Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa
File: 1db7d6f9-20a2-495c-9303-96004ae64814.roa (raw, json)
Hash identifier: vHTNDr6bUwtLWkDPnqgWa6+DDaOFQnCyIgZ23t92QGM=
Subject key identifier: 32:29:7F:6A:0C:E4:AB:FC:67:A3:23:A2:C3:FC:10:C9:17:4D:0B:F8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C16C76B28900388F40B16FBB79D00A1D041F814
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa
Signing time: Tue 10 Jun 2025 17:20:16 +0000
ROA not before: Tue 10 Jun 2025 17:20:16 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:16:c7:6b:28:90:03:88:f4:0b:16:fb:b7:9d:00:a1:d0:41:f8:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:16 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=4ac464a34d435314fd5c65025f95c83a78b0796bb8d9ab062ed6ec6c94c3b6b2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:44:6c:da:7b:1b:23:20:2d:cc:7a:64:41:83:
32:ee:c1:d7:f7:01:8b:33:01:f5:1e:64:f6:82:54:
9a:fe:9e:86:56:7a:17:4f:a4:36:6d:b2:16:d2:79:
ad:e1:99:25:b8:89:62:93:d9:8d:ee:3c:8e:d8:ba:
05:92:0d:b8:8f:2c:61:0d:a3:dc:9b:01:32:d4:6d:
9d:f9:3d:ae:b5:cd:0d:36:65:e8:85:a3:fb:bb:a8:
b4:6c:de:48:ac:48:0c:2f:7b:16:82:7a:b1:0b:6d:
8f:25:06:1a:d6:51:de:e9:9b:fd:1b:7e:07:0e:f4:
7a:86:76:96:19:12:fa:5d:73:ad:33:46:c1:a2:91:
cc:06:cb:7d:6a:f1:f9:85:26:71:ae:2e:6c:77:a4:
95:26:0c:13:45:ee:cb:68:6f:7c:7c:26:0b:b9:ab:
83:ad:74:3c:05:a9:20:84:5a:ce:e4:96:96:ab:5a:
24:82:71:cb:33:6a:22:d1:ed:3c:5d:06:13:de:c1:
44:17:09:3d:5b:1f:37:1b:07:1e:38:45:20:63:65:
9f:ed:6f:93:64:fd:47:75:86:e2:fe:8c:51:40:92:
47:de:e8:aa:ff:56:27:5b:34:30:39:e6:7c:40:5c:
0a:f2:5b:c4:43:b5:1c:f6:70:f5:97:e7:58:da:ba:
a4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:29:7F:6A:0C:E4:AB:FC:67:A3:23:A2:C3:FC:10:C9:17:4D:0B:F8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
43:78:a3:fb:b1:52:7a:bb:36:59:73:35:f9:61:41:58:8d:58:
b4:95:2f:86:91:22:5c:9d:df:ec:07:08:68:72:c1:39:74:a4:
d1:77:a2:88:62:33:c3:d9:17:77:79:e2:7a:ce:0a:03:61:1c:
06:c0:1a:6c:0c:8c:e8:e6:05:7d:68:23:db:b6:d5:3d:9f:af:
77:66:9e:ec:37:64:c0:c7:78:c1:a8:47:c7:a4:f8:65:a5:6f:
53:65:2a:e7:bc:3a:57:b7:3d:55:41:29:1a:4d:5e:0e:50:d9:
e9:e3:64:56:2c:0f:53:4d:52:ba:55:d9:40:41:73:80:32:8d:
13:14:f1:e7:f6:a5:ce:5a:dc:4d:89:c9:ab:77:d2:20:44:38:
1c:ee:a5:65:09:06:92:73:3f:78:c0:12:31:9c:41:e0:9e:7c:
8d:de:5c:0a:1e:5d:6f:a9:98:5f:88:c9:e5:cb:43:9b:9f:2a:
a5:fa:3a:4f:58:eb:bd:81:23:1e:23:7d:73:dc:29:af:c9:7e:
9f:c4:23:d4:33:8b:16:9d:55:a6:4e:f0:26:a2:4c:79:ac:ca:
42:a1:ab:ec:14:70:2b:4e:f9:f2:a3:81:9c:c7:06:79:18:15:
d2:b5:2d:67:4e:da:9c:55:71:89:34:f4:81:2b:5b:2d:55:b5:
39:cc:c8:14
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXBbHayiQA4j0Cxb7t50AodBB+BQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwMTZaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhYzQ2NGEzNGQ0MzUzMTRmZDVjNjUwMjVmOTVjODNhNzhiMDc5NmJiOGQ5
YWIwNjJlZDZlYzZjOTRjM2I2YjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhEbNp7GyMgLcx6ZEGDMu7B1/cBizMB9R5k9oJUmv6ehlZ6F0+kNm2yFtJ5
reGZJbiJYpPZje48jti6BZINuI8sYQ2j3JsBMtRtnfk9rrXNDTZl6IWj+7uotGze
SKxIDC97FoJ6sQttjyUGGtZR3umb/Rt+Bw70eoZ2lhkS+l1zrTNGwaKRzAbLfWrx
+YUmca4ubHeklSYME0Xuy2hvfHwmC7mrg610PAWpIIRazuSWlqtaJIJxyzNqItHt
PF0GE97BRBcJPVsfNxsHHjhFIGNln+1vk2T9R3WG4v6MUUCSR97oqv9WJ1s0MDnm
fEBcCvJbxEO1HPZw9ZfnWNq6pM0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQyKX9q
DOSr/GejI6LD/BDJF00L+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWRiN2Q2ZjktMjBhMi00OTVjLTkzMDMtOTYwMDRhZTY0ODE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I
wDANBgkqhkiG9w0BAQsFAAOCAQEAQ3ij+7FSers2WXM1+WFBWI1YtJUvhpEiXJ3f
7AcIaHLBOXSk0XeiiGIzw9kXd3nies4KA2EcBsAabAyM6OYFfWgj27bVPZ+vd2ae
7DdkwMd4wahHx6T4ZaVvU2Uq57w6V7c9VUEpGk1eDlDZ6eNkViwPU01SulXZQEFz
gDKNExTx5/alzlrcTYnJq3fSIEQ4HO6lZQkGknM/eMASMZxB4J58jd5cCh5db6mY
X4jJ5ctDm58qpfo6T1jrvYEjHiN9c9wpr8l+n8Qj1DOLFp1Vpk7wJqJMeazKQqGr
7BRwK0758qOBnMcGeRgV0rUtZ07anFVxiTT0gStbLVW1OczIFA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:32 2025 by rpki-client