Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
File: f51bf20f-531a-411e-baff-37a38bc29ce9.roa (raw, json)
Hash identifier: 4I2pAslT6Fc3Qr6KhLNOr2QAwPXmbCaSheZgHyul33o=
Subject key identifier: 20:36:35:4E:2B:65:04:A0:06:1E:B7:A3:35:DC:E7:9F:23:EF:4B:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4557B42F4BFC4425CD201FE176E151D2F0CA2F5A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
Signing time: Mon 16 Jun 2025 20:00:03 +0000
ROA not before: Mon 16 Jun 2025 20:00:03 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:57:b4:2f:4b:fc:44:25:cd:20:1f:e1:76:e1:51:d2:f0:ca:2f:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:03 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=5b10bba6944ea663adf062a7e4f9f76015937deeb7b1d520a5d97803f01dd398, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f2:0a:77:7b:8d:5a:94:67:45:04:4f:af:01:
e5:c3:79:d8:4b:a0:ce:eb:8d:bf:e6:da:27:48:17:
84:94:18:19:a3:8a:d8:78:65:a6:f8:25:70:10:d4:
12:5f:ef:36:45:2e:3a:ae:0e:91:a3:cd:74:67:31:
8c:ed:41:20:2e:6d:63:65:b8:8b:14:72:02:7c:f8:
9e:2d:a6:03:f6:d6:d7:47:44:20:4f:f2:aa:ac:fe:
e1:73:92:c0:94:0e:03:14:0b:c4:db:a9:6f:7e:62:
4b:74:f0:ce:15:ed:08:6c:c6:3d:cd:de:ee:81:28:
62:0f:55:4e:1f:83:93:66:4d:2d:18:29:03:49:35:
0a:ae:94:0d:e7:30:19:1a:d3:c8:eb:bc:c7:4d:4b:
bf:e8:1e:16:6b:5f:f3:4a:2a:1d:20:88:d6:84:8a:
0e:e6:8d:f9:70:d2:f3:7e:76:9e:75:53:b0:5a:c6:
70:d2:57:05:72:8e:a2:81:98:1f:7b:e0:54:1b:f1:
64:85:df:dc:34:83:0a:13:65:8d:27:d5:7c:40:7c:
b1:86:33:81:40:e7:58:e2:3c:9f:42:a4:e6:b5:92:
2b:12:e8:98:14:24:e9:c1:28:f5:59:c0:07:34:95:
67:83:2f:3a:e2:25:96:f8:09:04:cc:73:8d:3e:1d:
b5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:36:35:4E:2B:65:04:A0:06:1E:B7:A3:35:DC:E7:9F:23:EF:4B:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8020::/48
Signature Algorithm: sha256WithRSAEncryption
c3:2f:69:9e:71:4c:d8:c1:d8:3d:fe:2a:7a:f6:ed:9a:59:06:
a1:94:f5:48:49:4c:fd:03:db:c6:41:f2:47:1d:3d:0e:98:ff:
84:4e:3a:49:c2:cd:04:c0:7a:e7:db:53:9a:01:55:cc:e7:71:
42:87:49:ea:1e:81:6c:a5:8f:c9:cd:04:6f:a8:b7:b9:77:95:
dc:e5:f0:ce:75:66:42:d9:d7:a7:a0:f1:cb:c3:35:0d:27:21:
3b:9e:84:7a:b3:0c:5d:2a:a5:74:69:ad:78:90:c0:16:6d:e2:
23:cc:bf:91:fc:ae:a6:30:4c:dc:58:dd:ed:5a:70:94:f6:35:
70:62:38:86:6c:f1:34:bd:0f:9f:d0:d4:4f:4e:1f:cb:3a:c8:
1b:a7:c3:98:ed:64:6f:f5:6f:09:61:3f:6c:b2:dc:04:cb:71:
37:f5:f8:df:45:a6:98:ee:9b:3a:bf:8e:7b:72:a8:0a:be:dd:
64:f5:e4:31:7b:7e:65:20:a1:8b:0c:64:22:8a:80:31:27:bf:
04:54:57:c2:c5:e0:66:69:e9:60:78:d8:ad:39:f0:dc:66:39:
85:7d:f2:67:53:e5:ba:84:e5:9f:63:2b:cc:21:2d:7c:76:ac:
97:ea:47:b1:35:ba:5c:32:63:b3:30:6a:6f:b3:1e:f0:d0:82:
4f:17:ad:21
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURVe0L0v8RCXNIB/hduFR0vDKL1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwMDNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDViMTBiYmE2OTQ0ZWE2NjNhZGYwNjJhN2U0ZjlmNzYwMTU5MzdkZWViN2Ix
ZDUyMGE1ZDk3ODAzZjAxZGQzOTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTyCnd7jVqUZ0UET68B5cN52EugzuuNv+baJ0gXhJQYGaOK2HhlpvglcBDU
El/vNkUuOq4OkaPNdGcxjO1BIC5tY2W4ixRyAnz4ni2mA/bW10dEIE/yqqz+4XOS
wJQOAxQLxNupb35iS3TwzhXtCGzGPc3e7oEoYg9VTh+Dk2ZNLRgpA0k1Cq6UDecw
GRrTyOu8x01Lv+geFmtf80oqHSCI1oSKDuaN+XDS8352nnVTsFrGcNJXBXKOooGY
H3vgVBvxZIXf3DSDChNljSfVfEB8sYYzgUDnWOI8n0Kk5rWSKxLomBQk6cEo9VnA
BzSVZ4MvOuIllvgJBMxzjT4dtWsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQgNjVO
K2UEoAYet6M13OefI+9LZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjUxYmYyMGYtNTMxYS00MTFlLWJhZmYtMzdhMzhiYzI5Y2U5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
IDANBgkqhkiG9w0BAQsFAAOCAQEAwy9pnnFM2MHYPf4qevbtmlkGoZT1SElM/QPb
xkHyRx09Dpj/hE46ScLNBMB659tTmgFVzOdxQodJ6h6BbKWPyc0Eb6i3uXeV3OXw
znVmQtnXp6Dxy8M1DSchO56EerMMXSqldGmteJDAFm3iI8y/kfyupjBM3Fjd7Vpw
lPY1cGI4hmzxNL0Pn9DUT04fyzrIG6fDmO1kb/VvCWE/bLLcBMtxN/X430WmmO6b
Or+Oe3KoCr7dZPXkMXt+ZSChiwxkIoqAMSe/BFRXwsXgZmnpYHjYrTnw3GY5hX3y
Z1PluoTln2MrzCEtfHasl+pHsTW6XDJjszBqb7Me8NCCTxetIQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:44 2025 by rpki-client