Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0f2e0c7-6d9c-428b-85e5-6a924e7414db.roa
File: e0f2e0c7-6d9c-428b-85e5-6a924e7414db.roa (raw, json)
Hash identifier: uhFO4R2j/u5B2xJziICZ57SFUlroDnMJDoCoG6vd3Bg=
Subject key identifier: 20:4B:EF:B5:82:64:7F:45:76:C5:BC:FA:CE:B3:88:7D:40:59:D2:F0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50545E15B30A01A9AF7A2CFB8FDAA2E577363C04
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0f2e0c7-6d9c-428b-85e5-6a924e7414db.roa
Signing time: Thu 26 Jun 2025 19:37:15 +0000
ROA not before: Thu 26 Jun 2025 19:37:15 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:50c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 14:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:54:5e:15:b3:0a:01:a9:af:7a:2c:fb:8f:da:a2:e5:77:36:3c:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:37:15 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=a55f4a2ca5563c9f816bf55d142bbe5120babec120f32c14b5e21354cf407ff3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:20:ce:eb:ac:56:59:21:33:69:ff:ed:57:91:
a7:85:05:a6:30:84:91:bb:24:19:ab:4f:32:77:db:
f6:ee:16:9e:5b:c9:a9:11:fe:ed:e0:23:5f:ef:3a:
4c:28:3b:a0:0e:c2:eb:88:26:2b:7a:89:9c:2a:bc:
12:bd:35:e2:5d:79:0b:37:47:21:c9:9f:6d:17:17:
cf:bf:97:48:63:a4:de:1c:dc:7a:fb:34:da:3f:63:
00:9f:e4:26:62:78:0c:32:37:70:fb:16:da:6f:d1:
2f:a2:74:65:09:83:96:65:be:5e:77:10:af:55:0d:
a9:1f:af:fe:98:ff:90:54:1a:3b:67:7a:dc:3e:b4:
8c:95:b9:e4:29:6e:3f:64:01:0f:c9:cf:c2:7a:2a:
08:01:3f:bb:a7:b9:a7:d4:79:fb:fc:f3:5d:72:d1:
5d:6c:2c:ff:78:be:cc:52:0c:7e:ed:6b:62:f7:fc:
40:b3:2e:d1:52:6f:76:15:0d:11:98:86:22:f7:2d:
32:a9:e6:d8:5d:78:97:99:ca:a1:be:9a:e3:88:c6:
ed:41:fa:dc:61:83:d0:14:03:0c:7f:74:14:0d:d5:
e5:0e:cc:b3:10:6b:29:a3:39:3e:77:72:9f:29:46:
e8:d9:a9:de:15:e5:2e:54:4a:89:69:16:4b:44:c6:
ee:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:4B:EF:B5:82:64:7F:45:76:C5:BC:FA:CE:B3:88:7D:40:59:D2:F0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0f2e0c7-6d9c-428b-85e5-6a924e7414db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:50c0::/46
Signature Algorithm: sha256WithRSAEncryption
9a:fe:c9:63:b0:b3:62:34:f1:50:d1:a9:d5:b9:36:0b:af:3b:
89:5b:30:78:6e:82:8a:27:fe:e8:b8:b6:a6:67:1e:f0:f2:69:
20:a0:c5:08:c4:cd:e5:c6:b7:f7:61:f1:f1:0c:d4:97:ed:89:
95:1c:16:33:d7:b7:ab:75:a4:fe:25:60:b3:88:9b:7e:d3:1c:
42:ec:a2:81:3e:92:1a:cc:2c:5a:57:e5:05:6c:29:ca:96:13:
9e:53:8f:57:9d:41:58:ea:68:f0:14:92:3f:e9:cd:32:6b:a2:
db:b9:58:c8:71:19:80:ae:52:6e:99:12:c7:d6:52:a1:31:22:
1f:1f:22:99:5e:34:6a:a0:1b:f1:e6:1e:ae:ab:35:64:fa:cc:
99:a7:e8:a5:ac:c6:38:97:2a:2e:8c:87:43:d4:8f:d9:01:d2:
ea:4f:97:cb:e0:8a:00:e9:18:d7:f3:7a:68:00:5e:da:60:ef:
6f:8f:46:79:8a:38:e2:91:f5:46:05:b3:6b:1c:9f:5a:52:63:
b8:8c:47:9a:d5:ab:78:1d:98:a3:87:f5:88:1a:bd:4e:35:6c:
81:8b:24:b0:87:cd:02:4c:99:38:8a:d2:d4:f1:58:4f:0d:f3:
75:f9:86:73:a0:a5:e9:2c:69:e5:99:66:4b:82:ef:2a:00:5d:
96:b9:2e:67
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUFReFbMKAamveiz7j9qi5Xc2PAQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM3MTVaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1NWY0YTJjYTU1NjNjOWY4MTZiZjU1ZDE0MmJiZTUxMjBiYWJlYzEyMGYz
MmMxNGI1ZTIxMzU0Y2Y0MDdmZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEgzuusVlkhM2n/7VeRp4UFpjCEkbskGatPMnfb9u4WnlvJqRH+7eAjX+86
TCg7oA7C64gmK3qJnCq8Er014l15CzdHIcmfbRcXz7+XSGOk3hzcevs02j9jAJ/k
JmJ4DDI3cPsW2m/RL6J0ZQmDlmW+XncQr1UNqR+v/pj/kFQaO2d63D60jJW55Clu
P2QBD8nPwnoqCAE/u6e5p9R5+/zzXXLRXWws/3i+zFIMfu1rYvf8QLMu0VJvdhUN
EZiGIvctMqnm2F14l5nKob6a44jG7UH63GGD0BQDDH90FA3V5Q7MsxBrKaM5Pndy
nylG6Nmp3hXlLlRKiWkWS0TG7tcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQgS++1
gmR/RXbFvPrOs4h9QFnS8DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTBmMmUwYzctNmQ5Yy00MjhiLTg1ZTUtNmE5MjRlNzQxNGRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAmv7JY7CzYjTxUNGp1bk2C687iVsweG6Ciif+
6Li2pmce8PJpIKDFCMTN5ca392Hx8QzUl+2JlRwWM9e3q3Wk/iVgs4ibftMcQuyi
gT6SGswsWlflBWwpypYTnlOPV51BWOpo8BSSP+nNMmui27lYyHEZgK5SbpkSx9ZS
oTEiHx8imV40aqAb8eYerqs1ZPrMmafopazGOJcqLoyHQ9SP2QHS6k+Xy+CKAOkY
1/N6aABe2mDvb49GeYo44pH1RgWzaxyfWlJjuIxHmtWreB2Yo4f1iBq9TjVsgYsk
sIfNAkyZOIrS1PFYTw3zdfmGc6Cl6Sxp5ZlmS4LvKgBdlrkuZw==
-----END CERTIFICATE-----
Generated at Mon Jun 30 22:30:17 2025 by rpki-client