Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa
File: e234d9fb-5639-4264-99c1-35b39c1e56b5.roa (raw, json)
Hash identifier: auDtCbIYq27fOylCKOAunTeIkxga5DkvDd2Equ2IO2s=
Subject key identifier: 24:BD:28:0B:1E:DE:85:C1:F1:F9:4A:A4:C6:E7:C7:2B:52:E5:02:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D552FB846EEE5D80CA13326E904FC2FC5B22530
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa
Signing time: Tue 17 Jun 2025 00:41:12 +0000
ROA not before: Tue 17 Jun 2025 00:41:12 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:55:2f:b8:46:ee:e5:d8:0c:a1:33:26:e9:04:fc:2f:c5:b2:25:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:41:12 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=8e15b3ea9fc6954351ab8ae2dc6a2dc394bcfdeddc786665ea4e17272a2e6420, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7b:e8:ee:01:5f:17:b6:93:db:07:7d:23:db:
cb:eb:b8:75:9d:4b:2a:0a:80:05:80:53:39:30:82:
97:08:80:94:96:4a:10:16:a8:0a:aa:85:02:c0:46:
94:af:8e:bf:76:3f:f8:21:a2:5f:11:f1:c0:b1:41:
35:6d:9c:74:30:01:7b:f2:d5:6f:b6:f2:9b:15:16:
bf:20:a8:c3:1a:8b:19:ec:aa:db:fb:2d:4d:b6:b1:
02:c3:5d:d3:d5:a9:92:95:29:4b:8d:5b:48:ab:bf:
42:95:97:f6:b5:c7:60:02:33:b7:ce:b4:27:d2:bd:
26:f7:f0:62:99:32:76:05:a7:5b:22:d3:b3:3c:80:
8f:f0:1b:47:85:79:9e:f3:e2:42:03:7b:74:bd:33:
b4:c1:fa:68:c5:f3:37:39:e2:53:0d:10:8d:be:c1:
b7:52:d2:a2:ad:8e:bf:da:a5:7e:c2:b5:e2:4c:3d:
fb:28:11:f0:a9:22:97:a3:b0:74:64:19:c6:fd:69:
f6:bf:a1:e5:4e:de:2c:b4:5d:a4:20:d9:36:9c:00:
82:29:3f:9f:34:1e:45:ed:26:03:ff:99:a0:ec:48:
53:00:0d:a0:31:b3:a6:d8:6f:87:ac:a2:d6:aa:02:
87:77:94:d4:a9:16:aa:b0:df:26:d1:3c:8c:69:f8:
c1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:BD:28:0B:1E:DE:85:C1:F1:F9:4A:A4:C6:E7:C7:2B:52:E5:02:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:2000::/40
Signature Algorithm: sha256WithRSAEncryption
c7:e8:08:b3:26:92:57:b4:fd:fb:10:ce:94:8e:ad:4f:b6:a6:
b6:13:d2:9a:44:80:23:60:72:52:d6:0a:a2:87:19:7d:a7:8d:
19:bf:5f:a0:6d:8d:a1:97:f4:1a:b5:09:20:2e:c9:1d:16:cf:
3d:d1:05:d4:11:03:d3:10:52:0d:82:8f:19:a1:7d:de:c0:a0:
ce:5a:33:01:cd:d7:78:88:56:38:8c:8c:ab:8d:59:2e:e7:fe:
6d:52:9f:67:7e:87:cf:3d:e8:a5:92:3a:16:fe:c4:59:21:e5:
2f:87:7d:de:9d:08:63:0d:da:ba:2f:f2:b5:65:01:7b:43:1e:
be:8e:6a:42:20:ac:0b:2a:7f:c5:6d:90:d9:44:af:f4:16:40:
71:0b:57:2b:95:bf:df:88:9c:da:cf:8f:4e:bc:a5:f9:3a:4c:
aa:c4:88:7d:ba:02:07:3e:33:72:d0:f7:ad:c9:06:5f:68:5a:
79:aa:7c:10:11:4b:4a:ac:b2:f7:4d:04:d1:7a:56:fd:bd:d2:
3b:36:85:38:b2:0c:e2:23:fb:ad:58:65:bc:bf:0f:52:09:73:
fe:8d:ff:71:99:34:bd:20:81:3c:4d:d5:96:09:98:8e:d9:d4:
33:1a:fd:ad:aa:f7:b9:58:7a:c9:7c:5b:ea:ec:72:aa:9c:d0:
1a:a1:dc:5b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXVUvuEbu5dgMoTMm6QT8L8WyJTAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQxMTJaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlMTViM2VhOWZjNjk1NDM1MWFiOGFlMmRjNmEyZGMzOTRiY2ZkZWRkYzc4
NjY2NWVhNGUxNzI3MmEyZTY0MjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK176O4BXxe2k9sHfSPby+u4dZ1LKgqABYBTOTCClwiAlJZKEBaoCqqFAsBG
lK+Ov3Y/+CGiXxHxwLFBNW2cdDABe/LVb7bymxUWvyCowxqLGeyq2/stTbaxAsNd
09WpkpUpS41bSKu/QpWX9rXHYAIzt860J9K9JvfwYpkydgWnWyLTszyAj/AbR4V5
nvPiQgN7dL0ztMH6aMXzNzniUw0Qjb7Bt1LSoq2Ov9qlfsK14kw9+ygR8Kkil6Ow
dGQZxv1p9r+h5U7eLLRdpCDZNpwAgik/nzQeRe0mA/+ZoOxIUwANoDGzpthvh6yi
1qoCh3eU1KkWqrDfJtE8jGn4wasCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQkvSgL
Ht6FwfH5SqTG58crUuUCVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTIzNGQ5ZmItNTYzOS00MjY0LTk5YzEtMzViMzljMWU1NmI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8g
MA0GCSqGSIb3DQEBCwUAA4IBAQDH6AizJpJXtP37EM6Ujq1Ptqa2E9KaRIAjYHJS
1gqihxl9p40Zv1+gbY2hl/QatQkgLskdFs890QXUEQPTEFINgo8ZoX3ewKDOWjMB
zdd4iFY4jIyrjVku5/5tUp9nfofPPeilkjoW/sRZIeUvh33enQhjDdq6L/K1ZQF7
Qx6+jmpCIKwLKn/FbZDZRK/0FkBxC1crlb/fiJzaz49OvKX5OkyqxIh9ugIHPjNy
0PetyQZfaFp5qnwQEUtKrLL3TQTRelb9vdI7NoU4sgziI/utWGW8vw9SCXP+jf9x
mTS9IIE8TdWWCZiO2dQzGv2tqve5WHrJfFvq7HKqnNAaodxb
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:50:03 2025 by rpki-client