Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
File: d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa (raw, json)
Hash identifier: +ibC4vq2aKDE9DXkxolF5TyI8IT2SF+eUsgSigUHjL0=
Subject key identifier: 95:3B:9B:2C:3B:34:6E:42:99:0B:38:73:1A:4C:32:F3:98:73:7C:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74C738051AC134C4BDEA7A6820BCEA8F61E0BF4B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
Signing time: Thu 26 Jun 2025 19:38:45 +0000
ROA not before: Thu 26 Jun 2025 19:38:45 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:c7:38:05:1a:c1:34:c4:bd:ea:7a:68:20:bc:ea:8f:61:e0:bf:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:38:45 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=3e8306d30261e7ca68393d5b7fe8aa18745caf4fbee5fd8087220a4caecb266b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b6:4f:d2:7e:8f:cf:fa:ad:56:3e:bb:8e:b9:
14:cb:3b:9c:fc:1a:84:26:44:7f:0f:68:20:63:3a:
c8:63:9c:72:e6:1f:94:bc:af:e8:f5:c8:1d:8d:cf:
ef:13:be:c3:d9:11:9a:78:0f:c5:fb:81:90:33:a2:
5c:1b:06:6e:7f:48:1e:3e:f3:44:ef:94:1d:d5:5b:
da:25:a3:10:12:f4:0c:3b:fd:32:85:9c:f2:11:dc:
96:05:87:cf:fd:25:dd:f8:21:5b:fa:ce:94:8d:cf:
f3:49:88:01:25:8b:19:99:9b:e4:a9:c0:7d:8d:dd:
17:9f:0f:a7:6e:75:a1:ae:cd:94:0f:73:90:9f:7c:
fa:f7:31:3f:eb:ff:4a:a2:b8:c4:6c:4d:be:1f:4b:
8c:48:55:b7:a2:7c:64:e2:72:69:86:0a:45:74:6d:
cb:3e:a7:02:ea:c2:f9:18:3c:08:cf:bd:33:13:95:
be:48:1d:e2:b3:e3:df:0b:34:80:0e:28:5e:b4:dc:
c8:b8:b0:d9:ce:41:29:41:aa:5a:c8:0c:26:3f:70:
44:e5:52:84:75:55:1c:67:c0:64:1b:ea:8b:75:9e:
79:b2:5a:6c:e7:f3:b8:3f:5a:ce:12:ea:81:95:d4:
9e:8d:fe:e0:45:1f:50:41:83:64:30:2d:64:bc:79:
70:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:3B:9B:2C:3B:34:6E:42:99:0B:38:73:1A:4C:32:F3:98:73:7C:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:840::/46
Signature Algorithm: sha256WithRSAEncryption
39:1c:77:14:63:fe:f3:d0:0b:33:8f:a8:03:e3:4e:53:d2:5c:
21:5b:a0:6c:63:7f:ef:82:53:77:bf:09:cb:ca:39:4a:52:b4:
b0:19:33:48:93:ef:26:fd:89:a5:86:6c:b7:42:46:08:09:4c:
99:89:28:5f:b6:d0:57:53:22:7b:98:07:e8:8e:93:d8:63:9c:
c8:34:fa:5f:b7:ee:a0:08:24:41:4c:35:f6:08:d4:df:2c:03:
68:a5:a6:93:28:68:83:65:d1:2c:1b:a7:97:17:ef:2a:49:7f:
16:71:b6:40:e0:63:4c:ca:84:b5:4e:56:60:43:d8:c1:04:8d:
3e:d6:d8:b4:ee:ed:c3:34:a4:4e:a7:36:fb:20:09:ff:24:b1:
6b:a8:66:0d:91:9b:5c:f4:2e:d8:d6:41:00:0c:90:09:07:44:
40:b3:da:7e:a2:29:ba:f1:0d:b0:66:45:88:e0:f2:7f:a2:1c:
fc:cd:2a:c5:ac:b9:7f:95:59:60:1d:ec:3d:24:96:d1:da:18:
f7:3a:68:62:bf:00:00:bc:5d:06:2b:eb:fd:53:c1:90:14:b7:
a5:f7:60:b5:19:10:12:28:90:62:7d:da:52:ce:24:33:2a:8b:
ef:e1:4b:02:07:b4:2c:29:47:93:42:07:82:4d:2f:1c:27:2d:
f7:90:92:64
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdMc4BRrBNMS96npoILzqj2Hgv0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM4NDVaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlODMwNmQzMDI2MWU3Y2E2ODM5M2Q1YjdmZThhYTE4NzQ1Y2FmNGZiZWU1
ZmQ4MDg3MjIwYTRjYWVjYjI2NmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK22T9J+j8/6rVY+u465FMs7nPwahCZEfw9oIGM6yGOccuYflLyv6PXIHY3P
7xO+w9kRmngPxfuBkDOiXBsGbn9IHj7zRO+UHdVb2iWjEBL0DDv9MoWc8hHclgWH
z/0l3fghW/rOlI3P80mIASWLGZmb5KnAfY3dF58Pp251oa7NlA9zkJ98+vcxP+v/
SqK4xGxNvh9LjEhVt6J8ZOJyaYYKRXRtyz6nAurC+Rg8CM+9MxOVvkgd4rPj3ws0
gA4oXrTcyLiw2c5BKUGqWsgMJj9wROVShHVVHGfAZBvqi3WeebJabOfzuD9azhLq
gZXUno3+4EUfUEGDZDAtZLx5cLkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSVO5ss
OzRuQpkLOHMaTDLzmHN8nzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDMxZTRiMWItMGZhOS00NTQ5LWE2ZmEtM2E2ZWI5NGVlZjJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMI
QDANBgkqhkiG9w0BAQsFAAOCAQEAORx3FGP+89ALM4+oA+NOU9JcIVugbGN/74JT
d78Jy8o5SlK0sBkzSJPvJv2JpYZst0JGCAlMmYkoX7bQV1Mie5gH6I6T2GOcyDT6
X7fuoAgkQUw19gjU3ywDaKWmkyhog2XRLBunlxfvKkl/FnG2QOBjTMqEtU5WYEPY
wQSNPtbYtO7twzSkTqc2+yAJ/ySxa6hmDZGbXPQu2NZBAAyQCQdEQLPafqIpuvEN
sGZFiODyf6Ic/M0qxay5f5VZYB3sPSSW0doY9zpoYr8AALxdBivr/VPBkBS3pfdg
tRkQEiiQYn3aUs4kMyqL7+FLAge0LClHk0IHgk0vHCct95CSZA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:17 2025 by rpki-client