Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa
File: 9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa (raw, json)
Hash identifier: 0c8qMNmVw6mqg3RGoiBekQ1ap+zaa8dalK06YqVpRzc=
Subject key identifier: B5:99:59:FC:D6:F0:C7:D0:01:13:DE:2A:4A:C0:F5:A5:24:43:FE:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 394035A003472A3914753B2A4F084F016341E96D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa
Signing time: Thu 26 Jun 2025 19:38:51 +0000
ROA not before: Thu 26 Jun 2025 19:38:51 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:90c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 14:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:40:35:a0:03:47:2a:39:14:75:3b:2a:4f:08:4f:01:63:41:e9:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:38:51 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=313f9d771997ad34c69a0a4c76356f8eba1716843d4aec3103e748229fc6a774, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a3:5b:e8:07:19:68:28:a6:6b:ff:16:32:34:
c5:b2:2a:ea:ac:c2:76:91:5d:c6:d9:1b:c0:3d:55:
df:80:f4:99:ae:cb:37:32:3e:47:14:c8:06:a4:7c:
91:17:58:0c:1c:1b:8c:f9:04:3d:1a:d4:7f:4c:d4:
77:40:f2:c4:29:2a:fe:34:5d:84:b0:3c:1a:82:3b:
21:35:97:66:0f:da:0e:15:68:fe:f8:b2:e7:46:fe:
e5:81:05:ca:eb:f1:70:f4:8d:7d:0b:28:f9:f0:5c:
31:8b:47:b0:57:74:a0:03:e9:85:e1:8b:87:8d:99:
2c:8e:fe:ee:cf:73:52:70:5c:8f:e5:fc:9e:8f:83:
bc:48:3a:18:3e:2b:7c:15:33:8b:5f:50:d4:0f:04:
b9:7d:a1:14:bb:60:87:70:75:bc:10:ec:25:26:8f:
f9:31:bd:32:93:1d:9c:c6:89:4c:eb:3e:25:a8:8a:
a0:62:85:c7:b6:e0:fc:f6:d5:53:a2:9f:f4:50:02:
87:d1:10:f1:6e:bc:24:28:a9:e7:94:b7:c2:9e:e2:
f4:58:09:c5:0d:ab:6f:02:b4:26:01:79:7d:1e:05:
55:22:ca:4a:f4:a8:a3:89:f8:04:fb:c3:ca:33:11:
33:47:26:a7:77:1f:46:7f:9e:45:21:e7:c9:f9:13:
7a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:99:59:FC:D6:F0:C7:D0:01:13:DE:2A:4A:C0:F5:A5:24:43:FE:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:90c0::/46
Signature Algorithm: sha256WithRSAEncryption
02:85:b2:11:b4:59:ec:dd:0b:90:36:1e:c2:c6:3d:78:bc:4a:
fa:15:e9:83:62:7f:70:b0:22:7b:b4:a9:0e:3f:f1:18:28:7e:
89:e0:4e:d7:75:c2:d1:34:1f:af:ac:35:3d:57:6c:9b:03:b3:
57:92:c5:ed:91:6b:a8:e0:e8:c3:5f:e8:50:66:94:05:35:b7:
53:c2:2b:d6:a9:ef:23:1b:74:4c:05:64:9e:5b:08:86:2f:80:
ff:27:7f:14:d1:02:7e:63:51:f7:47:c4:d4:20:24:e9:42:f1:
67:0b:91:bd:af:dc:13:57:65:37:cf:80:82:ac:f1:a8:09:98:
73:89:9f:c5:10:81:0b:67:40:5b:49:53:8c:b4:4a:e1:09:60:
61:9e:fc:c9:e0:a5:cb:1d:a1:69:d8:84:c6:16:fd:60:c2:2d:
a1:b2:bb:fd:ab:46:2e:2a:2a:07:16:dc:b7:16:bf:2e:4a:d2:
e9:84:8f:d3:c0:1b:0e:e4:7b:ab:4a:d5:0d:e2:69:9a:78:c3:
b2:99:89:cd:a9:d6:d6:14:43:c0:df:de:89:33:07:20:c2:38:
71:ca:61:13:bc:cd:f3:7d:c1:85:ca:76:60:fe:e0:d2:bb:ff:
c6:3a:cc:9e:b1:ab:ff:67:04:70:77:e0:20:bd:33:2b:4d:0f:
25:ee:dd:c5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOUA1oANHKjkUdTsqTwhPAWNB6W0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM4NTFaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxM2Y5ZDc3MTk5N2FkMzRjNjlhMGE0Yzc2MzU2ZjhlYmExNzE2ODQzZDRh
ZWMzMTAzZTc0ODIyOWZjNmE3NzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2jW+gHGWgopmv/FjI0xbIq6qzCdpFdxtkbwD1V34D0ma7LNzI+RxTIBqR8
kRdYDBwbjPkEPRrUf0zUd0DyxCkq/jRdhLA8GoI7ITWXZg/aDhVo/viy50b+5YEF
yuvxcPSNfQso+fBcMYtHsFd0oAPpheGLh42ZLI7+7s9zUnBcj+X8no+DvEg6GD4r
fBUzi19Q1A8EuX2hFLtgh3B1vBDsJSaP+TG9MpMdnMaJTOs+JaiKoGKFx7bg/PbV
U6Kf9FACh9EQ8W68JCip55S3wp7i9FgJxQ2rbwK0JgF5fR4FVSLKSvSoo4n4BPvD
yjMRM0cmp3cfRn+eRSHnyfkTelkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS1mVn8
1vDH0AET3ipKwPWlJEP+CjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWE1ZmVjMmQtMmM0MC00MDY4LTliY2YtYzQ3ZDc2MDFkMDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAAoWyEbRZ7N0LkDYewsY9eLxK+hXpg2J/cLAi
e7SpDj/xGCh+ieBO13XC0TQfr6w1PVdsmwOzV5LF7ZFrqODow1/oUGaUBTW3U8Ir
1qnvIxt0TAVknlsIhi+A/yd/FNECfmNR90fE1CAk6ULxZwuRva/cE1dlN8+Agqzx
qAmYc4mfxRCBC2dAW0lTjLRK4QlgYZ78yeClyx2hadiExhb9YMItobK7/atGLioq
Bxbctxa/LkrS6YSP08AbDuR7q0rVDeJpmnjDspmJzanW1hRDwN/eiTMHIMI4ccph
E7zN833Bhcp2YP7g0rv/xjrMnrGr/2cEcHfgIL0zK00PJe7dxQ==
-----END CERTIFICATE-----
Generated at Mon Jun 30 22:30:17 2025 by rpki-client