Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa
File: 7175e6ba-4879-48cc-b428-9cd0d88a156a.roa (raw, json)
Hash identifier: 1pzEbv7o13DQmzxUrN9ezEsqYrT1oXTEu4327n4+diI=
Subject key identifier: 67:4D:CA:93:86:E8:1A:B2:51:8F:D2:69:0C:79:A3:A0:1C:ED:DD:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C393FBD460957165C83FED5280B3AB80CE7AB66
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa
Signing time: Tue 10 Jun 2025 17:20:14 +0000
ROA not before: Tue 10 Jun 2025 17:20:14 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:39:3f:bd:46:09:57:16:5c:83:fe:d5:28:0b:3a:b8:0c:e7:ab:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:14 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=5abd2b6331d331123a542c420bcbc13e5b15045255c1079eca25da889246d609, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:31:f5:10:07:83:5f:80:a5:2e:c2:68:db:3a:
18:e6:55:63:a0:33:9c:98:ba:89:c2:e7:7d:45:32:
36:8a:e0:ef:f2:27:ad:d7:7e:43:37:74:28:c8:12:
44:98:e8:1b:6f:28:2a:89:3c:dd:31:d5:ef:9a:e6:
e2:c5:18:18:aa:bd:46:af:7f:bd:bc:10:98:de:a9:
b6:bc:17:d0:1d:1c:34:17:91:e3:7d:a2:38:fe:e8:
cc:f4:0f:8b:ac:46:ae:fb:f1:91:11:d1:8c:12:8d:
b5:91:cb:a9:29:9f:b0:6b:f4:0f:fa:f4:7e:64:de:
9a:f7:c2:07:f8:41:48:e7:de:31:66:5e:e0:58:fd:
70:3d:e2:16:80:1a:e1:f5:f1:84:ae:13:4c:70:56:
d6:84:d8:de:8a:08:68:de:49:c9:22:17:a8:a2:c6:
ea:9b:69:db:ff:e7:aa:d6:a8:81:10:95:53:ad:64:
78:92:7f:97:7f:1e:c0:48:fd:9f:9f:25:1b:39:71:
b5:f7:70:90:a8:e1:26:03:f8:09:83:c9:36:6e:52:
98:5b:99:78:84:fe:cb:6c:71:fa:df:96:b3:f9:7b:
11:69:ed:b2:f5:05:ef:d5:52:a8:18:d6:3a:6c:4b:
e4:ba:28:b3:ba:d6:26:3e:2f:57:58:0e:4e:79:8f:
2a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:4D:CA:93:86:E8:1A:B2:51:8F:D2:69:0C:79:A3:A0:1C:ED:DD:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
24:1d:64:dc:9b:c1:2b:57:42:43:34:25:13:a7:51:70:c9:a8:
11:19:e9:a5:04:7e:12:d3:2c:13:9d:98:09:b6:18:ef:fc:a4:
a9:8f:ad:dd:4c:5f:3e:ee:d6:59:12:cf:b2:8e:35:e7:77:43:
2a:b0:da:b3:d5:5d:b9:dc:55:c4:25:58:d4:e5:d9:8f:d8:ec:
87:9e:e6:09:07:ab:f6:41:57:ae:43:a1:e5:83:fd:d6:b6:c4:
4f:99:3a:37:53:85:ba:fe:04:80:a0:c5:ee:b1:b3:11:17:a7:
0f:22:f6:50:64:3e:f7:66:14:13:8f:0d:b1:6e:4f:58:4a:d7:
6d:ef:fd:08:d1:d2:10:e0:21:9a:25:6e:a8:a2:b8:88:d8:72:
03:7d:f0:cc:10:38:9b:09:f1:f2:e6:fe:e8:de:31:7f:be:07:
be:f9:b6:90:e5:e4:3b:ea:f6:08:48:6c:1c:fa:fc:05:16:89:
4c:26:84:8d:c7:63:be:b4:78:2b:c9:76:4c:9f:c9:af:bf:0f:
5d:7c:34:fb:6b:4e:b5:a0:e6:00:fb:97:95:12:9f:3e:dd:67:
ac:7d:57:a5:1c:52:9b:1b:ab:2e:39:ff:19:a9:ad:71:52:6d:
8c:b8:1e:79:b9:10:75:9d:2b:8c:b6:46:5c:12:1c:d3:b1:40:
39:dd:3d:cf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPDk/vUYJVxZcg/7VKAs6uAznq2YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwMTRaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhYmQyYjYzMzFkMzMxMTIzYTU0MmM0MjBiY2JjMTNlNWIxNTA0NTI1NWMx
MDc5ZWNhMjVkYTg4OTI0NmQ2MDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAx9RAHg1+ApS7CaNs6GOZVY6AznJi6icLnfUUyNorg7/Inrdd+Qzd0KMgS
RJjoG28oKok83THV75rm4sUYGKq9Rq9/vbwQmN6ptrwX0B0cNBeR432iOP7ozPQP
i6xGrvvxkRHRjBKNtZHLqSmfsGv0D/r0fmTemvfCB/hBSOfeMWZe4Fj9cD3iFoAa
4fXxhK4TTHBW1oTY3ooIaN5JySIXqKLG6ptp2//nqtaogRCVU61keJJ/l38ewEj9
n58lGzlxtfdwkKjhJgP4CYPJNm5SmFuZeIT+y2xx+t+Ws/l7EWntsvUF79VSqBjW
OmxL5Loos7rWJj4vV1gOTnmPKlECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRnTcqT
hugaslGP0mkMeaOgHO3dpjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzE3NWU2YmEtNDg3OS00OGNjLWI0MjgtOWNkMGQ4OGExNTZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEI
wDANBgkqhkiG9w0BAQsFAAOCAQEAJB1k3JvBK1dCQzQlE6dRcMmoERnppQR+EtMs
E52YCbYY7/ykqY+t3UxfPu7WWRLPso4153dDKrDas9VdudxVxCVY1OXZj9jsh57m
CQer9kFXrkOh5YP91rbET5k6N1OFuv4EgKDF7rGzERenDyL2UGQ+92YUE48NsW5P
WErXbe/9CNHSEOAhmiVuqKK4iNhyA33wzBA4mwnx8ub+6N4xf74Hvvm2kOXkO+r2
CEhsHPr8BRaJTCaEjcdjvrR4K8l2TJ/Jr78PXXw0+2tOtaDmAPuXlRKfPt1nrH1X
pRxSmxurLjn/GamtcVJtjLgeebkQdZ0rjLZGXBIc07FAOd09zw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:09 2025 by rpki-client