Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2d9776f-9750-4d76-93f4-210836f1105b.roa
File: e2d9776f-9750-4d76-93f4-210836f1105b.roa (raw, json)
Hash identifier: 94mrjUNRh3Dp0RVEV7l/eq/SuIFW3DPncEnzoGie4ZI=
Subject key identifier: 57:5C:3B:EC:7E:6D:3E:B7:F7:4B:67:64:E0:69:2B:DE:89:43:19:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 648D7E1B1922053AEFDC07882F8220C7A8F2D275
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2d9776f-9750-4d76-93f4-210836f1105b.roa
Signing time: Thu 26 Jun 2025 19:38:54 +0000
ROA not before: Thu 26 Jun 2025 19:38:54 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:c020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:8d:7e:1b:19:22:05:3a:ef:dc:07:88:2f:82:20:c7:a8:f2:d2:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:38:54 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=cff42001b6d70387ece866a62c171278b56da533929a91d5f6c6ca08bf1d5e11, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:bc:fb:f1:46:8b:0d:19:66:10:9c:8a:8e:a9:
90:8e:90:46:f4:7e:91:90:a0:70:db:4b:1d:ed:53:
f9:eb:ab:03:b2:15:0d:28:16:85:90:42:4e:ca:62:
d9:d1:71:6b:c1:42:00:39:d7:21:f5:b6:28:1c:e9:
3c:19:9a:72:8f:df:df:9e:a1:da:b9:e6:6d:a6:51:
75:54:5d:23:ad:be:87:c4:60:04:b0:e7:72:11:c9:
5f:cd:d2:b1:8b:b5:ff:d6:6e:d0:6d:46:07:5e:73:
54:8b:3f:4e:22:63:81:27:46:08:89:9c:5c:89:d6:
67:1c:5d:cd:11:cb:7f:a7:80:a7:73:1a:3a:82:8d:
fc:66:f3:06:d5:33:11:48:af:f7:5d:d8:40:9c:78:
57:a8:21:65:e5:ab:1a:45:22:f2:6d:92:97:75:9f:
33:31:b2:59:36:7b:38:0c:c0:6c:2b:9e:f3:4a:bf:
1f:c4:49:0c:92:a4:05:80:15:43:b4:cf:db:38:f6:
77:81:a7:4d:e1:c5:ae:8c:63:81:99:0d:09:51:48:
6a:54:08:58:73:fa:6b:c6:93:00:fe:a9:15:26:45:
ae:4d:02:c5:fb:d2:d0:ef:e1:c9:63:80:89:9e:7a:
4c:5c:9a:0a:0c:67:9b:cb:7d:5a:90:4c:03:e2:27:
b0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:5C:3B:EC:7E:6D:3E:B7:F7:4B:67:64:E0:69:2B:DE:89:43:19:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2d9776f-9750-4d76-93f4-210836f1105b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:c020::/46
Signature Algorithm: sha256WithRSAEncryption
32:35:5a:e3:97:60:80:43:e7:66:db:f8:70:d7:2d:f6:a1:d4:
ce:72:c2:67:8d:a0:da:31:15:df:94:bd:22:82:e3:0c:08:e5:
6c:a3:32:1e:99:58:59:ea:40:d0:cf:a6:4d:8e:25:c0:4c:e4:
0c:3f:13:a5:56:a8:34:7e:dd:71:bc:c3:ce:4d:2b:f7:2d:02:
e8:c7:c5:a4:3d:6c:a1:e8:21:26:03:e5:ee:65:b1:51:c5:c8:
5b:4a:8f:33:fb:aa:95:67:62:5f:c8:f9:fd:ed:3d:55:60:f8:
0d:17:4f:c3:fd:1d:41:88:78:a3:13:9c:54:de:ad:44:43:bf:
c1:a2:69:b7:2e:93:04:09:ee:b9:a7:98:cd:cd:35:af:8a:c2:
c2:bc:35:70:ed:d0:79:63:e5:a3:4b:27:27:7a:32:89:ee:a7:
8f:8f:b0:37:f1:c3:99:cf:fd:d0:65:5f:60:f0:2b:a0:3f:60:
8a:73:fd:c3:f0:ab:60:2f:95:36:b9:96:cd:e6:f6:9e:76:70:
59:b8:dc:b2:f1:80:f7:51:fe:7d:b8:57:3c:4e:80:73:b1:53:
14:2d:73:aa:41:0f:b7:80:d4:8d:de:66:02:36:64:5c:c5:34:
81:d0:db:77:27:bc:1b:28:7e:aa:c6:fa:bb:66:e1:f4:fd:10:
b7:4b:d5:45
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZI1+GxkiBTrv3AeIL4Igx6jy0nUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM4NTRaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmZjQyMDAxYjZkNzAzODdlY2U4NjZhNjJjMTcxMjc4YjU2ZGE1MzM5Mjlh
OTFkNWY2YzZjYTA4YmYxZDVlMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMO8+/FGiw0ZZhCcio6pkI6QRvR+kZCgcNtLHe1T+eurA7IVDSgWhZBCTspi
2dFxa8FCADnXIfW2KBzpPBmaco/f356h2rnmbaZRdVRdI62+h8RgBLDnchHJX83S
sYu1/9Zu0G1GB15zVIs/TiJjgSdGCImcXInWZxxdzRHLf6eAp3MaOoKN/GbzBtUz
EUiv913YQJx4V6ghZeWrGkUi8m2Sl3WfMzGyWTZ7OAzAbCue80q/H8RJDJKkBYAV
Q7TP2zj2d4GnTeHFroxjgZkNCVFIalQIWHP6a8aTAP6pFSZFrk0CxfvS0O/hyWOA
iZ56TFyaCgxnm8t9WpBMA+InsOUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRXXDvs
fm0+t/dLZ2TgaSveiUMZVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTJkOTc3NmYtOTc1MC00ZDc2LTkzZjQtMjEwODM2ZjExMDViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPA
IDANBgkqhkiG9w0BAQsFAAOCAQEAMjVa45dggEPnZtv4cNct9qHUznLCZ42g2jEV
35S9IoLjDAjlbKMyHplYWepA0M+mTY4lwEzkDD8TpVaoNH7dcbzDzk0r9y0C6MfF
pD1soeghJgPl7mWxUcXIW0qPM/uqlWdiX8j5/e09VWD4DRdPw/0dQYh4oxOcVN6t
REO/waJpty6TBAnuuaeYzc01r4rCwrw1cO3QeWPlo0snJ3oyie6nj4+wN/HDmc/9
0GVfYPAroD9ginP9w/CrYC+VNrmWzeb2nnZwWbjcsvGA91H+fbhXPE6Ac7FTFC1z
qkEPt4DUjd5mAjZkXMU0gdDbdye8Gyh+qsb6u2bh9P0Qt0vVRQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:29:04 2025 by rpki-client