Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
File: 35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa (raw, json)
Hash identifier: nJYUfNm1HqBmMHnFP1SvKTtEhg16LCPLyZS1exiE/Xw=
Subject key identifier: 59:9D:8D:6F:26:2A:89:B6:9D:3C:6C:65:A0:1A:90:F6:9D:A6:F6:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FEB6C80BDFF668178F7F77036E2AFC2D8244522
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
Signing time: Tue 20 May 2025 18:30:48 +0000
ROA not before: Tue 20 May 2025 18:30:48 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:40a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:eb:6c:80:bd:ff:66:81:78:f7:f7:70:36:e2:af:c2:d8:24:45:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:30:48 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=fcd73ff8f43b2b96685ad6375ac8d427c145f3e3917b5c3cd5fff83179fc00d1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:53:b5:7e:f8:55:fc:d6:c4:d0:5c:1d:af:b6:
7c:46:ad:29:53:dc:db:60:99:9e:3d:92:a5:0a:4c:
22:f5:8b:19:cf:be:03:0b:e6:e3:b4:f7:2c:71:de:
b7:56:8b:c3:5d:bc:40:1a:1a:33:32:11:34:84:bf:
d5:8a:71:d8:82:5e:e8:7d:1a:5b:e6:3f:3d:64:66:
d4:d5:d5:46:76:cc:56:f6:92:9a:25:8d:68:df:54:
0e:3e:1b:5b:b9:aa:fd:4a:3d:17:c7:3c:b1:e8:d5:
f8:c1:46:8d:44:4e:25:c8:c5:af:e0:bd:ca:ff:2d:
1e:f1:e4:d6:95:13:97:e0:16:2e:6d:92:1f:87:49:
53:52:64:6f:26:f0:07:ec:95:8d:e9:7c:38:8b:1a:
68:28:34:8f:24:7e:7f:06:82:b7:c7:7c:c0:db:75:
da:04:39:d0:cf:80:f1:3d:91:21:40:65:6c:0f:fd:
8e:14:f0:97:53:78:97:e5:83:b4:7f:51:b9:bf:6c:
e1:12:52:09:00:f5:06:20:5c:cf:9d:3d:43:88:15:
be:9f:49:cc:18:12:5b:a9:12:b3:8e:1e:80:a7:09:
29:5f:51:78:81:f3:b9:cf:ca:e3:4c:c1:91:b7:18:
25:3b:77:26:da:9c:f4:06:98:0e:93:80:77:9f:b7:
20:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:9D:8D:6F:26:2A:89:B6:9D:3C:6C:65:A0:1A:90:F6:9D:A6:F6:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:40a0::/48
Signature Algorithm: sha256WithRSAEncryption
ab:76:75:c9:b1:54:36:55:56:5c:88:57:76:f7:d9:b5:e5:09:
ab:92:4a:24:e4:10:82:0c:52:01:62:5e:e9:a3:36:15:d1:61:
74:a0:4f:da:b3:40:87:49:04:e0:1a:70:74:6b:3b:a6:78:bd:
94:08:d9:19:a7:1c:97:29:2b:7e:d2:c3:7d:41:3c:52:97:60:
3d:ed:55:eb:a8:5b:0b:63:fa:27:04:8b:e4:a7:6d:2e:c9:02:
78:a8:99:24:cf:50:f2:d1:ac:4e:97:98:da:f8:0f:ec:eb:59:
92:c7:96:3d:f4:ea:16:01:32:82:57:f9:4b:40:2a:55:25:e3:
f5:fe:e4:af:b9:82:e6:46:08:20:35:a6:6d:8d:e2:12:92:2a:
8e:2d:49:08:a2:7c:c3:ca:55:ed:d9:00:3e:65:62:4b:7e:99:
9f:bb:20:92:cc:f3:3e:67:30:8f:df:5f:c9:08:6d:8b:00:aa:
67:1f:2a:ab:db:2c:8e:66:41:3f:23:ae:c8:33:17:7e:c1:8d:
36:b1:00:a1:2f:2b:24:79:81:8a:5b:4e:cb:0d:bc:e5:a5:e4:
60:a2:bc:74:3e:48:c0:ab:d2:4b:22:73:9a:f9:ba:4a:db:36:
a1:98:80:15:12:e9:07:6c:52:65:1f:98:c7:09:36:31:2b:14:
be:96:38:d6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUP+tsgL3/ZoF49/dwNuKvwtgkRSIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODMwNDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjZDczZmY4ZjQzYjJiOTY2ODVhZDYzNzVhYzhkNDI3YzE0NWYzZTM5MTdi
NWMzY2Q1ZmZmODMxNzlmYzAwZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJhTtX74VfzWxNBcHa+2fEatKVPc22CZnj2SpQpMIvWLGc++Awvm47T3LHHe
t1aLw128QBoaMzIRNIS/1Ypx2IJe6H0aW+Y/PWRm1NXVRnbMVvaSmiWNaN9UDj4b
W7mq/Uo9F8c8sejV+MFGjUROJcjFr+C9yv8tHvHk1pUTl+AWLm2SH4dJU1Jkbybw
B+yVjel8OIsaaCg0jyR+fwaCt8d8wNt12gQ50M+A8T2RIUBlbA/9jhTwl1N4l+WD
tH9Rub9s4RJSCQD1BiBcz509Q4gVvp9JzBgSW6kSs44egKcJKV9ReIHzuc/K40zB
kbcYJTt3Jtqc9AaYDpOAd5+3IPECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRZnY1v
JiqJtp08bGWgGpD2nab2fzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVhZTBhYTEtYmI0Zi00OGQzLTk5MjYtMWU1ODUyZDU0YzZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
oDANBgkqhkiG9w0BAQsFAAOCAQEAq3Z1ybFUNlVWXIhXdvfZteUJq5JKJOQQggxS
AWJe6aM2FdFhdKBP2rNAh0kE4BpwdGs7pni9lAjZGacclykrftLDfUE8UpdgPe1V
66hbC2P6JwSL5KdtLskCeKiZJM9Q8tGsTpeY2vgP7OtZkseWPfTqFgEyglf5S0Aq
VSXj9f7kr7mC5kYIIDWmbY3iEpIqji1JCKJ8w8pV7dkAPmViS36Zn7sgkszzPmcw
j99fyQhtiwCqZx8qq9ssjmZBPyOuyDMXfsGNNrEAoS8rJHmBiltOyw285aXkYKK8
dD5IwKvSSyJzmvm6Sts2oZiAFRLpB2xSZR+Yxwk2MSsUvpY41g==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:59 2025 by rpki-client