Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
File: 57b964c4-07ca-4501-bd01-5cb8936846cc.roa (raw, json)
Hash identifier: 6Czlj9WntY7MVbh0paNAirA8SXY5cr1dJMXuacXbvso=
Subject key identifier: 5E:6A:F9:33:63:1A:4E:4E:97:75:A8:76:85:76:26:DD:F2:C7:F3:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63B109A51E59A32FAC99C8320D94F57F5D22CAB0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
Signing time: Sat 12 Jul 2025 00:51:28 +0000
ROA not before: Sat 12 Jul 2025 00:51:28 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:b1:09:a5:1e:59:a3:2f:ac:99:c8:32:0d:94:f5:7f:5d:22:ca:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:51:28 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=7f2b9ae7261407c6045a2ba76a44367edafb2753cf314365ca6d6ea621c1ecbe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:29:c0:43:60:5c:3d:a8:be:8d:a2:7c:4e:e9:
d9:dc:75:b6:fd:bf:ed:4a:45:53:1f:b4:0a:b5:10:
e0:0a:1e:62:d8:64:a3:c5:32:94:50:2c:5f:c7:e9:
6e:34:72:2b:7e:ac:80:e2:6e:21:f6:f4:b2:06:8b:
b9:04:a8:ef:87:55:84:66:36:59:e7:20:cf:2f:1d:
0d:95:06:f6:98:cb:fa:ef:27:d1:24:48:cb:05:30:
fc:89:e8:f7:83:43:ee:25:29:e7:e6:b9:9d:aa:1b:
89:2c:c2:92:00:89:04:fd:d6:ca:58:df:cd:ee:ba:
33:9f:83:d9:f4:06:c7:c6:7e:3f:eb:fb:86:01:1f:
a9:d3:26:67:f8:0b:a2:46:78:84:7a:30:a3:1f:14:
8e:a9:20:91:ea:ae:40:89:4c:8a:30:1a:e9:2e:af:
1a:db:6f:25:61:4c:02:75:84:81:a7:4e:38:85:ac:
01:2e:00:a0:6a:73:d0:ab:f3:5e:43:b5:ba:21:0d:
a1:54:76:58:f6:10:78:68:6a:29:e2:e1:f2:5f:30:
75:e9:84:9c:23:44:79:ad:3e:a9:60:f7:25:5e:55:
89:16:ac:51:f2:e8:bd:1c:71:2b:e9:e4:05:a9:ca:
46:da:ab:6a:2b:fd:b4:3f:47:1c:cd:d3:2e:4d:3a:
53:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:6A:F9:33:63:1A:4E:4E:97:75:A8:76:85:76:26:DD:F2:C7:F3:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
3e:2e:70:0f:59:44:f8:d7:88:6a:6e:05:17:4c:f2:74:3a:c9:
e3:87:6e:c3:47:1e:a6:d9:d2:8d:ab:54:da:d3:b8:c3:b2:5d:
03:4e:60:2b:ce:96:c1:a0:ad:b7:6e:58:f7:9a:c6:e5:e4:64:
22:65:a1:84:f7:7d:7a:88:d8:ac:68:67:50:94:eb:68:8d:bd:
c5:ef:23:d2:e0:da:29:08:ca:ed:a1:29:8d:49:bf:6f:a6:b3:
05:c0:ad:06:5e:a5:b9:4f:bb:98:5c:4e:e4:0f:05:66:32:ac:
20:e5:ea:27:12:95:75:b9:85:2f:c0:14:80:2f:a3:39:f0:ba:
82:b4:69:16:25:b9:82:f3:1b:97:ea:a7:a9:89:e3:7d:33:d4:
61:9c:00:46:b8:6b:de:0a:ba:ad:90:93:88:d0:7d:65:7c:4d:
fc:1c:fd:fb:d3:02:19:63:3b:be:d6:77:8e:e7:52:76:30:93:
3f:e2:25:e4:f0:13:08:24:04:47:90:2f:25:39:81:4a:3d:44:
4b:43:bb:84:36:6c:3f:b2:99:95:d4:46:0c:19:9e:c1:6f:61:
8b:a2:f1:80:41:3b:3d:55:e7:ad:23:60:4e:98:c2:a9:52:c4:
66:ed:13:3f:c2:b0:7f:c3:31:77:01:be:17:79:ba:e8:ed:64:
40:65:3c:5d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY7EJpR5Zoy+smcgyDZT1f10iyrAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUxMjhaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmMmI5YWU3MjYxNDA3YzYwNDVhMmJhNzZhNDQzNjdlZGFmYjI3NTNjZjMx
NDM2NWNhNmQ2ZWE2MjFjMWVjYmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANApwENgXD2ovo2ifE7p2dx1tv2/7UpFUx+0CrUQ4AoeYthko8UylFAsX8fp
bjRyK36sgOJuIfb0sgaLuQSo74dVhGY2Wecgzy8dDZUG9pjL+u8n0SRIywUw/Ino
94ND7iUp5+a5naobiSzCkgCJBP3Wyljfze66M5+D2fQGx8Z+P+v7hgEfqdMmZ/gL
okZ4hHowox8UjqkgkequQIlMijAa6S6vGttvJWFMAnWEgadOOIWsAS4AoGpz0Kvz
XkO1uiENoVR2WPYQeGhqKeLh8l8wdemEnCNEea0+qWD3JV5ViRasUfLovRxxK+nk
BanKRtqraiv9tD9HHM3TLk06U3ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBReavkz
YxpOTpd1qHaFdibd8sfzazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTdiOTY0YzQtMDdjYS00NTAxLWJkMDEtNWNiODkzNjg0NmNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+w
MA0GCSqGSIb3DQEBCwUAA4IBAQA+LnAPWUT414hqbgUXTPJ0Osnjh27DRx6m2dKN
q1Ta07jDsl0DTmArzpbBoK23blj3msbl5GQiZaGE9316iNisaGdQlOtojb3F7yPS
4NopCMrtoSmNSb9vprMFwK0GXqW5T7uYXE7kDwVmMqwg5eonEpV1uYUvwBSAL6M5
8LqCtGkWJbmC8xuX6qepieN9M9RhnABGuGveCrqtkJOI0H1lfE38HP370wIZYzu+
1neO51J2MJM/4iXk8BMIJARHkC8lOYFKPURLQ7uENmw/spmV1EYMGZ7Bb2GLovGA
QTs9VeetI2BOmMKpUsRm7RM/wrB/wzF3Ab4Xebro7WRAZTxd
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:17 2025 by rpki-client