Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/113e55fd-9531-4700-bcdc-5abe9a806b41.roa
File: 113e55fd-9531-4700-bcdc-5abe9a806b41.roa (raw, json)
Hash identifier: f6izzBPbEWtq/0k0qhaqFugs4zLB1lyo1bj4lSmIVPw=
Subject key identifier: 60:87:5A:C6:08:4C:D3:FF:AE:B0:9B:C9:56:F7:2E:1E:37:46:5A:77
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F3D5CF6FAA8687D54D6B635DD13B8826E158520
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/113e55fd-9531-4700-bcdc-5abe9a806b41.roa
Signing time: Tue 10 Jun 2025 17:20:47 +0000
ROA not before: Tue 10 Jun 2025 17:20:47 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:3d:5c:f6:fa:a8:68:7d:54:d6:b6:35:dd:13:b8:82:6e:15:85:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:47 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=5360708096539ff528e4fa1458c0e24a24a328c9e3f0e1e4c7007f40d178cf6d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:69:5a:76:7d:b1:6e:df:b5:2a:99:51:b9:48:
91:63:e3:47:a0:75:1c:7d:d0:e8:18:1a:a0:20:56:
61:7d:a6:a4:59:07:13:48:57:dd:78:3a:fa:62:a0:
0c:57:53:6a:89:11:72:44:5b:56:33:cb:9a:4f:30:
f4:0c:82:70:bc:ca:c2:e2:0d:d0:32:fc:4e:b0:67:
ef:76:f8:d6:26:2f:6b:29:0f:58:78:bd:ae:5b:7e:
13:4b:5e:b2:3d:fb:22:80:44:a6:26:3c:4e:66:b6:
8b:d8:a9:4a:40:1d:b1:3d:46:63:f9:76:e1:4a:00:
35:c0:98:df:1b:79:75:38:b4:9a:f2:d6:95:e9:45:
07:e5:2f:30:9e:7a:9c:f8:40:43:80:48:53:a2:25:
84:50:82:d1:ed:32:16:0f:06:7d:41:e0:ad:34:86:
76:d3:b0:25:f9:80:2f:6c:6c:00:bc:96:be:80:52:
1b:f2:85:5c:7e:38:a2:92:e2:93:4f:c9:8d:d6:17:
5f:24:84:31:69:38:12:9e:e3:d5:08:d7:1f:2a:5e:
93:9f:b0:b1:2b:9c:c7:9b:84:47:60:bc:63:50:8b:
3c:84:22:4d:fb:57:d7:75:9d:9c:6b:a2:b5:34:29:
4b:ff:85:5b:32:b1:1d:b5:4e:28:71:74:80:80:57:
a0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:87:5A:C6:08:4C:D3:FF:AE:B0:9B:C9:56:F7:2E:1E:37:46:5A:77
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/113e55fd-9531-4700-bcdc-5abe9a806b41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:800::/40
Signature Algorithm: sha256WithRSAEncryption
77:de:0c:39:b7:01:50:a4:1a:67:a6:f5:49:63:1d:a4:0b:12:
b1:73:ea:fb:f4:74:1e:f6:98:2b:d3:8c:31:ec:a3:ca:3d:6f:
64:90:55:df:c4:9f:7e:d2:52:dd:4c:1c:2b:21:ed:2d:d2:60:
e9:a7:13:47:c0:fe:58:cd:68:17:aa:36:da:7a:b4:6c:e8:4e:
a4:8b:91:c1:1f:f7:25:6e:9c:1b:5e:50:3f:21:5b:5c:77:df:
ec:65:62:b1:54:04:c7:48:c5:53:4c:4a:b5:49:eb:65:ae:7d:
b9:5a:db:40:cd:9b:c1:12:e9:68:a7:ce:f4:9d:22:e9:e7:fe:
a9:1d:66:dc:f3:64:27:55:c7:f9:9c:c8:c9:26:d9:df:d2:28:
5a:9b:ea:ba:76:9d:73:dc:a1:4e:19:1c:7d:88:6b:c5:94:de:
cc:cb:58:48:6e:da:06:f0:ae:4c:34:0e:e1:91:4a:6d:60:4d:
2a:f9:a4:7c:e0:a8:36:98:ae:3a:46:61:cc:cc:1f:d9:35:b8:
01:92:36:ce:dc:6d:f8:9c:bf:87:09:97:55:8a:50:6c:75:e2:
3e:2d:4c:92:b4:c4:4a:77:fd:9c:25:f1:aa:64:09:db:34:9a:
71:2a:67:6a:c9:27:55:3b:8d:f5:de:4f:a0:8d:a4:1c:22:b2:
3f:29:9f:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfz1c9vqoaH1U1rY13RO4gm4VhSAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwNDdaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzNjA3MDgwOTY1MzlmZjUyOGU0ZmExNDU4YzBlMjRhMjRhMzI4YzllM2Yw
ZTFlNGM3MDA3ZjQwZDE3OGNmNmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhpWnZ9sW7ftSqZUblIkWPjR6B1HH3Q6BgaoCBWYX2mpFkHE0hX3Xg6+mKg
DFdTaokRckRbVjPLmk8w9AyCcLzKwuIN0DL8TrBn73b41iYvaykPWHi9rlt+E0te
sj37IoBEpiY8Tma2i9ipSkAdsT1GY/l24UoANcCY3xt5dTi0mvLWlelFB+UvMJ56
nPhAQ4BIU6IlhFCC0e0yFg8GfUHgrTSGdtOwJfmAL2xsALyWvoBSG/KFXH44opLi
k0/JjdYXXySEMWk4Ep7j1QjXHypek5+wsSucx5uER2C8Y1CLPIQiTftX13WdnGui
tTQpS/+FWzKxHbVOKHF0gIBXoBECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRgh1rG
CEzT/66wm8lW9y4eN0ZadzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTEzZTU1ZmQtOTUzMS00NzAwLWJjZGMtNWFiZTlhODA2YjQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYI
MA0GCSqGSIb3DQEBCwUAA4IBAQB33gw5twFQpBpnpvVJYx2kCxKxc+r79HQe9pgr
04wx7KPKPW9kkFXfxJ9+0lLdTBwrIe0t0mDppxNHwP5YzWgXqjbaerRs6E6ki5HB
H/clbpwbXlA/IVtcd9/sZWKxVATHSMVTTEq1Setlrn25WttAzZvBEulop870nSLp
5/6pHWbc82QnVcf5nMjJJtnf0iham+q6dp1z3KFOGRx9iGvFlN7My1hIbtoG8K5M
NA7hkUptYE0q+aR84Kg2mK46RmHMzB/ZNbgBkjbO3G34nL+HCZdVilBsdeI+LUyS
tMRKd/2cJfGqZAnbNJpxKmdqySdVO4313k+gjaQcIrI/KZ9Q
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:47:23 2025 by rpki-client