Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
File: f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa (raw, json)
Hash identifier: 5IGm3PY4uYX44grk/btV1ysR7in6UaJltfCTF53kREo=
Subject key identifier: 5C:99:80:EF:76:C7:96:2F:77:C8:39:83:A5:79:5E:1C:2B:05:8B:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 329011357977BFBA2D87EFC0130573FB860793D5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
Signing time: Fri 06 Jun 2025 15:10:55 +0000
ROA not before: Fri 06 Jun 2025 15:10:55 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:90:11:35:79:77:bf:ba:2d:87:ef:c0:13:05:73:fb:86:07:93:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:55 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=d182d38f7e3147d23d64255d5dc7e11b18b3c2f85fce3b5643fb52ce6b0b25ca, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3f:b1:67:22:72:e4:97:70:9c:1f:73:66:4c:
65:09:16:c5:da:8e:ac:ce:ce:62:c6:3a:33:5a:39:
3b:de:9a:1e:bb:67:02:65:5f:97:a5:0b:ca:f7:ae:
e7:bf:60:3d:bb:56:de:4c:10:a2:c4:5d:ee:02:d0:
72:00:4a:d4:c8:63:41:6d:8a:27:fc:44:22:02:e9:
95:1a:14:ab:a6:11:80:42:5d:82:00:3e:ed:35:37:
c3:96:04:50:b4:bb:85:61:39:d2:01:0c:d4:88:9c:
d5:e8:76:99:66:fd:49:0d:29:44:13:ed:ee:4a:de:
0e:22:26:94:05:a7:bb:ad:9a:35:6a:0e:96:68:3e:
a9:ed:54:ca:54:db:c5:98:2b:49:79:19:3e:e6:4c:
4e:23:29:36:17:7b:41:19:a4:42:69:fa:8d:02:ba:
3e:dc:66:d9:b3:9b:99:d6:d0:39:69:d2:bc:d2:e8:
6f:23:58:b2:dc:78:0a:b1:8c:98:7e:bf:cf:ef:58:
f8:a6:84:94:ee:61:ea:18:4d:0b:f7:ee:16:a6:24:
3c:8f:79:49:24:3d:98:70:25:40:d5:a6:94:b1:b8:
0c:0f:e1:ad:1c:22:ed:56:02:08:d3:8d:ac:8d:6e:
12:17:ed:6d:99:21:a0:82:12:ee:d7:34:36:7f:2c:
01:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:99:80:EF:76:C7:96:2F:77:C8:39:83:A5:79:5E:1C:2B:05:8B:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:e000::/40
Signature Algorithm: sha256WithRSAEncryption
9d:b4:78:31:52:f1:5f:66:e2:6c:7e:fd:c2:62:64:58:b3:00:
e5:b4:ac:7f:13:05:b1:c0:6f:f2:95:6d:55:f7:48:96:16:9a:
0c:6f:c6:02:04:47:d1:55:60:d9:1f:91:80:d0:c3:a6:c0:2f:
cb:14:2d:65:41:ae:e1:07:f1:d8:7d:23:7d:08:95:a4:57:7c:
e9:f3:16:59:ee:01:9e:37:8f:06:55:32:7d:16:9b:00:3c:03:
11:85:da:e0:44:a4:7a:f9:08:34:0f:c0:ae:e5:52:21:cc:b9:
64:54:ff:d2:05:ec:19:d4:93:3a:6b:1c:0a:31:ab:08:66:b7:
de:fd:ea:b6:55:0b:c2:cf:07:48:ff:77:ab:11:3c:8a:5c:26:
12:ac:7d:fa:f0:2f:54:17:f6:9e:87:5c:86:b1:7f:45:e3:4f:
89:eb:b4:bb:f5:5c:c1:5b:c2:2a:96:8c:09:58:f8:4f:ed:58:
20:75:73:9c:02:5e:28:66:ad:c8:74:97:1d:32:1d:06:f3:00:
a9:ae:15:f0:b2:2f:f9:8e:57:9d:5a:91:f7:dc:c6:75:8f:c8:
cc:83:01:b8:f0:bc:f2:85:9b:44:49:fc:65:8f:bf:23:e4:45:
18:76:af:c3:dc:27:61:60:e7:95:ba:92:df:f0:75:77:75:7e:
69:94:71:a4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMpARNXl3v7oth+/AEwVz+4YHk9UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwNTVaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxODJkMzhmN2UzMTQ3ZDIzZDY0MjU1ZDVkYzdlMTFiMThiM2MyZjg1ZmNl
M2I1NjQzZmI1MmNlNmIwYjI1Y2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4/sWcicuSXcJwfc2ZMZQkWxdqOrM7OYsY6M1o5O96aHrtnAmVfl6ULyveu
579gPbtW3kwQosRd7gLQcgBK1MhjQW2KJ/xEIgLplRoUq6YRgEJdggA+7TU3w5YE
ULS7hWE50gEM1Iic1eh2mWb9SQ0pRBPt7kreDiImlAWnu62aNWoOlmg+qe1UylTb
xZgrSXkZPuZMTiMpNhd7QRmkQmn6jQK6Ptxm2bObmdbQOWnSvNLobyNYstx4CrGM
mH6/z+9Y+KaElO5h6hhNC/fuFqYkPI95SSQ9mHAlQNWmlLG4DA/hrRwi7VYCCNON
rI1uEhftbZkhoIIS7tc0Nn8sAVkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRcmYDv
dseWL3fIOYOleV4cKwWLTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdjMTRjYjMtMjRkNS00ODkwLTg4ODktY2I3YzI2MzM4YTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDg
MA0GCSqGSIb3DQEBCwUAA4IBAQCdtHgxUvFfZuJsfv3CYmRYswDltKx/EwWxwG/y
lW1V90iWFpoMb8YCBEfRVWDZH5GA0MOmwC/LFC1lQa7hB/HYfSN9CJWkV3zp8xZZ
7gGeN48GVTJ9FpsAPAMRhdrgRKR6+Qg0D8Cu5VIhzLlkVP/SBewZ1JM6axwKMasI
Zrfe/eq2VQvCzwdI/3erETyKXCYSrH368C9UF/aeh1yGsX9F40+J67S79VzBW8Iq
lowJWPhP7VggdXOcAl4oZq3IdJcdMh0G8wCprhXwsi/5jledWpH33MZ1j8jMgwG4
8LzyhZtESfxlj78j5EUYdq/D3CdhYOeVupLf8HV3dX5plHGk
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:09 2025 by rpki-client