Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
File: f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa (raw, json)
Hash identifier: 19CVDv2Az53qwxAWA3lF1+QUBojxg8G2gfl+SjtiYGQ=
Subject key identifier: 54:97:E6:8D:61:36:32:1F:00:C2:9E:DF:98:8B:3E:17:9A:81:0C:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43DB96E46430DBE31EEE17DD0339679EBAFD0AED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
Signing time: Tue 17 Jun 2025 00:40:07 +0000
ROA not before: Tue 17 Jun 2025 00:40:07 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:db:96:e4:64:30:db:e3:1e:ee:17:dd:03:39:67:9e:ba:fd:0a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:07 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=f7aaf8b8b263f76df98edef48407e177928e9c51b64adfc8b474d195d8e0c418, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:27:df:72:2d:ed:30:af:22:8c:51:df:27:17:
66:13:8f:c9:cc:0d:50:ed:24:3a:dc:66:a0:5d:6b:
8d:e7:16:56:88:bf:ff:59:dc:df:fc:10:a7:90:0c:
39:22:28:a0:d8:4c:20:d8:a7:2c:99:b5:bb:9d:8f:
25:15:65:0e:8e:6e:46:2a:9f:2c:5f:1f:39:ef:e9:
18:d1:1e:00:7d:fe:3b:e6:ba:88:a7:e9:28:75:28:
b4:0b:03:1f:63:80:51:53:72:bd:8c:61:f8:f6:8c:
fd:6c:be:a0:de:49:04:cf:a9:f7:b3:da:2c:05:8d:
19:e4:b3:99:6c:ff:6f:74:0d:c8:70:0b:36:c1:d8:
ae:94:a2:65:5d:fa:bd:d6:4f:6f:de:66:41:d2:64:
71:22:26:7e:bd:f7:fc:16:c7:f6:17:ed:6d:56:c5:
af:d2:5e:1f:ae:ce:a8:51:ba:bf:03:61:c4:19:9d:
2b:5b:f7:85:1b:7d:52:3f:9d:61:1e:df:25:e8:28:
97:ba:f9:2b:d8:a1:f7:3e:c8:45:0d:c9:d2:80:04:
94:8f:73:f1:99:51:5d:e2:5c:24:93:30:81:c1:84:
29:4f:05:dc:4d:36:93:e5:5e:9c:4d:53:16:3b:36:
72:e9:11:5b:0a:7a:57:ec:4a:c8:e1:d2:b4:8d:a1:
75:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:97:E6:8D:61:36:32:1F:00:C2:9E:DF:98:8B:3E:17:9A:81:0C:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8000::/38
Signature Algorithm: sha256WithRSAEncryption
b3:4e:d8:05:19:44:bd:e6:7f:4a:a0:d5:71:8a:6b:67:5e:9b:
a1:86:06:17:d3:80:34:4c:36:1a:d1:83:4f:e8:8d:76:be:17:
84:66:a8:04:5b:50:6e:26:27:cb:5d:9d:79:a5:07:fa:e8:64:
80:f0:dd:0c:ff:d6:2e:27:88:b6:4f:fc:b7:60:74:ed:fe:3a:
84:c1:4a:e6:b7:35:ee:86:0b:85:b3:b8:c6:df:82:15:32:fe:
1d:cf:5f:53:a2:fb:fa:f8:01:5b:58:0f:7d:1e:e0:ff:15:93:
a1:70:e6:5f:84:23:da:c4:59:45:8b:bd:53:75:af:da:0f:4a:
fa:48:40:9c:18:b4:b3:22:69:ed:f6:12:03:5a:80:61:f3:29:
69:c3:c0:22:8c:d7:be:1d:17:22:b9:3b:b3:30:b4:0c:53:23:
d2:7e:09:71:c9:d8:45:51:49:80:04:53:e5:8f:c6:f7:8c:e3:
90:66:bd:b1:ee:3f:b3:99:5c:55:35:96:c6:2b:1d:75:18:82:
1a:0a:56:bd:ec:fb:0f:a3:16:e7:f1:09:a0:71:64:f0:ae:a8:
b1:cf:81:9d:ec:f1:95:60:a2:a4:30:45:3a:f8:93:4a:a1:60:
fa:05:23:8a:4e:f2:51:b5:ed:6f:de:55:e0:1b:a8:35:49:34:
43:54:46:68
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQ9uW5GQw2+Me7hfdAzlnnrr9Cu0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQwMDdaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3YWFmOGI4YjI2M2Y3NmRmOThlZGVmNDg0MDdlMTc3OTI4ZTljNTFiNjRh
ZGZjOGI0NzRkMTk1ZDhlMGM0MTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJwn33It7TCvIoxR3ycXZhOPycwNUO0kOtxmoF1rjecWVoi//1nc3/wQp5AM
OSIooNhMINinLJm1u52PJRVlDo5uRiqfLF8fOe/pGNEeAH3+O+a6iKfpKHUotAsD
H2OAUVNyvYxh+PaM/Wy+oN5JBM+p97PaLAWNGeSzmWz/b3QNyHALNsHYrpSiZV36
vdZPb95mQdJkcSImfr33/BbH9hftbVbFr9JeH67OqFG6vwNhxBmdK1v3hRt9Uj+d
YR7fJegol7r5K9ih9z7IRQ3J0oAElI9z8ZlRXeJcJJMwgcGEKU8F3E02k+VenE1T
Fjs2cukRWwp6V+xKyOHStI2hdbsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRUl+aN
YTYyHwDCnt+Yiz4XmoEMejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjViMjViMDgtZWMyNC00ZTE4LTg0YzktMDVhYzAzNWIxNWE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCA
MA0GCSqGSIb3DQEBCwUAA4IBAQCzTtgFGUS95n9KoNVximtnXpuhhgYX04A0TDYa
0YNP6I12vheEZqgEW1BuJifLXZ15pQf66GSA8N0M/9YuJ4i2T/y3YHTt/jqEwUrm
tzXuhguFs7jG34IVMv4dz19Tovv6+AFbWA99HuD/FZOhcOZfhCPaxFlFi71Tda/a
D0r6SECcGLSzImnt9hIDWoBh8ylpw8AijNe+HRciuTuzMLQMUyPSfglxydhFUUmA
BFPlj8b3jOOQZr2x7j+zmVxVNZbGKx11GIIaCla97PsPoxbn8QmgcWTwrqixz4Gd
7PGVYKKkMEU6+JNKoWD6BSOKTvJRte1v3lXgG6g1STRDVEZo
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:00 2025 by rpki-client