Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc8b1b19-8868-43a4-8d84-4c0b99202a0d.roa
File: fc8b1b19-8868-43a4-8d84-4c0b99202a0d.roa (raw, json)
Hash identifier: U1qwHRsZTPvv6nTZ8Hqf9VGZHVeoa4PC6v3t8W3Xg4I=
Subject key identifier: 72:78:96:52:2F:60:41:F1:04:C9:97:52:46:67:0A:28:78:85:C9:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32321D2E32962CE6FD6BA4180280C22C899501F9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc8b1b19-8868-43a4-8d84-4c0b99202a0d.roa
Signing time: Mon 16 Jun 2025 20:41:00 +0000
ROA not before: Mon 16 Jun 2025 20:41:00 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:32:1d:2e:32:96:2c:e6:fd:6b:a4:18:02:80:c2:2c:89:95:01:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:41:00 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=9c9b86c09b6613e33d9db2f48d689638c45abff3a8ebb2c6e44fa1b839493594, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:87:ed:b9:49:34:ad:e5:92:02:c9:b2:32:70:
87:5c:7d:16:c4:a5:27:30:04:ed:b7:48:0b:f7:c2:
48:d5:60:1a:1e:d4:48:4b:9f:7a:49:ce:27:19:7a:
16:6d:d2:3a:62:ff:24:fd:5d:de:d6:30:c0:d0:d7:
15:a9:fd:9a:91:bc:b2:b6:ae:7f:87:8a:ce:3f:f4:
36:90:c3:40:26:69:2d:f1:9b:ae:09:c4:e6:45:b8:
de:7b:3b:08:7d:ff:40:b0:8c:a7:d7:68:e2:0c:99:
75:2d:e3:7d:1f:6b:2e:e5:4c:74:2f:94:e7:80:ad:
b2:a8:94:7b:7e:f7:fc:12:b5:eb:93:a1:f7:b9:32:
6a:e2:15:55:90:dc:81:3f:a8:6d:4d:45:e7:1b:bc:
75:2e:12:2c:f7:84:3f:b0:0d:3c:af:05:8f:0e:8a:
b4:08:2b:8d:77:40:fb:80:1b:bb:ce:72:4c:4a:e4:
50:e3:ec:02:45:b4:af:23:6f:bd:55:6e:b7:eb:47:
ad:85:bb:20:ae:0b:2f:7d:e3:9a:60:54:03:ab:91:
e5:0f:01:8f:64:c4:ba:de:e4:0b:76:a1:59:40:8c:
65:fb:4b:09:fb:82:eb:25:df:3f:90:69:2c:0d:f9:
6c:af:09:da:6d:1c:bf:ef:0a:fe:04:f6:32:6b:ca:
fc:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:78:96:52:2F:60:41:F1:04:C9:97:52:46:67:0A:28:78:85:C9:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc8b1b19-8868-43a4-8d84-4c0b99202a0d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:6000::/40
Signature Algorithm: sha256WithRSAEncryption
7f:a8:f7:13:9f:99:cb:2c:d8:8d:28:c9:6f:bb:7a:08:47:ee:
43:9c:81:6c:5e:73:4b:93:53:4b:89:f8:ad:16:39:f4:42:e3:
1c:46:a5:62:64:1a:87:d0:b6:cc:ac:8d:5a:bb:9b:60:83:ba:
d3:2b:9c:10:81:4b:6f:5e:0d:65:48:a6:7d:59:e0:4f:4e:8a:
13:bc:48:5c:52:a4:2a:59:54:04:31:ff:f3:19:1c:2d:05:2a:
37:04:71:6f:29:3b:aa:c2:77:fa:d3:d4:03:3a:fd:86:df:0e:
de:81:40:82:d2:1d:f9:22:5f:7f:6d:59:cf:7c:c8:65:25:d0:
e5:52:75:a5:c6:ff:59:c4:b6:c0:a6:c0:0c:e5:13:e5:d7:88:
44:b6:f8:55:cc:44:71:c2:6e:09:75:8e:12:ac:f8:ad:81:dd:
9a:3a:d0:66:f9:57:25:75:11:b4:14:5c:e1:4a:c7:25:db:3d:
75:bf:d9:fb:3c:06:6b:cf:d9:ca:94:d6:fd:c3:51:69:a9:f6:
a6:2c:2c:b8:a8:11:f9:ba:52:97:2f:47:26:6c:b1:73:ac:c7:
b4:cf:4c:db:62:22:ab:8a:d9:1a:55:03:9e:2c:ae:ae:3d:db:
a1:4d:7d:1a:e3:1b:d9:be:6b:51:cd:c4:3d:c8:c2:8f:28:2c:
6b:2f:13:78
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMjIdLjKWLOb9a6QYAoDCLImVAfkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDQxMDBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDljOWI4NmMwOWI2NjEzZTMzZDlkYjJmNDhkNjg5NjM4YzQ1YWJmZjNhOGVi
YjJjNmU0NGZhMWI4Mzk0OTM1OTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeH7blJNK3lkgLJsjJwh1x9FsSlJzAE7bdIC/fCSNVgGh7USEufeknOJxl6
Fm3SOmL/JP1d3tYwwNDXFan9mpG8srauf4eKzj/0NpDDQCZpLfGbrgnE5kW43ns7
CH3/QLCMp9do4gyZdS3jfR9rLuVMdC+U54CtsqiUe373/BK165Oh97kyauIVVZDc
gT+obU1F5xu8dS4SLPeEP7ANPK8Fjw6KtAgrjXdA+4Abu85yTErkUOPsAkW0ryNv
vVVut+tHrYW7IK4LL33jmmBUA6uR5Q8Bj2TEut7kC3ahWUCMZftLCfuC6yXfP5Bp
LA35bK8J2m0cv+8K/gT2MmvK/PcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRyeJZS
L2BB8QTJl1JGZwooeIXJYDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM4YjFiMTktODg2OC00M2E0LThkODQtNGMwYjk5MjAyYTBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Htg
MA0GCSqGSIb3DQEBCwUAA4IBAQB/qPcTn5nLLNiNKMlvu3oIR+5DnIFsXnNLk1NL
ifitFjn0QuMcRqViZBqH0LbMrI1au5tgg7rTK5wQgUtvXg1lSKZ9WeBPTooTvEhc
UqQqWVQEMf/zGRwtBSo3BHFvKTuqwnf609QDOv2G3w7egUCC0h35Il9/bVnPfMhl
JdDlUnWlxv9ZxLbApsAM5RPl14hEtvhVzERxwm4JdY4SrPitgd2aOtBm+VcldRG0
FFzhSscl2z11v9n7PAZrz9nKlNb9w1FpqfamLCy4qBH5ulKXL0cmbLFzrMe0z0zb
YiKritkaVQOeLK6uPduhTX0a4xvZvmtRzcQ9yMKPKCxrLxN4
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:49 2025 by rpki-client