Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
File: 97700b94-3ec6-472c-97f5-b54fb1f56f76.roa (raw, json)
Hash identifier: Xx2xWrM683ipPd93+MY7By62sZTf7Qk9UPJuLpcRtUc=
Subject key identifier: 2A:A9:AC:B3:60:5A:98:43:56:94:7D:2F:C2:7A:B2:59:91:79:5E:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 416D3366760BE2BE2D5DB31F3055C6F64F491FB0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
Signing time: Thu 26 Jun 2025 19:37:06 +0000
ROA not before: Thu 26 Jun 2025 19:37:06 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:2040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 14:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:6d:33:66:76:0b:e2:be:2d:5d:b3:1f:30:55:c6:f6:4f:49:1f:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:37:06 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=36af02e02603d09d15a06fa6b9f2cb2ca1a048158625b68030b052a2558c63e6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e5:4c:49:cb:64:42:39:ea:1f:76:7d:83:cc:
2f:86:1d:99:9e:8c:f3:71:5d:4d:ea:c9:42:92:3a:
59:2a:cc:d2:2b:d5:1d:04:4f:76:0d:8b:6a:fc:57:
3d:ed:d1:b6:82:9d:33:57:d9:39:85:6f:f2:35:a9:
52:02:1a:5e:92:fb:45:25:29:b7:ff:8b:3c:f8:c7:
8a:f0:2c:0d:34:d2:ad:38:3a:32:80:48:e2:30:0b:
13:5f:94:9d:8a:fa:93:eb:9b:46:16:8b:25:cc:27:
d9:ea:8d:ad:27:9a:2d:7a:9b:1a:2f:f9:4c:a6:19:
f1:c5:e8:df:d3:77:3f:31:48:bf:cf:5e:5c:4b:0e:
2a:8c:ea:85:c5:86:b7:c5:4e:87:5e:34:3d:5b:9c:
8b:90:b7:9c:de:40:90:d3:01:40:8f:10:e3:53:ad:
4b:64:25:10:b3:91:9d:53:c7:71:1d:19:69:23:b2:
22:80:b2:34:a8:10:17:d1:72:de:e7:15:01:40:77:
8e:ea:e6:fe:e3:61:42:ea:16:0a:92:2c:a0:53:7c:
1d:b1:df:fb:1e:d9:16:c8:54:a4:c3:ba:cb:9f:ef:
bc:1f:f7:f3:9c:da:a0:1d:7f:dd:f7:2a:bf:9f:c3:
89:7c:e9:0c:e8:52:6a:44:28:d3:5e:1a:17:b6:07:
a1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A9:AC:B3:60:5A:98:43:56:94:7D:2F:C2:7A:B2:59:91:79:5E:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:2040::/46
Signature Algorithm: sha256WithRSAEncryption
19:c7:f2:52:34:d5:d4:49:7b:ea:34:d9:d3:59:db:e3:71:46:
66:32:8b:bc:fc:17:dc:e7:1e:81:73:bf:80:25:1d:da:71:fc:
a7:19:24:ca:d1:0b:d6:34:e5:92:3a:90:e1:63:43:a1:d9:fd:
44:3a:03:e9:af:e4:e5:f1:5e:ed:48:39:67:38:81:f7:09:cc:
45:60:1e:2b:be:dc:30:3e:7e:58:d5:73:bf:4d:45:7a:48:c8:
2d:74:d5:8f:47:88:82:25:46:a5:3a:15:33:c4:2e:65:70:50:
d1:8a:7c:2e:ac:70:7b:d3:4f:54:91:8a:7d:e2:25:a2:03:8b:
b5:08:4b:3f:91:99:d7:d3:6f:c9:90:cb:ec:2a:1a:30:c4:8e:
43:84:10:40:a4:c7:db:e7:4a:73:c8:66:26:a5:60:80:0f:8c:
dc:91:d0:c8:e6:a4:64:15:65:9c:80:ff:a4:ea:0f:f1:6c:96:
f8:03:14:cd:31:1b:8d:b2:cb:c4:db:50:12:24:84:95:15:8a:
e1:1e:6d:52:99:7a:1f:57:80:95:55:b0:6d:4c:de:93:49:96:
6c:8d:cc:11:21:aa:70:a6:7e:12:df:fe:9c:bc:34:e4:af:e3:
31:3b:88:fe:a3:63:f8:e6:58:c2:bb:f2:d4:36:d4:b7:a4:39:
f2:53:f4:3b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQW0zZnYL4r4tXbMfMFXG9k9JH7AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM3MDZaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2YWYwMmUwMjYwM2QwOWQxNWEwNmZhNmI5ZjJjYjJjYTFhMDQ4MTU4NjI1
YjY4MDMwYjA1MmEyNTU4YzYzZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvlTEnLZEI56h92fYPML4YdmZ6M83FdTerJQpI6WSrM0ivVHQRPdg2LavxX
Pe3RtoKdM1fZOYVv8jWpUgIaXpL7RSUpt/+LPPjHivAsDTTSrTg6MoBI4jALE1+U
nYr6k+ubRhaLJcwn2eqNrSeaLXqbGi/5TKYZ8cXo39N3PzFIv89eXEsOKozqhcWG
t8VOh140PVuci5C3nN5AkNMBQI8Q41OtS2QlELORnVPHcR0ZaSOyIoCyNKgQF9Fy
3ucVAUB3jurm/uNhQuoWCpIsoFN8HbHf+x7ZFshUpMO6y5/vvB/385zaoB1/3fcq
v5/DiXzpDOhSakQo014aF7YHoasCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQqqayz
YFqYQ1aUfS/CerJZkXlezzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc3MDBiOTQtM2VjNi00NzJjLTk3ZjUtYjU0ZmIxZjU2Zjc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMg
QDANBgkqhkiG9w0BAQsFAAOCAQEAGcfyUjTV1El76jTZ01nb43FGZjKLvPwX3Oce
gXO/gCUd2nH8pxkkytEL1jTlkjqQ4WNDodn9RDoD6a/k5fFe7Ug5ZziB9wnMRWAe
K77cMD5+WNVzv01FekjILXTVj0eIgiVGpToVM8QuZXBQ0Yp8Lqxwe9NPVJGKfeIl
ogOLtQhLP5GZ19NvyZDL7CoaMMSOQ4QQQKTH2+dKc8hmJqVggA+M3JHQyOakZBVl
nID/pOoP8WyW+AMUzTEbjbLLxNtQEiSElRWK4R5tUpl6H1eAlVWwbUzek0mWbI3M
ESGqcKZ+Et/+nLw05K/jMTuI/qNj+OZYwrvy1DbUt6Q58lP0Ow==
-----END CERTIFICATE-----
Generated at Mon Jun 30 22:30:19 2025 by rpki-client