Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
File: 5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa (raw, json)
Hash identifier: nFaHYn5qNk2V8q9I2SjwbQY/H8fdLNaeoveXlFJUN+w=
Subject key identifier: 51:9C:E7:87:2A:BC:55:8C:8E:4B:BF:B0:5B:FB:08:61:9E:BF:3B:D9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 64DA71F4AA809D580FECC80854D6803C9C8DC841
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
Signing time: Fri 06 Jun 2025 15:10:44 +0000
ROA not before: Fri 06 Jun 2025 15:10:44 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:da:71:f4:aa:80:9d:58:0f:ec:c8:08:54:d6:80:3c:9c:8d:c8:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:44 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=3ace132f55bf501b744cc282db59b5f24a4f5e311b3acda0b8c1503db94f447f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ba:82:38:57:09:80:c8:2a:f2:97:8d:98:b4:
52:83:95:ff:86:c9:0b:50:f2:c0:84:b5:da:52:11:
cd:58:32:99:3c:ed:5a:be:c9:d5:4f:3c:53:f4:e4:
67:0a:85:0e:f7:72:1d:69:f8:6c:d0:b8:8f:85:b5:
99:70:2f:25:e0:cc:31:5b:a3:94:60:51:f5:08:02:
7e:8e:fa:1a:c8:c1:90:19:2a:6d:60:80:22:5a:03:
35:aa:cc:65:a4:64:6b:b1:ed:03:6e:5b:e5:db:d7:
aa:61:bc:a5:b0:47:74:03:2e:f0:ac:c4:e2:60:62:
72:9c:83:77:82:d1:20:53:4a:7d:6d:30:11:ce:e5:
39:90:96:55:24:45:a3:24:ca:e0:4e:15:97:5d:33:
fc:9b:8c:7e:4c:48:3a:90:1b:17:33:2e:13:1c:5c:
4e:98:8e:48:53:e6:8b:2f:01:83:42:c9:d0:ec:10:
34:1d:79:dc:0e:66:82:c3:d4:03:02:d4:87:89:ce:
5e:55:cd:19:54:57:f0:68:a3:f1:ef:35:7d:11:95:
f7:7f:63:c7:11:7d:a7:eb:e6:73:ff:b5:dd:4c:1c:
92:7b:07:eb:ba:a3:42:6f:d8:cd:52:c9:22:9b:7a:
7a:72:2c:1a:aa:cd:e0:80:e2:73:39:6c:c6:39:92:
b9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:9C:E7:87:2A:BC:55:8C:8E:4B:BF:B0:5B:FB:08:61:9E:BF:3B:D9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:8000::/40
Signature Algorithm: sha256WithRSAEncryption
98:87:e9:31:94:bf:f5:73:f9:d0:50:c2:79:a6:3e:74:89:e8:
82:12:a4:2a:ad:82:b8:0a:99:2f:37:c5:d6:0c:23:84:a9:23:
b3:81:3d:a1:d7:47:fa:ec:f9:7a:6a:6d:17:5f:0c:04:29:f6:
db:0f:0f:e9:b0:e2:36:67:cb:3a:e2:59:7c:c6:a4:4d:42:17:
5a:8a:f4:51:59:d6:2a:70:1e:cc:66:64:27:dc:a1:e5:69:61:
21:80:cc:36:ae:28:52:0e:e7:aa:bf:c8:0a:6e:8c:74:4c:b8:
40:48:dd:b8:e4:47:6b:6f:0e:84:47:83:6b:80:0d:46:76:87:
4a:01:27:51:5a:ad:69:32:1f:c1:e6:80:c6:2f:a5:cb:23:64:
04:86:e8:0b:51:d8:0e:f7:39:3b:8b:7f:79:c5:a6:69:9e:90:
dd:1b:41:b7:f1:f7:8c:66:08:48:e8:f1:eb:41:ad:5c:cd:06:
ee:51:3d:0c:06:a6:04:06:b9:be:66:fe:1b:0b:40:ae:3a:72:
6d:36:06:2c:27:2b:f4:af:d9:fa:42:14:fc:cd:e7:d1:cc:cf:
7e:1f:08:b6:97:70:08:53:7d:fb:9f:e6:ee:87:cc:04:95:57:
3b:73:83:ec:1c:2e:48:bc:43:52:f6:5c:e5:d9:2d:32:ef:cd:
86:10:d9:ee
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZNpx9KqAnVgP7MgIVNaAPJyNyEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwNDRaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhY2UxMzJmNTViZjUwMWI3NDRjYzI4MmRiNTliNWYyNGE0ZjVlMzExYjNh
Y2RhMGI4YzE1MDNkYjk0ZjQ0N2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOe6gjhXCYDIKvKXjZi0UoOV/4bJC1DywIS12lIRzVgymTztWr7J1U88U/Tk
ZwqFDvdyHWn4bNC4j4W1mXAvJeDMMVujlGBR9QgCfo76GsjBkBkqbWCAIloDNarM
ZaRka7HtA25b5dvXqmG8pbBHdAMu8KzE4mBicpyDd4LRIFNKfW0wEc7lOZCWVSRF
oyTK4E4Vl10z/JuMfkxIOpAbFzMuExxcTpiOSFPmiy8Bg0LJ0OwQNB153A5mgsPU
AwLUh4nOXlXNGVRX8Gij8e81fRGV939jxxF9p+vmc/+13UwcknsH67qjQm/YzVLJ
Ipt6enIsGqrN4IDiczlsxjmSudsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRRnOeH
KrxVjI5Lv7Bb+whhnr872TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWI4Zjk4MzItZGY5Yi00ZmM4LTk0ZGEtNWU4ODNlMGQ2ZTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCA
MA0GCSqGSIb3DQEBCwUAA4IBAQCYh+kxlL/1c/nQUMJ5pj50ieiCEqQqrYK4Cpkv
N8XWDCOEqSOzgT2h10f67Pl6am0XXwwEKfbbDw/psOI2Z8s64ll8xqRNQhdaivRR
WdYqcB7MZmQn3KHlaWEhgMw2rihSDueqv8gKbox0TLhASN245Edrbw6ER4NrgA1G
dodKASdRWq1pMh/B5oDGL6XLI2QEhugLUdgO9zk7i395xaZpnpDdG0G38feMZghI
6PHrQa1czQbuUT0MBqYEBrm+Zv4bC0CuOnJtNgYsJyv0r9n6QhT8zefRzM9+Hwi2
l3AIU337n+buh8wElVc7c4PsHC5IvENS9lzl2S0y782GENnu
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:00 2025 by rpki-client