Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
File: fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa (raw, json)
Hash identifier: Y7Tf5IajtfmAdWNyD/GjwlfW4imVGHnbOCP4U9D0gYc=
Subject key identifier: BC:A1:2E:06:C0:76:80:D8:CE:76:B1:5E:DD:E1:2B:5F:35:10:AF:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E335D2AB820F58F2EF9EA82C7E3E0638C1A8286
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
Signing time: Tue 17 Jun 2025 00:40:51 +0000
ROA not before: Tue 17 Jun 2025 00:40:51 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:33:5d:2a:b8:20:f5:8f:2e:f9:ea:82:c7:e3:e0:63:8c:1a:82:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:51 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=28687de63e153f931debd5abad25e669c8b927999ea3027597254ddb9f018e99, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5b:f4:3c:3b:cd:05:1a:75:99:61:a0:43:72:
55:f4:ad:2d:fa:aa:de:96:d7:ab:84:84:9b:f7:08:
8d:46:5b:ca:fa:8c:99:03:ad:75:5d:67:ec:22:48:
2f:c4:5b:98:9b:d5:ec:8c:d4:77:c0:1f:45:27:9b:
47:7a:f8:6b:ca:98:9e:db:87:59:31:49:94:35:66:
e1:b3:71:3f:cc:52:ce:65:b6:92:82:dc:44:7b:71:
e1:7d:bc:1c:6c:1c:9f:13:7b:22:07:33:6a:49:84:
8a:4c:b7:a8:c3:67:d1:1d:7a:25:fc:a8:a1:ec:c4:
ab:4f:89:36:31:d5:07:4d:96:2e:f0:15:77:66:1d:
11:78:34:77:8a:89:b7:60:b9:9f:e5:da:de:38:de:
57:af:44:6d:9c:e2:f4:4d:da:66:82:de:09:a9:34:
1e:57:05:d5:78:e8:b4:d9:6d:46:2c:d1:55:70:03:
8b:72:9c:a4:ed:aa:7f:c5:73:06:f6:ba:a7:8d:ad:
ca:cc:22:4e:b1:4e:22:0e:ca:bd:f5:f1:d3:4e:33:
cd:db:66:70:0e:75:a7:a6:88:99:38:43:de:d4:7c:
45:f9:c8:4f:0c:7e:c5:7f:df:f8:2d:30:ca:85:ed:
e0:4c:1e:1b:08:ab:3c:25:bc:aa:11:5a:79:d7:b7:
a8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A1:2E:06:C0:76:80:D8:CE:76:B1:5E:DD:E1:2B:5F:35:10:AF:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
02:7a:57:57:13:cd:02:3b:a9:81:45:cb:5e:b7:02:24:cd:70:
c7:4a:1b:ef:84:ea:dd:4f:e2:4c:68:98:13:64:70:8b:bd:93:
97:51:82:33:76:b1:16:d9:17:79:bc:dc:37:82:de:37:b4:cb:
3a:56:9d:6b:3f:44:b1:42:ef:e5:8e:2c:64:ba:b8:2f:0b:a8:
f2:46:69:1c:fe:4b:05:f5:ec:65:08:7c:63:12:8e:d9:ab:e3:
84:3d:24:63:2b:20:bb:b6:33:f4:1c:0a:1e:c4:6d:00:a8:6b:
40:be:c9:9d:34:68:5a:41:4d:47:6b:d3:f7:cb:63:00:1d:9e:
6b:a0:54:6b:d2:4b:c6:e4:ee:93:ae:e7:9b:de:85:a7:a6:d1:
19:b5:49:a8:b2:f8:2e:95:5e:a1:66:c1:e1:56:20:e0:d2:e1:
f1:27:dd:f8:22:2e:63:31:bd:a5:11:91:c2:69:bb:3f:65:76:
da:4f:22:16:d3:2c:a2:60:16:98:6b:50:a1:a2:73:6a:81:cb:
e7:df:d0:e4:41:06:cf:fb:5a:4e:d8:08:6e:c4:c2:5d:bb:b2:
11:8c:5a:94:ac:ff:4d:44:d9:01:58:00:02:50:c3:f5:97:cc:
37:ca:24:5f:73:74:12:a5:a0:00:b1:a1:0b:34:38:37:5a:6c:
dd:72:4c:5c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDjNdKrgg9Y8u+eqCx+PgY4wagoYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQwNTFaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4Njg3ZGU2M2UxNTNmOTMxZGViZDVhYmFkMjVlNjY5YzhiOTI3OTk5ZWEz
MDI3NTk3MjU0ZGRiOWYwMThlOTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOJb9Dw7zQUadZlhoENyVfStLfqq3pbXq4SEm/cIjUZbyvqMmQOtdV1n7CJI
L8RbmJvV7IzUd8AfRSebR3r4a8qYntuHWTFJlDVm4bNxP8xSzmW2koLcRHtx4X28
HGwcnxN7IgczakmEiky3qMNn0R16JfyooezEq0+JNjHVB02WLvAVd2YdEXg0d4qJ
t2C5n+Xa3jjeV69EbZzi9E3aZoLeCak0HlcF1XjotNltRizRVXADi3KcpO2qf8Vz
Bva6p42tyswiTrFOIg7KvfXx004zzdtmcA51p6aImThD3tR8RfnITwx+xX/f+C0w
yoXt4EweGwirPCW8qhFaede3qOkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS8oS4G
wHaA2M52sV7d4StfNRCvaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmQzMjlhYjUtYWU1Yy00YjY4LWE0YzYtYjgyZjZlYTI5ZGQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQACeldXE80CO6mBRctetwIkzXDHShvvhOrdT+JM
aJgTZHCLvZOXUYIzdrEW2Rd5vNw3gt43tMs6Vp1rP0SxQu/ljixkurgvC6jyRmkc
/ksF9exlCHxjEo7Zq+OEPSRjKyC7tjP0HAoexG0AqGtAvsmdNGhaQU1Ha9P3y2MA
HZ5roFRr0kvG5O6Trueb3oWnptEZtUmosvgulV6hZsHhViDg0uHxJ934Ii5jMb2l
EZHCabs/ZXbaTyIW0yyiYBaYa1ChonNqgcvn39DkQQbP+1pO2AhuxMJdu7IRjFqU
rP9NRNkBWAACUMP1l8w3yiRfc3QSpaAAsaELNDg3Wmzdckxc
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:48:52 2025 by rpki-client