjYzgwNjQ1MjQ4YjQ5OTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFo6wxgvlZcSfJ8rt/In1oeW2SCVy/ccQANCu75j9DykYzN2kWnbWrfslmq
dVgqWUBQqJe0m5E1SI26Ure+LH8AkgOAmDifwC3TnTnbGBIOrvd7tleaO2hUzJ3H
BgAsnTahgSgBN17KVPfgyyB+7fHW6iibCqlhfoyArPm3EQNtMveialJHLyaEJJRq
xtfAkS4iIGomubJkiU1/KEp7UpndnMw/LOQRVuSuRJCCVQhf+vIs3+j9d1BJNASG
HgsQeWnm95JPctu5MvMuw/xuOXhsfkMSDVPnanphg7pu3huWBm2QHJGVl0qLs5ik
MtEE58qUG+4adxsFrCDmEPkllmcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRd9Xa0
utYudE5KxBhd1sHLenwl9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2U5OTRiNTEtMjA1MS00MTE0LWExZjItOWU0ZDgyZjUyZjMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HfA
MA0GCSqGSIb3DQEBCwUAA4IBAQCvm8qHF5EosNv6tJXAcGY3D24+/o+VY+i20kZ7
+6PUmZ588LCyLDqyfn5EyYeyEKtNJs/zs2YUrTv9nl4HEQetVsW21qqfPOsXUKso
r5JLkSw0jCEChPZ9EmDjTiIylMEQJoum5Ca2sTs8Hf34KGmEvyWZg/VNzz6U1jd7
+wrLHOCsOcvNhzP4cSAxLRS4t8EXXDM4wxI0G6g0cvjwYLi+MVNRFeHDmk6nbcbY
3Lphrj8uPO8woUEu/Q/zxaROlDRT/AfjCYDTwzW21QCVeiXDtSftf+qNlRH+my+U
BFeVKkM+Uh0vVNdB+QumFublqGHEPCb4qMjybzFWxBShL1ga
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:11 2025 by rpki-client