Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
File: fc40321f-72c2-43a4-8c42-0e935f8f1943.roa (raw, json)
Hash identifier: H/L19qD57gLTO0e10lCK/T6FW5eNnotdnG/L9wqBG04=
Subject key identifier: 6B:DD:B2:EC:5C:DF:E4:4B:C6:39:84:9C:28:4F:1A:AB:E3:B1:57:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55C5CE144F2EAAB638ABCD02C613D88EB7C38B3D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
Signing time: Mon 16 Jun 2025 20:00:44 +0000
ROA not before: Mon 16 Jun 2025 20:00:44 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:c5:ce:14:4f:2e:aa:b6:38:ab:cd:02:c6:13:d8:8e:b7:c3:8b:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:44 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=7a11400c5091405a807dd45d430bdb0600eb586682a2dc75a88edea3637d6c07, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ae:a1:09:4e:98:21:6a:7b:50:da:23:71:8a:
8d:f9:d0:d6:0d:e9:8a:c8:36:d0:7a:cc:2f:6f:56:
90:0e:02:01:89:bc:53:02:d3:20:47:94:29:6b:26:
56:89:a4:05:5a:b7:be:8b:bd:12:be:b1:7f:16:9b:
fb:b2:4a:6b:f2:1d:e9:d1:2b:0b:b1:32:73:f3:04:
b6:ba:b4:14:48:f2:da:de:6b:9e:26:37:04:74:56:
be:e8:b0:d2:c6:0c:25:bc:99:e5:88:74:7d:ec:46:
68:a5:5b:dd:0a:74:82:34:9d:29:c7:b4:7a:dc:82:
cf:d2:85:2b:a5:13:2c:7e:28:71:9e:b3:a7:9a:8e:
b3:8c:13:9f:98:f7:20:47:21:1a:15:8a:e7:53:68:
3b:d2:dd:7b:4b:da:38:3a:09:6f:b1:30:22:de:b6:
49:08:f9:78:4f:90:70:12:7c:34:7e:d8:7e:6f:1e:
82:92:d2:5a:aa:fa:ef:47:f6:86:29:eb:c2:f8:74:
33:6e:0c:66:67:6a:9c:c4:3a:bf:84:68:8b:00:85:
af:62:35:4b:46:c8:09:2d:c5:44:d9:43:e0:bb:82:
79:fb:e8:db:56:1b:f4:51:bb:65:93:27:1b:19:e8:
96:7f:bb:00:b5:70:8f:57:53:cf:9f:b6:de:34:55:
d9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:DD:B2:EC:5C:DF:E4:4B:C6:39:84:9C:28:4F:1A:AB:E3:B1:57:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
c1:07:92:55:94:de:70:c4:33:7f:40:a1:b5:5c:95:62:a2:3d:
3b:0c:fc:bd:7e:5b:34:43:86:cf:cc:76:de:b5:e0:91:02:e7:
79:b6:fc:88:89:08:92:d5:41:4a:b4:b5:7b:7d:a6:91:ae:0f:
5b:93:2b:20:73:c0:1d:bc:cd:7d:54:5d:7b:61:55:42:fa:57:
87:d8:5d:61:25:8c:2a:a1:c7:97:0f:f6:ee:45:5d:f1:cc:f4:
5c:b8:d4:a6:51:4c:ce:9e:cf:58:d0:5f:7c:f5:99:16:e8:5b:
ef:25:8e:db:8d:8b:5b:be:32:8c:60:d5:2b:4c:d1:b8:12:73:
de:31:24:42:01:b1:aa:02:30:08:25:80:33:47:be:01:38:d1:
4b:57:cf:8b:b8:a3:6a:60:78:81:9f:3d:b4:f5:68:31:d5:a5:
98:ad:74:29:6f:de:e6:40:bb:0e:65:e2:c7:af:9c:f1:5e:6b:
4f:ea:01:83:d6:6b:8c:6e:cf:a5:1f:4a:af:cc:ec:98:f2:00:
3d:b3:bc:e3:e6:08:94:81:4f:b0:60:c3:a5:96:2a:f7:30:96:
3d:78:55:df:54:7e:20:3b:53:03:6f:5c:f0:65:47:0d:68:92:
a9:89:13:a9:11:2c:a1:cc:55:a8:3b:b6:ba:9a:27:49:b0:e3:
a9:47:38:26
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVcXOFE8uqrY4q80CxhPYjrfDiz0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwNDRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhMTE0MDBjNTA5MTQwNWE4MDdkZDQ1ZDQzMGJkYjA2MDBlYjU4NjY4MmEy
ZGM3NWE4OGVkZWEzNjM3ZDZjMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKuoQlOmCFqe1DaI3GKjfnQ1g3pisg20HrML29WkA4CAYm8UwLTIEeUKWsm
VomkBVq3vou9Er6xfxab+7JKa/Id6dErC7Eyc/MEtrq0FEjy2t5rniY3BHRWvuiw
0sYMJbyZ5Yh0fexGaKVb3Qp0gjSdKce0etyCz9KFK6UTLH4ocZ6zp5qOs4wTn5j3
IEchGhWK51NoO9Lde0vaODoJb7EwIt62SQj5eE+QcBJ8NH7Yfm8egpLSWqr670f2
hinrwvh0M24MZmdqnMQ6v4RoiwCFr2I1S0bICS3FRNlD4LuCefvo21Yb9FG7ZZMn
Gxnoln+7ALVwj1dTz5+23jRV2Q0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRr3bLs
XN/kS8Y5hJwoTxqr47FX0DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM0MDMyMWYtNzJjMi00M2E0LThjNDItMGU5MzVmOGYxOTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
wDANBgkqhkiG9w0BAQsFAAOCAQEAwQeSVZTecMQzf0ChtVyVYqI9Owz8vX5bNEOG
z8x23rXgkQLnebb8iIkIktVBSrS1e32mka4PW5MrIHPAHbzNfVRde2FVQvpXh9hd
YSWMKqHHlw/27kVd8cz0XLjUplFMzp7PWNBffPWZFuhb7yWO242LW74yjGDVK0zR
uBJz3jEkQgGxqgIwCCWAM0e+ATjRS1fPi7ijamB4gZ89tPVoMdWlmK10KW/e5kC7
DmXix6+c8V5rT+oBg9ZrjG7PpR9Kr8zsmPIAPbO84+YIlIFPsGDDpZYq9zCWPXhV
31R+IDtTA29c8GVHDWiSqYkTqREsocxVqDu2uponSbDjqUc4Jg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:24:39 2025 by rpki-client