Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
File: fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa (raw, json)
Hash identifier: 0sSFIQwnSOs75Rbmy2NjI+251bc9stCmIhTDHgPI2tI=
Subject key identifier: FD:C8:40:25:29:A4:3D:5E:BB:A2:9E:AD:30:AC:24:7F:1D:A4:31:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 500FADA57D93C0FF0A59758A30F439F67535B610
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
Signing time: Mon 16 Jun 2025 20:00:12 +0000
ROA not before: Mon 16 Jun 2025 20:00:12 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:0f:ad:a5:7d:93:c0:ff:0a:59:75:8a:30:f4:39:f6:75:35:b6:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:12 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=bc1e74bfae48779bee209055ab2ad1d057b4613a1c232b2cf6a87ac7954d4497, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:10:45:85:c5:0c:b8:0f:b3:36:9d:a9:8b:49:
07:7e:82:4b:62:4f:84:e1:0a:88:6b:5f:31:da:52:
6b:bf:7d:96:39:fc:6c:57:c0:e8:d5:e2:d9:ed:0f:
37:9e:1f:90:a9:0f:03:e3:eb:a2:e5:cf:33:d7:a3:
96:f6:22:a0:87:60:46:af:02:b2:c6:9d:2b:0b:7a:
fc:fb:b7:84:49:5f:18:f4:b6:dd:25:92:46:b7:e9:
1e:4b:cc:c3:81:50:bd:78:3b:7d:c7:df:48:3d:9f:
ff:a8:35:69:83:c0:ad:50:5c:43:fb:e2:3b:f1:86:
c6:65:5c:d7:69:4c:74:e9:5b:f8:ca:a9:4b:f5:3c:
b7:f2:e8:e0:17:e7:45:0c:28:3c:32:15:e9:8d:82:
8a:21:86:b8:b9:0b:43:e1:5e:68:ba:ca:54:16:82:
11:fa:ef:bf:2f:7c:d9:9d:d4:4f:94:dc:b0:65:0c:
ea:69:d4:9d:1c:d9:a5:37:c9:20:8f:4b:2b:b7:00:
23:79:04:7a:9b:c1:53:6c:e5:45:e3:82:3b:f2:60:
a3:24:d8:9d:a4:56:e8:95:ad:0e:df:00:d1:fe:c7:
aa:35:28:4f:51:b4:2f:bd:17:31:56:f5:c2:56:5e:
2c:5c:5d:fc:56:74:80:bc:49:20:66:5b:73:bc:52:
8b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C8:40:25:29:A4:3D:5E:BB:A2:9E:AD:30:AC:24:7F:1D:A4:31:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8000::/40
Signature Algorithm: sha256WithRSAEncryption
2d:61:a9:0c:5f:23:b0:2d:d5:d1:a7:8b:3c:2a:0f:2f:9c:82:
4a:04:d0:2c:f3:fe:5e:80:fb:18:6b:46:47:cc:e8:6d:21:69:
2f:d2:83:91:db:25:5c:a4:04:d2:01:38:6d:e5:14:75:af:35:
68:b4:dd:18:88:bf:f0:05:69:31:6d:21:5b:d7:ad:7c:44:02:
23:69:67:3d:ba:d6:ec:00:8e:a8:ed:03:32:db:fa:e2:ba:14:
ee:58:3a:f2:50:f0:b0:02:f5:8e:7c:5c:af:59:f2:3c:fa:7f:
00:ac:6a:0e:bb:bf:b3:2c:32:74:0d:4f:3e:c4:c5:d0:fb:d0:
5c:88:99:44:aa:51:d6:44:a9:a9:f3:e2:53:b4:e8:97:8f:01:
de:2a:91:58:08:f7:9c:0c:37:f4:a0:29:95:05:7a:75:79:88:
75:91:1c:19:4d:63:b1:81:72:be:e2:44:f2:d0:d9:c5:a4:9b:
3c:3f:62:80:01:81:e0:af:47:4e:9a:8f:fb:e4:bd:73:b6:f6:
7c:15:dc:8a:11:77:6b:fc:e0:3f:10:bf:78:44:e8:06:bf:5a:
8f:9c:f2:0b:19:33:cc:c0:14:3d:23:c9:f0:8e:90:24:90:01:
7d:e7:50:63:c3:14:f7:02:46:ab:bc:2e:8b:c5:73:92:52:bd:
9b:86:49:fe
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUA+tpX2TwP8KWXWKMPQ59nU1thAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwMTJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjMWU3NGJmYWU0ODc3OWJlZTIwOTA1NWFiMmFkMWQwNTdiNDYxM2ExYzIz
MmIyY2Y2YTg3YWM3OTU0ZDQ0OTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOQQRYXFDLgPszadqYtJB36CS2JPhOEKiGtfMdpSa799ljn8bFfA6NXi2e0P
N54fkKkPA+ProuXPM9ejlvYioIdgRq8CssadKwt6/Pu3hElfGPS23SWSRrfpHkvM
w4FQvXg7fcffSD2f/6g1aYPArVBcQ/viO/GGxmVc12lMdOlb+MqpS/U8t/Lo4Bfn
RQwoPDIV6Y2CiiGGuLkLQ+FeaLrKVBaCEfrvvy982Z3UT5TcsGUM6mnUnRzZpTfJ
II9LK7cAI3kEepvBU2zlReOCO/JgoyTYnaRW6JWtDt8A0f7HqjUoT1G0L70XMVb1
wlZeLFxd/FZ0gLxJIGZbc7xSi4ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT9yEAl
KaQ9Xruinq0wrCR/HaQxxjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmMzY2YxZmYtMjA5ZC00NmY2LWE3ZGQtYTdiYTVkNWJmYmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DiA
MA0GCSqGSIb3DQEBCwUAA4IBAQAtYakMXyOwLdXRp4s8Kg8vnIJKBNAs8/5egPsY
a0ZHzOhtIWkv0oOR2yVcpATSATht5RR1rzVotN0YiL/wBWkxbSFb1618RAIjaWc9
utbsAI6o7QMy2/riuhTuWDryUPCwAvWOfFyvWfI8+n8ArGoOu7+zLDJ0DU8+xMXQ
+9BciJlEqlHWRKmp8+JTtOiXjwHeKpFYCPecDDf0oCmVBXp1eYh1kRwZTWOxgXK+
4kTy0NnFpJs8P2KAAYHgr0dOmo/75L1ztvZ8FdyKEXdr/OA/EL94ROgGv1qPnPIL
GTPMwBQ9I8nwjpAkkAF951BjwxT3AkarvC6LxXOSUr2bhkn+
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:05 2025 by rpki-client