Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f72f8fe2-ef1f-4297-9d10-01e7c6506312.roa
File: f72f8fe2-ef1f-4297-9d10-01e7c6506312.roa (raw, json)
Hash identifier: TXepmt9VpKtt/pqC/H1T7+V61LScu6U4Q3XLgju12hU=
Subject key identifier: DF:02:75:92:68:AD:C5:43:30:0C:C0:76:97:AF:ED:35:28:EB:FE:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10FB83E8BA80448A3D60F7BACCAA8A44B7630679
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f72f8fe2-ef1f-4297-9d10-01e7c6506312.roa
Signing time: Tue 20 May 2025 19:21:05 +0000
ROA not before: Tue 20 May 2025 19:21:05 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:8080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:fb:83:e8:ba:80:44:8a:3d:60:f7:ba:cc:aa:8a:44:b7:63:06:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:21:05 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=21194e2a6ad4d2554632f949edfb71ef5af2d0675d118ffc3718a5c00aaaf95d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:49:0a:40:72:d5:5f:6f:e7:5e:68:97:ba:ef:
71:39:de:9e:d5:c6:9b:ed:19:17:c5:ed:71:63:9c:
c4:31:26:45:74:76:02:99:2a:17:5e:e4:82:ae:8f:
9e:9a:b5:50:4c:15:d0:c8:26:e0:dd:6b:f7:02:0d:
51:a3:16:54:74:b1:ff:b0:41:46:46:f9:7a:ac:40:
5b:87:99:bf:b7:bb:b2:ca:d2:c3:fa:5e:0d:7a:de:
0e:ea:e6:bb:d2:b1:a4:34:eb:87:66:30:9c:0f:69:
9e:2d:98:c3:0f:b8:c9:53:e9:92:07:3f:91:f9:d8:
28:97:6d:47:8e:62:90:f8:d3:56:b6:17:f2:16:c8:
bd:cc:cb:c2:ad:ea:c8:db:ad:90:5b:ae:14:52:73:
44:b9:d0:6f:99:6c:9d:f5:0d:be:cb:6c:ef:55:6e:
33:cc:51:11:6a:06:e3:3e:b5:3d:7b:d2:57:91:04:
ed:3f:ed:2a:4b:52:9a:58:86:20:70:b5:f6:49:fa:
a2:72:6a:ed:6a:50:94:8e:61:cf:de:01:17:3c:29:
5b:81:ad:ea:9e:92:a7:c9:f2:60:d8:83:4b:69:07:
6f:58:c3:c1:57:b4:7f:4f:a2:d5:5a:cc:e8:ed:7f:
f8:f5:ca:aa:ff:ae:38:3b:69:c3:70:8f:31:ef:a4:
3a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:02:75:92:68:AD:C5:43:30:0C:C0:76:97:AF:ED:35:28:EB:FE:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f72f8fe2-ef1f-4297-9d10-01e7c6506312.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:8080::/46
Signature Algorithm: sha256WithRSAEncryption
6f:57:e3:c2:8a:e0:e8:ae:bb:de:7e:b3:6c:48:a3:de:0a:68:
99:1f:97:d4:aa:9a:ec:6c:b6:c9:0b:be:95:2e:6a:9a:39:f1:
9d:13:c7:d9:fc:2e:e2:09:60:85:2d:4c:37:29:b9:e3:0c:03:
5a:50:a9:20:df:f8:8f:9a:14:87:56:25:46:0f:6a:ed:af:c7:
dc:df:2e:2b:10:fd:7a:bf:29:52:f1:c9:e1:2d:aa:d5:ee:ba:
40:41:15:67:69:c9:45:02:39:92:67:40:76:45:2e:c2:87:5b:
e0:ea:c4:a8:07:e0:3e:a9:cb:73:5d:03:b1:3d:11:60:6d:b0:
93:d7:c5:54:4c:81:d1:a4:fc:53:04:bc:09:0b:bf:f7:86:cd:
be:bd:4d:97:1d:19:4b:a4:03:98:6b:42:22:d9:ed:09:87:8f:
96:14:96:9a:a2:65:0f:1c:4c:c4:be:4c:e8:2e:92:bc:1c:42:
8b:ec:98:bf:7f:44:28:2c:fc:82:c8:3e:23:e1:79:6c:76:6f:
ba:3d:5d:db:ec:95:5a:c8:9e:90:53:d8:f1:b1:49:80:70:d5:
3c:2f:bd:09:26:b8:5d:4b:14:55:4e:be:5b:0e:d8:19:66:95:
63:4a:1a:03:b8:90:a2:2f:05:44:a4:ce:0c:7b:62:b4:aa:21:
94:68:1d:e8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEPuD6LqARIo9YPe6zKqKRLdjBnkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTIxMDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxMTk0ZTJhNmFkNGQyNTU0NjMyZjk0OWVkZmI3MWVmNWFmMmQwNjc1ZDEx
OGZmYzM3MThhNWMwMGFhYWY5NWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVJCkBy1V9v515ol7rvcTnentXGm+0ZF8XtcWOcxDEmRXR2ApkqF17kgq6P
npq1UEwV0Mgm4N1r9wINUaMWVHSx/7BBRkb5eqxAW4eZv7e7ssrSw/peDXreDurm
u9KxpDTrh2YwnA9pni2Yww+4yVPpkgc/kfnYKJdtR45ikPjTVrYX8hbIvczLwq3q
yNutkFuuFFJzRLnQb5lsnfUNvsts71VuM8xREWoG4z61PXvSV5EE7T/tKktSmliG
IHC19kn6onJq7WpQlI5hz94BFzwpW4Gt6p6Sp8nyYNiDS2kHb1jDwVe0f0+i1VrM
6O1/+PXKqv+uODtpw3CPMe+kOikCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTfAnWS
aK3FQzAMwHaXr+01KOv+DjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjcyZjhmZTItZWYxZi00Mjk3LTlkMTAtMDFlN2M2NTA2MzEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HuA
gDANBgkqhkiG9w0BAQsFAAOCAQEAb1fjworg6K673n6zbEij3gpomR+X1Kqa7Gy2
yQu+lS5qmjnxnRPH2fwu4glghS1MNym54wwDWlCpIN/4j5oUh1YlRg9q7a/H3N8u
KxD9er8pUvHJ4S2q1e66QEEVZ2nJRQI5kmdAdkUuwodb4OrEqAfgPqnLc10DsT0R
YG2wk9fFVEyB0aT8UwS8CQu/94bNvr1Nlx0ZS6QDmGtCItntCYePlhSWmqJlDxxM
xL5M6C6SvBxCi+yYv39EKCz8gsg+I+F5bHZvuj1d2+yVWsiekFPY8bFJgHDVPC+9
CSa4XUsUVU6+Ww7YGWaVY0oaA7iQoi8FRKTODHtitKohlGgd6A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:52 2025 by rpki-client