Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e348b574-c707-42a9-9b58-f3215857ae07.roa
File: e348b574-c707-42a9-9b58-f3215857ae07.roa (raw, json)
Hash identifier: nGcYHHfQtx9KBZ+oeoVQuLYzaPSMLSBTiplWDQe6Z3g=
Subject key identifier: 42:BA:71:EB:E1:5C:15:72:5B:16:F3:C6:94:1A:0D:58:28:B4:61:D1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5AB7DEF7EE9D065D8C564A193719C329285A0D96
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e348b574-c707-42a9-9b58-f3215857ae07.roa
Signing time: Mon 16 Jun 2025 19:51:52 +0000
ROA not before: Mon 16 Jun 2025 19:51:52 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:b7:de:f7:ee:9d:06:5d:8c:56:4a:19:37:19:c3:29:28:5a:0d:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:51:52 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=2fb035bdaf1c10961e4a2b2694adc2614bbfc84acfb2400cacea069191ebed0f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:51:ce:1b:44:96:47:c1:10:07:f3:d1:bb:f6:
ec:30:9f:69:c6:9e:84:17:3d:2a:0e:5c:b8:7e:ab:
53:3c:36:f2:f0:8c:f5:25:59:f2:bb:31:12:d9:3d:
ed:13:1e:30:50:4d:27:42:28:50:0a:44:44:0d:c1:
0d:49:80:68:89:17:7d:9f:9c:c9:02:e8:3e:27:20:
07:6a:25:1f:ff:89:91:8e:90:77:66:48:21:a7:8c:
01:5a:e1:a8:65:62:a7:cd:85:92:49:fa:81:e8:e9:
8c:4d:cf:01:d8:64:ae:73:e0:3f:31:f6:b0:9c:2f:
ce:e4:20:66:4a:fd:8c:49:66:9c:0f:54:b8:d1:d0:
9e:61:85:b9:d3:fb:21:d2:da:b7:e9:7f:65:10:f0:
70:6d:9a:b4:6d:2c:82:85:23:8d:a3:9e:7c:90:df:
98:59:2a:99:ae:f5:30:79:b3:4d:cf:83:a6:5b:2d:
13:0f:8d:2b:32:04:4b:db:a6:e1:32:48:ec:08:93:
5e:f5:84:dd:d2:0a:04:a4:59:b6:e6:ab:0c:fa:40:
97:c7:81:a4:73:8f:94:b7:b1:ec:7d:70:23:a4:3b:
8b:2e:8b:95:64:b7:ae:c8:90:d4:b0:2a:51:54:d5:
25:29:a2:de:e4:29:a3:11:81:a8:5e:73:08:9f:a3:
d1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:BA:71:EB:E1:5C:15:72:5B:16:F3:C6:94:1A:0D:58:28:B4:61:D1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e348b574-c707-42a9-9b58-f3215857ae07.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a080::/48
Signature Algorithm: sha256WithRSAEncryption
3e:13:a5:cc:9e:df:de:b4:54:c3:93:d2:8c:b5:8b:64:bb:36:
95:e1:fc:77:93:e7:2a:17:c8:52:b8:4f:71:17:98:4a:c1:1f:
29:0e:6f:0e:79:63:70:52:fb:c8:6e:7f:e6:26:b4:e6:0c:14:
78:0b:d5:f7:a9:60:59:e2:88:63:26:de:38:ec:f9:23:2f:cc:
1e:f3:e4:a5:ad:18:71:44:ec:a2:c1:8f:a8:d9:15:a2:3d:97:
fe:ba:08:da:0d:32:67:39:c8:af:d5:a0:f4:53:eb:1b:00:1b:
47:3c:18:66:39:ef:00:7c:0d:a2:b0:3c:84:90:e7:17:cf:51:
e7:2d:08:50:9f:b3:06:3e:16:0f:11:60:04:28:05:9b:8c:02:
9b:fc:31:c9:06:65:4e:f1:5b:50:84:fe:97:cd:86:13:9e:f6:
c2:b7:bf:f5:05:af:0c:17:35:b9:fe:c8:5a:a7:af:b7:3a:01:
32:53:f5:26:ad:d3:29:69:8e:21:99:62:5f:71:0f:fb:da:9a:
28:58:d8:04:4e:bb:cc:31:5b:6e:41:46:7e:57:62:50:10:f8:
20:fc:2d:65:6d:86:2b:a2:b7:ab:5b:76:57:68:a2:c8:77:8d:
72:74:44:e7:79:4b:be:dc:af:ef:c3:38:bf:30:c5:0b:5f:39:
a9:de:54:fd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWrfe9+6dBl2MVkoZNxnDKShaDZYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUxNTJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmYjAzNWJkYWYxYzEwOTYxZTRhMmIyNjk0YWRjMjYxNGJiZmM4NGFjZmIy
NDAwY2FjZWEwNjkxOTFlYmVkMGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZRzhtElkfBEAfz0bv27DCfacaehBc9Kg5cuH6rUzw28vCM9SVZ8rsxEtk9
7RMeMFBNJ0IoUApERA3BDUmAaIkXfZ+cyQLoPicgB2olH/+JkY6Qd2ZIIaeMAVrh
qGVip82Fkkn6gejpjE3PAdhkrnPgPzH2sJwvzuQgZkr9jElmnA9UuNHQnmGFudP7
IdLat+l/ZRDwcG2atG0sgoUjjaOefJDfmFkqma71MHmzTc+DplstEw+NKzIES9um
4TJI7AiTXvWE3dIKBKRZtuarDPpAl8eBpHOPlLex7H1wI6Q7iy6LlWS3rsiQ1LAq
UVTVJSmi3uQpoxGBqF5zCJ+j0XkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRCunHr
4VwVclsW88aUGg1YKLRh0TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTM0OGI1NzQtYzcwNy00MmE5LTliNTgtZjMyMTU4NTdhZTA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg
gDANBgkqhkiG9w0BAQsFAAOCAQEAPhOlzJ7f3rRUw5PSjLWLZLs2leH8d5PnKhfI
UrhPcReYSsEfKQ5vDnljcFL7yG5/5ia05gwUeAvV96lgWeKIYybeOOz5Iy/MHvPk
pa0YcUTsosGPqNkVoj2X/roI2g0yZznIr9Wg9FPrGwAbRzwYZjnvAHwNorA8hJDn
F89R5y0IUJ+zBj4WDxFgBCgFm4wCm/wxyQZlTvFbUIT+l82GE572wre/9QWvDBc1
uf7IWqevtzoBMlP1Jq3TKWmOIZliX3EP+9qaKFjYBE67zDFbbkFGfldiUBD4IPwt
ZW2GK6K3q1t2V2iiyHeNcnRE53lLvtyv78M4vzDFC185qd5U/Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:40 2025 by rpki-client