Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
File: dc148af9-68cc-4a7f-b7fd-6ac691016888.roa (raw, json)
Hash identifier: q4VHKUsrQEDm7+8/y9Re3XXwdyTUcDabODy/KbWuHlE=
Subject key identifier: F1:3B:BE:B1:AF:D0:55:19:B6:EC:76:8E:49:72:94:8A:32:24:51:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46AD246121B1AE1EE8FCB24AC43A2B30015B9995
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
Signing time: Mon 16 Jun 2025 21:41:03 +0000
ROA not before: Mon 16 Jun 2025 21:41:03 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:ad:24:61:21:b1:ae:1e:e8:fc:b2:4a:c4:3a:2b:30:01:5b:99:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:41:03 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=e5d400a3f75d4f0d80e41c76a5113874ba865c0f9b53d246071c74e9b10394fe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:5b:77:83:c3:61:bb:8a:14:3f:22:9c:46:5c:
b8:ba:e1:4d:6f:21:87:19:2d:6d:44:16:9d:b7:43:
db:1d:45:86:3a:ad:96:d7:fe:4f:9d:57:04:6c:1e:
b0:3a:93:bf:95:11:f6:55:8b:a5:29:76:0c:00:97:
34:43:29:78:af:30:ca:e5:5b:e8:b7:0a:c2:b6:eb:
3f:10:8c:9a:e4:9e:aa:84:8a:53:76:6f:66:07:e9:
40:07:8d:40:c9:92:99:ea:c5:89:ff:af:e5:83:b4:
fd:53:62:22:3b:11:2c:90:93:87:0a:ef:40:0e:d4:
c2:75:12:35:ed:8d:bc:fb:59:a5:0e:8b:35:ea:85:
16:3e:1a:df:9d:33:7e:30:03:58:66:21:25:43:6a:
ed:d0:fa:44:a7:83:f0:a9:67:03:4d:73:fa:be:bf:
7d:24:a7:2e:50:4e:cf:e2:58:0d:b3:5c:bd:0c:e6:
90:62:f8:b6:97:6f:72:1d:e1:45:98:07:cf:51:dd:
4c:af:a2:fb:54:1a:3d:39:05:d7:04:fb:53:0f:9a:
e0:7a:83:25:ce:91:c2:4d:f7:42:b8:6c:5c:a8:4d:
69:37:54:07:be:98:7c:87:85:48:3e:f2:43:15:80:
ca:f4:f0:78:84:b1:9b:71:f1:99:fa:2f:ed:ed:46:
c3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:3B:BE:B1:AF:D0:55:19:B6:EC:76:8E:49:72:94:8A:32:24:51:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025::/36
Signature Algorithm: sha256WithRSAEncryption
93:43:c4:35:4f:90:16:42:93:1d:77:34:1a:c2:31:d6:04:25:
82:71:eb:b7:52:6b:fd:70:e0:8f:d8:44:2b:e1:0f:99:8b:1c:
dd:51:a8:f5:76:b1:e4:59:3b:64:df:5b:44:72:c8:5b:11:ca:
1c:5a:f3:c0:03:45:16:fb:0b:b5:3a:08:cd:e0:ca:a6:fc:41:
10:53:c5:72:49:73:29:6e:db:9b:f7:72:c3:f7:db:d0:3d:b5:
de:42:6f:c0:08:7d:91:ab:19:7b:c8:ba:0f:b7:cb:e4:d1:10:
d3:c0:61:0b:07:6e:27:b2:e4:61:00:45:3a:95:fc:ea:3b:92:
3f:4e:f8:be:9f:7e:11:a7:0e:5a:90:6d:62:d7:ee:6f:28:26:
8e:38:4c:ef:12:7a:f1:7a:3c:59:dc:f7:1d:30:2a:1f:ae:91:
5e:13:ce:ab:5a:8c:89:54:dc:e4:e9:50:c9:9e:03:62:5e:93:
33:9b:54:15:ed:6b:66:e8:45:bb:f2:38:80:87:19:ca:80:87:
67:8e:d4:b7:b4:90:76:83:65:28:15:cc:8d:ab:53:26:ca:ed:
10:9c:00:fd:92:17:d6:1e:7c:59:84:41:15:30:6b:36:60:44:
83:b8:6a:b0:10:66:8b:1f:2d:19:86:1d:de:a6:30:0a:4d:6f:
65:41:b5:42
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURq0kYSGxrh7o/LJKxDorMAFbmZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQxMDNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1ZDQwMGEzZjc1ZDRmMGQ4MGU0MWM3NmE1MTEzODc0YmE4NjVjMGY5YjUz
ZDI0NjA3MWM3NGU5YjEwMzk0ZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOBbd4PDYbuKFD8inEZcuLrhTW8hhxktbUQWnbdD2x1Fhjqtltf+T51XBGwe
sDqTv5UR9lWLpSl2DACXNEMpeK8wyuVb6LcKwrbrPxCMmuSeqoSKU3ZvZgfpQAeN
QMmSmerFif+v5YO0/VNiIjsRLJCThwrvQA7UwnUSNe2NvPtZpQ6LNeqFFj4a350z
fjADWGYhJUNq7dD6RKeD8KlnA01z+r6/fSSnLlBOz+JYDbNcvQzmkGL4tpdvch3h
RZgHz1HdTK+i+1QaPTkF1wT7Uw+a4HqDJc6Rwk33QrhsXKhNaTdUB76YfIeFSD7y
QxWAyvTweISxm3Hxmfov7e1Gw4kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTxO76x
r9BVGbbsdo5JcpSKMiRR5zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGMxNDhhZjktNjhjYy00YTdmLWI3ZmQtNmFjNjkxMDE2ODg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUA
MA0GCSqGSIb3DQEBCwUAA4IBAQCTQ8Q1T5AWQpMddzQawjHWBCWCceu3Umv9cOCP
2EQr4Q+ZixzdUaj1drHkWTtk31tEcshbEcocWvPAA0UW+wu1OgjN4Mqm/EEQU8Vy
SXMpbtub93LD99vQPbXeQm/ACH2Rqxl7yLoPt8vk0RDTwGELB24nsuRhAEU6lfzq
O5I/Tvi+n34Rpw5akG1i1+5vKCaOOEzvEnrxejxZ3PcdMCofrpFeE86rWoyJVNzk
6VDJngNiXpMzm1QV7Wtm6EW78jiAhxnKgIdnjtS3tJB2g2UoFcyNq1Mmyu0QnAD9
khfWHnxZhEEVMGs2YESDuGqwEGaLHy0Zhh3epjAKTW9lQbVC
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:00:12 2025 by rpki-client