Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa
File: da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa (raw, json)
Hash identifier: LhAVI5nYa10zY6EYDWo7vZfspYIj5eeDzp0USJtEUBU=
Subject key identifier: 38:B0:F4:D4:FE:48:80:F9:7C:ED:41:EE:3B:89:2F:9A:BC:B5:0E:EA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2CAD147E07EF53CCAF338DA442E447E39F1AD8C3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa
Signing time: Tue 10 Jun 2025 17:20:13 +0000
ROA not before: Tue 10 Jun 2025 17:20:13 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:ad:14:7e:07:ef:53:cc:af:33:8d:a4:42:e4:47:e3:9f:1a:d8:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:13 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=9504cbee77777a70cbd796d9c4beff5018bf440e8872cf090371d5e7f398e369, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:fa:f8:1b:43:98:86:4a:20:0b:1b:44:eb:c0:
5a:49:d4:93:3e:7e:f0:18:db:0a:87:98:36:00:1c:
b9:00:e9:69:9e:0b:07:c5:e1:93:54:af:d5:5f:71:
4d:8e:b7:c4:03:e4:0f:09:4c:6a:53:13:e6:88:ac:
84:87:00:f2:d6:34:67:dd:4d:62:92:30:65:19:ed:
66:26:4d:e2:fa:99:54:5d:c9:34:c8:81:c8:12:2c:
d4:fc:e8:d0:fb:fd:02:71:6a:eb:f2:63:36:bd:11:
a4:fe:a5:1a:4a:4f:46:c9:2d:f4:32:7f:ae:96:29:
e7:0e:dc:ae:b9:39:0a:ce:f3:07:f2:dc:93:11:53:
05:77:e2:5a:22:bd:7a:01:b7:dd:33:01:5f:0b:98:
5d:d9:0f:3b:96:95:b6:66:4d:c6:9b:12:a9:32:ab:
14:d4:0d:59:25:0b:14:05:d0:8b:48:dc:a8:ba:d0:
3c:86:30:1e:c0:45:bf:dc:34:f1:a6:e0:cb:07:05:
c1:bf:8f:fb:c7:63:b0:36:25:eb:ac:f4:57:59:4f:
5b:b2:fb:d8:63:26:e7:ec:e4:9b:80:d1:02:dd:d6:
09:9d:48:b4:f3:9b:ee:1f:29:33:c1:d6:38:46:c4:
27:de:84:79:fe:49:48:3d:db:af:ae:3c:6f:85:f5:
6d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B0:F4:D4:FE:48:80:F9:7C:ED:41:EE:3B:89:2F:9A:BC:B5:0E:EA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:880::/48
Signature Algorithm: sha256WithRSAEncryption
47:55:d4:e9:59:e6:26:b3:2a:33:c7:51:58:ad:9b:42:67:fe:
6c:c0:96:1a:7f:76:73:2f:3a:25:bb:ce:71:8c:16:b3:3a:5f:
3b:3c:78:fe:54:69:34:28:3a:fa:29:f0:76:75:ad:ba:87:90:
1e:c4:c3:c3:3b:21:c6:8c:39:cc:18:e5:8b:2b:f8:41:e5:d8:
64:c7:1f:0d:ee:0d:51:34:42:62:c1:3c:51:18:cd:f7:db:fd:
0d:8c:ae:eb:91:5e:00:07:dd:ef:8c:ce:50:d1:93:a5:a5:dc:
b6:82:78:03:71:1d:70:53:bf:62:81:5f:56:7b:16:7d:74:d3:
c1:72:6d:bb:62:94:8b:fb:85:10:6b:2d:ce:fb:cf:6a:35:90:
76:71:68:e4:0f:c3:34:e7:85:e5:df:70:54:da:1f:bd:69:ee:
93:67:b9:26:c8:fe:83:09:08:57:b3:e8:aa:6b:f1:2d:c1:27:
7d:54:68:39:78:57:96:4b:48:81:2f:99:08:6a:cd:ae:65:87:
bb:c0:b6:a5:ff:73:69:58:bc:24:7c:bd:68:35:96:a9:7b:92:
46:2b:4c:0c:33:b9:d2:6d:03:25:b6:f2:83:6c:32:c9:07:a2:
6b:03:02:0f:9a:b7:03:3a:57:6e:cd:1f:77:70:c4:4e:b8:5d:
3f:59:85:14
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULK0UfgfvU8yvM42kQuRH458a2MMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwMTNaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1MDRjYmVlNzc3NzdhNzBjYmQ3OTZkOWM0YmVmZjUwMThiZjQ0MGU4ODcy
Y2YwOTAzNzFkNWU3ZjM5OGUzNjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN/6+BtDmIZKIAsbROvAWknUkz5+8BjbCoeYNgAcuQDpaZ4LB8Xhk1Sv1V9x
TY63xAPkDwlMalMT5oishIcA8tY0Z91NYpIwZRntZiZN4vqZVF3JNMiByBIs1Pzo
0Pv9AnFq6/JjNr0RpP6lGkpPRskt9DJ/rpYp5w7crrk5Cs7zB/LckxFTBXfiWiK9
egG33TMBXwuYXdkPO5aVtmZNxpsSqTKrFNQNWSULFAXQi0jcqLrQPIYwHsBFv9w0
8abgywcFwb+P+8djsDYl66z0V1lPW7L72GMm5+zkm4DRAt3WCZ1ItPOb7h8pM8HW
OEbEJ96Eef5JSD3br648b4X1bYUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ4sPTU
/kiA+XztQe47iS+avLUO6jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGE3YjhjNGUtZWUwYS00NWNkLWI2ZTMtN2JhY2Y4YTllMmYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I
gDANBgkqhkiG9w0BAQsFAAOCAQEAR1XU6VnmJrMqM8dRWK2bQmf+bMCWGn92cy86
JbvOcYwWszpfOzx4/lRpNCg6+inwdnWtuoeQHsTDwzshxow5zBjliyv4QeXYZMcf
De4NUTRCYsE8URjN99v9DYyu65FeAAfd74zOUNGTpaXctoJ4A3EdcFO/YoFfVnsW
fXTTwXJtu2KUi/uFEGstzvvPajWQdnFo5A/DNOeF5d9wVNofvWnuk2e5Jsj+gwkI
V7PoqmvxLcEnfVRoOXhXlktIgS+ZCGrNrmWHu8C2pf9zaVi8JHy9aDWWqXuSRitM
DDO50m0DJbbyg2wyyQeiawMCD5q3AzpXbs0fd3DETrhdP1mFFA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:52 2025 by rpki-client