Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f1951bda-59cd-4b11-b7a1-19b1f5d32116.roa
File: f1951bda-59cd-4b11-b7a1-19b1f5d32116.roa (raw, json)
Hash identifier: vj3O+N584HRTJ0YObXhbfw10m5vrZLbg3hLWpoWvFa8=
Subject key identifier: 8A:4B:A8:3E:9A:69:FE:64:2E:EA:E7:33:59:2D:4A:FF:AC:D0:63:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F455BC9BFE68320B3418F63DD697D7E304736CA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f1951bda-59cd-4b11-b7a1-19b1f5d32116.roa
Signing time: Mon 16 Jun 2025 20:00:09 +0000
ROA not before: Mon 16 Jun 2025 20:00:09 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:45:5b:c9:bf:e6:83:20:b3:41:8f:63:dd:69:7d:7e:30:47:36:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:09 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=93dae62c337f51b99c6f4308fe250d89bae9200fb59f4ab012eb0b459f32abe9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:77:31:ab:49:1b:3f:50:1e:91:93:59:25:e5:
6c:c2:6d:64:84:5a:b5:de:dc:81:d7:a4:86:1a:e2:
17:35:b4:bd:81:50:2f:73:86:16:55:0a:70:8c:69:
e7:b1:61:a1:d6:8b:4b:0d:e9:95:bd:a8:8f:e2:10:
1e:79:f8:0f:63:6d:3d:ae:c6:45:67:92:be:87:0a:
2a:f8:c2:24:e8:9a:bc:6a:49:c7:ef:06:10:7f:15:
6b:cd:73:4e:7a:74:c4:b0:6b:f3:e3:52:4a:a3:e8:
b7:09:41:d2:97:6d:36:71:fc:33:63:ed:5f:3c:22:
4b:90:46:1d:0c:59:40:67:e1:ae:2d:61:99:6d:66:
12:bb:e7:e9:42:94:5f:03:3a:2a:6c:cb:7e:24:b9:
5c:fd:40:58:7b:5d:00:20:93:bc:30:0b:3a:31:c3:
f8:27:8a:d4:83:c6:c8:ba:5e:f5:0b:2c:cd:be:fb:
4b:d2:12:a5:16:00:51:7b:ac:b9:4e:dc:55:d1:e7:
23:03:97:c0:a4:d8:0d:a3:53:ec:28:a6:63:1e:19:
27:b3:26:25:2b:18:f3:b6:e3:c0:5f:97:73:8d:b7:
2f:96:aa:f8:40:fc:35:07:70:01:e3:7d:47:70:db:
cc:5c:a9:ed:ab:46:c8:1f:5e:88:31:6a:14:df:ed:
f2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4B:A8:3E:9A:69:FE:64:2E:EA:E7:33:59:2D:4A:FF:AC:D0:63:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f1951bda-59cd-4b11-b7a1-19b1f5d32116.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:5080::/48
Signature Algorithm: sha256WithRSAEncryption
9d:2b:ce:af:e5:d8:3c:80:ca:4e:20:65:11:92:33:f2:90:bc:
f7:3c:d9:73:d3:b2:54:41:70:ab:c0:df:d7:dc:9a:64:f9:09:
c3:fa:5e:a8:83:3d:87:1a:95:78:95:05:13:64:96:2d:f0:e5:
db:a2:e4:96:00:61:17:bb:49:b0:8a:0a:0d:b6:20:c2:49:b2:
a5:9a:fc:fa:67:0b:8f:26:34:5c:1e:d9:62:58:ae:03:46:05:
8f:3f:2c:eb:8a:8a:2f:e6:d9:ad:cb:59:14:b3:bc:7b:32:50:
24:86:d0:14:a1:02:37:f8:a4:5a:55:91:bb:2b:fb:bf:e7:49:
c9:27:0e:3d:b2:9d:0a:91:15:bd:f1:fa:c2:82:33:8f:1c:87:
c9:9d:04:d7:4d:ca:7e:0b:c6:79:4c:06:fd:fa:e6:50:76:92:
2f:39:7f:d7:5c:82:de:c2:e6:fc:16:9c:f9:81:64:8f:6f:da:
dd:4f:eb:31:45:b4:33:bb:3d:c8:47:d3:29:68:cf:63:b7:5a:
0d:e6:4a:2c:b3:11:b8:a2:7e:9b:bd:08:fc:d1:9a:2f:48:6a:
46:0a:65:90:6e:fd:30:78:e9:c3:05:f0:ec:1c:70:12:0b:78:
f9:44:1d:31:73:8f:db:f9:59:e4:d9:5a:40:83:75:12:2f:a7:
d4:54:73:29
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUb0Vbyb/mgyCzQY9j3Wl9fjBHNsowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwMDlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzZGFlNjJjMzM3ZjUxYjk5YzZmNDMwOGZlMjUwZDg5YmFlOTIwMGZiNTlm
NGFiMDEyZWIwYjQ1OWYzMmFiZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN13MatJGz9QHpGTWSXlbMJtZIRatd7cgdekhhriFzW0vYFQL3OGFlUKcIxp
57FhodaLSw3plb2oj+IQHnn4D2NtPa7GRWeSvocKKvjCJOiavGpJx+8GEH8Va81z
Tnp0xLBr8+NSSqPotwlB0pdtNnH8M2PtXzwiS5BGHQxZQGfhri1hmW1mErvn6UKU
XwM6KmzLfiS5XP1AWHtdACCTvDALOjHD+CeK1IPGyLpe9Qsszb77S9ISpRYAUXus
uU7cVdHnIwOXwKTYDaNT7CimYx4ZJ7MmJSsY87bjwF+Xc423L5aq+ED8NQdwAeN9
R3DbzFyp7atGyB9eiDFqFN/t8vkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSKS6g+
mmn+ZC7q5zNZLUr/rNBjqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjE5NTFiZGEtNTljZC00YjExLWI3YTEtMTliMWY1ZDMyMTE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAnSvOr+XYPIDKTiBlEZIz8pC89zzZc9OyVEFw
q8Df19yaZPkJw/peqIM9hxqVeJUFE2SWLfDl26LklgBhF7tJsIoKDbYgwkmypZr8
+mcLjyY0XB7ZYliuA0YFjz8s64qKL+bZrctZFLO8ezJQJIbQFKECN/ikWlWRuyv7
v+dJyScOPbKdCpEVvfH6woIzjxyHyZ0E103KfgvGeUwG/frmUHaSLzl/11yC3sLm
/Bac+YFkj2/a3U/rMUW0M7s9yEfTKWjPY7daDeZKLLMRuKJ+m70I/NGaL0hqRgpl
kG79MHjpwwXw7BxwEgt4+UQdMXOP2/lZ5NlaQIN1Ei+n1FRzKQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:00:20 2025 by rpki-client