Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1981211-4aa3-4c28-94f3-e6acdf5f47e9.roa
File: b1981211-4aa3-4c28-94f3-e6acdf5f47e9.roa (raw, json)
Hash identifier: VgKVaHXl/Z8guso3fg9hyyFc/Lf88R5Sd0zi0KVFznM=
Subject key identifier: 5B:35:87:9B:65:0F:1F:B8:37:83:CF:37:A5:A3:04:19:83:9B:07:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 57FBA30E6FC268C38C8EFABDF6DF8F1F7D732FEB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1981211-4aa3-4c28-94f3-e6acdf5f47e9.roa
Signing time: Thu 26 Jun 2025 19:37:01 +0000
ROA not before: Thu 26 Jun 2025 19:37:01 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:4020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 14:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:fb:a3:0e:6f:c2:68:c3:8c:8e:fa:bd:f6:df:8f:1f:7d:73:2f:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:37:01 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=82073df06a6f5fe803f2022243d4f593806562c53f47f61c060bc69c1d702d59, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:87:f4:15:de:b7:d4:d0:a2:e7:43:ce:dd:14:
d8:7e:8f:08:55:b8:e4:65:45:dd:1f:8e:a1:4e:bf:
a2:56:7a:7b:7e:07:d2:c6:28:3b:2e:3c:c1:00:b8:
3d:b0:8b:84:e6:a2:83:de:8c:57:18:d6:18:ee:d0:
96:7b:74:fd:44:6c:7b:c6:46:7d:46:87:cc:88:8e:
d1:13:ec:15:17:73:77:b9:3d:24:92:66:7c:ca:58:
e1:0f:47:e5:0c:78:45:64:65:91:e9:ac:95:ef:85:
f8:19:f5:8b:06:8c:3f:e7:0b:e8:c0:ad:12:3b:ef:
b1:bd:f5:18:9d:bf:fc:c9:7c:ef:33:c1:18:f2:77:
4c:bd:7c:06:13:3c:d2:b9:45:46:08:ea:48:11:2a:
a2:1b:18:5f:11:38:40:6b:37:26:0c:b5:0f:44:8c:
50:0c:10:f4:00:e9:36:e1:8d:bd:ab:ac:39:f0:4a:
80:8c:6d:63:00:75:54:05:a0:b4:37:7b:c4:6d:94:
0c:34:76:16:a5:90:83:66:8d:e6:85:08:46:04:03:
7c:37:a7:b7:db:4f:27:47:95:62:00:b5:68:b1:47:
54:0b:cb:65:f8:72:26:e1:8b:7a:23:f0:34:41:d8:
ec:50:cb:6c:87:73:a1:aa:61:22:10:43:5d:03:25:
68:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:35:87:9B:65:0F:1F:B8:37:83:CF:37:A5:A3:04:19:83:9B:07:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1981211-4aa3-4c28-94f3-e6acdf5f47e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:4020::/46
Signature Algorithm: sha256WithRSAEncryption
9f:ac:ce:a4:f8:20:ac:c1:8c:c8:3c:80:25:eb:71:69:f4:93:
81:d5:98:c2:0c:de:20:36:8b:83:3e:1d:60:08:31:25:1e:f8:
90:c3:d3:6a:23:ad:7c:86:94:68:42:e5:14:f8:d0:da:b6:1b:
90:f4:07:0e:14:8b:ff:b1:f0:10:cc:2b:12:0a:9e:3e:83:b4:
10:31:50:43:c1:e3:8b:5b:9c:aa:ab:54:c1:89:97:74:67:36:
f5:2f:80:69:ab:1b:7f:d5:b2:fc:2c:a2:71:e0:b8:79:98:d2:
7a:94:14:02:4f:c9:98:82:23:ba:f6:86:0e:a5:e5:81:14:d6:
3f:05:e9:1f:8b:98:38:49:b5:5a:31:6d:76:a2:1b:d2:ed:cc:
f3:0d:0f:fb:bd:00:2e:b0:ce:6c:c7:a6:9c:42:57:f7:5c:c8:
30:8b:7a:66:d6:e7:95:93:cc:94:7c:4e:76:38:7d:c2:88:9c:
9c:35:f0:88:d8:0b:f3:14:a2:2f:59:19:cd:54:6e:66:89:ed:
cd:c7:95:bc:66:56:ca:89:25:95:cf:30:24:75:db:50:5f:0b:
e6:c0:13:e8:3f:c5:eb:1d:eb:73:04:0d:0c:ce:c1:79:7c:45:
ec:ac:7b:4a:d4:a2:a1:3e:67:69:74:27:b2:00:7d:39:cc:b1:
6a:af:ad:84
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUV/ujDm/CaMOMjvq99t+PH31zL+swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM3MDFaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyMDczZGYwNmE2ZjVmZTgwM2YyMDIyMjQzZDRmNTkzODA2NTYyYzUzZjQ3
ZjYxYzA2MGJjNjljMWQ3MDJkNTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGH9BXet9TQoudDzt0U2H6PCFW45GVF3R+OoU6/olZ6e34H0sYoOy48wQC4
PbCLhOaig96MVxjWGO7Qlnt0/URse8ZGfUaHzIiO0RPsFRdzd7k9JJJmfMpY4Q9H
5Qx4RWRlkemsle+F+Bn1iwaMP+cL6MCtEjvvsb31GJ2//Ml87zPBGPJ3TL18BhM8
0rlFRgjqSBEqohsYXxE4QGs3Jgy1D0SMUAwQ9ADpNuGNvausOfBKgIxtYwB1VAWg
tDd7xG2UDDR2FqWQg2aN5oUIRgQDfDent9tPJ0eVYgC1aLFHVAvLZfhyJuGLeiPw
NEHY7FDLbIdzoaphIhBDXQMlaEkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRbNYeb
ZQ8fuDeDzzelowQZg5sHeTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE5ODEyMTEtNGFhMy00YzI4LTk0ZjMtZTZhY2RmNWY0N2U5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DVA
IDANBgkqhkiG9w0BAQsFAAOCAQEAn6zOpPggrMGMyDyAJetxafSTgdWYwgzeIDaL
gz4dYAgxJR74kMPTaiOtfIaUaELlFPjQ2rYbkPQHDhSL/7HwEMwrEgqePoO0EDFQ
Q8Hji1ucqqtUwYmXdGc29S+Aaasbf9Wy/CyiceC4eZjSepQUAk/JmIIjuvaGDqXl
gRTWPwXpH4uYOEm1WjFtdqIb0u3M8w0P+70ALrDObMemnEJX91zIMIt6ZtbnlZPM
lHxOdjh9woicnDXwiNgL8xSiL1kZzVRuZontzceVvGZWyokllc8wJHXbUF8L5sAT
6D/F6x3rcwQNDM7BeXxF7Kx7StSioT5naXQnsgB9Ocyxaq+thA==
-----END CERTIFICATE-----
Generated at Mon Jun 30 22:30:19 2025 by rpki-client