Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
File: 5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa (raw, json)
Hash identifier: tocL0AI+r1C39rDoI5tnBNSHbvvbOXgddoRom5658Ww=
Subject key identifier: FF:9E:84:BF:15:FA:A3:96:8F:F9:34:F6:40:C5:55:29:32:E7:D3:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7068EE39ABE5BA55DE1E2B2FC4077E304E2D9CD7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
Signing time: Tue 10 Jun 2025 17:20:20 +0000
ROA not before: Tue 10 Jun 2025 17:20:20 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:68:ee:39:ab:e5:ba:55:de:1e:2b:2f:c4:07:7e:30:4e:2d:9c:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:20 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=82e5f5a1825a34af33836241b8c9d56030c780c44558c16c2ad667f8e8c2895c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:48:4c:48:44:b3:93:06:0c:0d:d3:f0:70:ca:
11:bb:b3:3a:6d:99:6a:7d:b2:dd:8a:a6:c0:89:ba:
20:9f:e0:06:8f:c2:70:cb:0f:25:e5:f0:63:1d:26:
43:6b:85:10:4e:59:35:83:8e:e7:16:7c:02:af:16:
34:e7:63:5f:c7:a7:ab:02:7e:b8:45:11:ee:9c:28:
87:58:c7:ff:a5:c7:39:42:11:62:ba:36:63:b1:dc:
03:2b:d4:e0:a4:c0:fa:0a:52:5e:a3:16:61:60:ee:
ec:d6:50:cc:ab:58:57:d4:7e:45:0d:7a:aa:c9:8e:
8d:77:65:46:e0:a0:66:94:7e:e2:32:80:90:d9:fc:
b9:ca:0c:ce:b4:13:40:0a:08:1b:91:fe:26:95:56:
12:71:43:04:47:06:cf:db:4c:68:dd:61:50:1a:bc:
7f:27:7e:b5:6c:8c:d8:3a:6b:90:02:66:55:ab:cb:
20:52:5a:b1:eb:6c:e5:1b:43:57:a7:ff:65:df:10:
44:66:35:4b:12:cb:f5:d9:43:3c:5e:a0:2b:ea:b7:
ff:7b:11:59:04:bf:70:0c:d4:d7:05:8b:58:71:c5:
20:22:61:90:3a:0a:ca:43:55:d8:58:b7:db:b1:6a:
5c:ec:37:26:01:15:b8:81:82:d9:bb:8a:ed:98:71:
06:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:9E:84:BF:15:FA:A3:96:8F:F9:34:F6:40:C5:55:29:32:E7:D3:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:880::/48
Signature Algorithm: sha256WithRSAEncryption
09:b9:91:11:c7:3e:be:97:5a:f0:c1:bc:70:b5:23:5c:ee:a0:
42:74:a2:dc:59:d7:e4:31:5c:2c:0b:d9:98:b1:9f:d5:45:ce:
7e:90:e9:b7:08:f4:d0:85:e6:8a:1d:d6:ec:37:fe:30:ee:17:
e3:4b:6c:71:97:31:f2:8e:87:28:64:01:84:c2:eb:ab:31:1c:
f0:26:9f:97:ee:37:f1:1b:e2:41:23:81:36:ee:11:51:23:4e:
bd:d7:89:bf:eb:5f:ce:a7:80:7e:c1:68:26:0b:79:a4:7a:2b:
63:0d:77:ae:77:84:b6:17:76:9c:23:d8:a7:51:7f:fd:87:67:
b5:42:89:06:5c:6c:a2:e7:56:c3:9d:fa:bb:27:58:c0:82:e1:
f7:9e:97:9d:6f:8b:cb:ba:33:77:a9:5d:cc:8b:1e:5f:6e:6c:
89:ff:01:ea:10:5c:89:ee:e5:56:67:30:e0:4e:0b:a8:dc:80:
6b:79:9f:08:8c:e8:76:01:d7:8b:2d:1b:0c:0f:f3:c6:40:0f:
5e:c5:04:9b:22:97:e6:f3:90:20:51:8c:1d:67:98:8f:91:17:
79:1e:1e:84:cd:ff:67:ac:6d:cd:dc:30:5f:dc:76:b4:a5:04:
00:1f:4b:8e:6d:03:57:7f:18:5c:35:ed:09:66:77:0c:7d:2c:
f8:cc:d4:a1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcGjuOavlulXeHisvxAd+ME4tnNcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwMjBaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyZTVmNWExODI1YTM0YWYzMzgzNjI0MWI4YzlkNTYwMzBjNzgwYzQ0NTU4
YzE2YzJhZDY2N2Y4ZThjMjg5NWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANpITEhEs5MGDA3T8HDKEbuzOm2Zan2y3YqmwIm6IJ/gBo/CcMsPJeXwYx0m
Q2uFEE5ZNYOO5xZ8Aq8WNOdjX8enqwJ+uEUR7pwoh1jH/6XHOUIRYro2Y7HcAyvU
4KTA+gpSXqMWYWDu7NZQzKtYV9R+RQ16qsmOjXdlRuCgZpR+4jKAkNn8ucoMzrQT
QAoIG5H+JpVWEnFDBEcGz9tMaN1hUBq8fyd+tWyM2DprkAJmVavLIFJasets5RtD
V6f/Zd8QRGY1SxLL9dlDPF6gK+q3/3sRWQS/cAzU1wWLWHHFICJhkDoKykNV2Fi3
27FqXOw3JgEVuIGC2buK7ZhxBu0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT/noS/
Ffqjlo/5NPZAxVUpMufTJjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM4YmUxYjEtNWNjOS00MGRjLWEwYzEtOTg5MjBjYzI5M2JkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII
gDANBgkqhkiG9w0BAQsFAAOCAQEACbmREcc+vpda8MG8cLUjXO6gQnSi3FnX5DFc
LAvZmLGf1UXOfpDptwj00IXmih3W7Df+MO4X40tscZcx8o6HKGQBhMLrqzEc8Caf
l+438RviQSOBNu4RUSNOvdeJv+tfzqeAfsFoJgt5pHorYw13rneEthd2nCPYp1F/
/YdntUKJBlxsoudWw536uydYwILh956XnW+Ly7ozd6ldzIseX25sif8B6hBcie7l
Vmcw4E4LqNyAa3mfCIzodgHXiy0bDA/zxkAPXsUEmyKX5vOQIFGMHWeYj5EXeR4e
hM3/Z6xtzdwwX9x2tKUEAB9Ljm0DV38YXDXtCWZ3DH0s+MzUoQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:12 2025 by rpki-client