Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9177cdc-4634-4d34-9814-46c0484fcddb.roa
File: c9177cdc-4634-4d34-9814-46c0484fcddb.roa (raw, json)
Hash identifier: Ai+J2ZrX8bKIre4MThO1HHWpPC+Ia2De2tt3zj26qXU=
Subject key identifier: DA:FE:66:FA:B1:63:77:05:41:22:C1:30:DD:4C:1C:20:77:E9:41:D6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37B02BB95A9C2A95396DEEAC9A2A374AA1F04383
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9177cdc-4634-4d34-9814-46c0484fcddb.roa
Signing time: Tue 10 Jun 2025 17:20:38 +0000
ROA not before: Tue 10 Jun 2025 17:20:38 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:8c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:b0:2b:b9:5a:9c:2a:95:39:6d:ee:ac:9a:2a:37:4a:a1:f0:43:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:38 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=5d86bccd0b1d4bdbc781205e6681717f57b2949663c346cd34d18812d2c02d7b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8a:83:b0:6d:c4:3c:81:91:ae:a1:85:02:45:
8d:43:b1:8a:84:20:56:56:5b:b0:d3:70:c2:4b:bc:
71:8a:05:fe:11:f2:0d:72:f7:15:c1:fe:c0:38:ec:
bb:bc:cb:63:fd:28:4d:2c:d5:39:16:43:1d:6e:b8:
3b:42:2d:61:ba:a0:a4:a3:1a:f9:8b:f8:6f:d5:51:
15:81:84:29:2e:c7:7d:7a:d5:9b:10:05:e3:2f:26:
4f:bf:88:5e:df:15:31:b5:0b:46:ef:aa:77:4b:91:
92:3e:44:65:01:20:30:97:c8:fc:27:c1:f1:44:1c:
01:c8:17:b6:76:1a:a0:24:d7:74:53:f2:d2:80:34:
de:31:6b:08:2f:8a:02:6e:27:ca:80:d2:73:c2:36:
48:c8:2b:de:f3:1f:0a:c4:16:0b:31:e6:12:92:9b:
31:17:11:bf:40:57:14:b8:8e:f1:4c:ce:cb:db:65:
2f:07:4f:e5:51:1c:e8:76:48:96:cc:f1:57:ce:cf:
03:fc:0c:7b:a5:ea:a9:40:e4:7b:c7:74:eb:07:6a:
d7:89:db:59:53:93:b2:ba:98:e7:9f:7d:12:5a:f0:
85:46:f6:0e:77:fe:22:0a:5f:44:61:24:7e:2b:13:
9a:2c:03:c1:75:8a:ef:43:65:77:6d:11:99:2e:6d:
22:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:FE:66:FA:B1:63:77:05:41:22:C1:30:DD:4C:1C:20:77:E9:41:D6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9177cdc-4634-4d34-9814-46c0484fcddb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:8c0::/46
Signature Algorithm: sha256WithRSAEncryption
a5:aa:40:e5:19:14:18:23:62:85:4f:00:2d:7f:14:8a:e7:32:
b2:e9:ff:89:5c:42:a9:5d:e0:24:92:9a:a7:f9:f6:9b:16:80:
d5:cf:c2:55:77:54:14:3d:8f:af:22:4c:af:3e:d5:ec:de:7c:
19:de:e4:1c:80:44:90:7a:93:71:53:1f:ac:b9:fb:18:49:34:
be:60:6c:93:b2:dc:ba:d6:94:8c:20:30:67:4d:30:1a:3c:8c:
09:54:c6:8a:6d:94:75:db:7b:ab:a6:ce:a0:d9:a4:c9:78:36:
15:eb:49:00:a5:e0:87:4a:fd:66:18:31:90:28:93:da:ca:7a:
93:f4:5d:98:0c:a2:f3:dc:bd:87:07:42:eb:b7:a8:c4:cf:e8:
01:d1:f6:d5:fe:c5:9f:ba:ea:1a:15:d0:1a:e2:1f:2e:2e:3d:
25:71:1e:4c:d0:a6:1d:c3:5e:7f:bf:e1:e4:6a:8c:60:91:e2:
b4:c4:2e:a6:31:e8:4c:cd:e3:9e:bc:b8:89:41:72:af:35:2a:
6d:63:49:85:77:33:46:f4:dc:0e:9e:3d:69:2c:30:dc:0e:60:
a0:b5:19:45:58:29:69:ef:34:f0:aa:c7:99:ca:91:d2:e8:80:
59:60:a3:8a:63:6c:49:70:5b:d7:9d:88:85:90:10:4f:06:ec:
79:91:ae:4f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUN7AruVqcKpU5be6smio3SqHwQ4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwMzhaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkODZiY2NkMGIxZDRiZGJjNzgxMjA1ZTY2ODE3MTdmNTdiMjk0OTY2M2Mz
NDZjZDM0ZDE4ODEyZDJjMDJkN2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOKg7BtxDyBka6hhQJFjUOxioQgVlZbsNNwwku8cYoF/hHyDXL3FcH+wDjs
u7zLY/0oTSzVORZDHW64O0ItYbqgpKMa+Yv4b9VRFYGEKS7HfXrVmxAF4y8mT7+I
Xt8VMbULRu+qd0uRkj5EZQEgMJfI/CfB8UQcAcgXtnYaoCTXdFPy0oA03jFrCC+K
Am4nyoDSc8I2SMgr3vMfCsQWCzHmEpKbMRcRv0BXFLiO8UzOy9tlLwdP5VEc6HZI
lszxV87PA/wMe6XqqUDke8d06wdq14nbWVOTsrqY5599ElrwhUb2Dnf+IgpfRGEk
fisTmiwDwXWK70Nld20RmS5tIjsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTa/mb6
sWN3BUEiwTDdTBwgd+lB1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzkxNzdjZGMtNDYzNC00ZDM0LTk4MTQtNDZjMDQ4NGZjZGRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HsI
wDANBgkqhkiG9w0BAQsFAAOCAQEApapA5RkUGCNihU8ALX8Uiucysun/iVxCqV3g
JJKap/n2mxaA1c/CVXdUFD2PryJMrz7V7N58Gd7kHIBEkHqTcVMfrLn7GEk0vmBs
k7LcutaUjCAwZ00wGjyMCVTGim2Uddt7q6bOoNmkyXg2FetJAKXgh0r9ZhgxkCiT
2sp6k/RdmAyi89y9hwdC67eoxM/oAdH21f7Fn7rqGhXQGuIfLi49JXEeTNCmHcNe
f7/h5GqMYJHitMQupjHoTM3jnry4iUFyrzUqbWNJhXczRvTcDp49aSww3A5goLUZ
RVgpae808KrHmcqR0uiAWWCjimNsSXBb152IhZAQTwbseZGuTw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:32 2025 by rpki-client