Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08648cfd-d5cb-4480-92d0-084369ff8b4d.roa
File: 08648cfd-d5cb-4480-92d0-084369ff8b4d.roa (raw, json)
Hash identifier: 4m+P0ZurrrYDA9q9C062serOgcO+HU2XPi5vb3gVw0U=
Subject key identifier: 1C:0F:D8:94:8A:56:A0:1F:BD:9A:E3:CA:DB:A2:07:25:93:BA:AF:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0336F97E43AEE102FF77DB2CDCF650FA09F8049D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08648cfd-d5cb-4480-92d0-084369ff8b4d.roa
Signing time: Mon 16 Jun 2025 21:00:53 +0000
ROA not before: Mon 16 Jun 2025 21:00:53 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:1040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:36:f9:7e:43:ae:e1:02:ff:77:db:2c:dc:f6:50:fa:09:f8:04:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:00:53 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8f9610a7c4d96b86f8c7576a4112b9182d881d63430983a57b422694818ea803, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:37:6d:d0:ca:4c:4e:46:79:c1:eb:ca:d4:33:
73:2c:8c:d1:8c:3b:9e:b8:af:70:ac:66:b7:4a:99:
58:da:04:0f:59:05:9e:98:64:9d:fa:68:7c:ea:57:
9a:e7:a2:7a:4b:16:95:64:4f:70:2d:3d:b4:1d:45:
57:34:87:33:71:de:ac:2a:46:f7:92:60:bb:a4:9f:
3b:4a:f8:1c:73:64:b8:8c:e6:c6:9c:92:d2:cb:e1:
3c:7e:c3:44:c4:aa:f7:b3:9f:44:df:62:db:bf:f6:
25:7f:20:52:ee:3c:b0:ec:24:3f:d4:b7:65:9c:8c:
72:08:4a:21:29:a7:68:40:16:a2:e6:f3:8d:d8:b9:
8c:bf:e1:65:f3:0e:0d:e9:16:a6:0e:76:f2:a7:5d:
88:6e:4a:2e:58:11:e7:76:31:cf:e7:5c:03:eb:71:
2c:d2:68:0d:ef:a7:fc:ff:5d:61:ac:34:2c:89:b2:
80:d4:7c:f3:8e:e8:54:ad:a9:d0:bf:6d:b4:64:b3:
20:87:58:dd:fa:32:1b:0b:cc:9f:cd:2c:6f:32:2d:
d7:27:af:bd:5c:12:a8:fe:d2:74:49:48:84:1d:3c:
fe:49:46:17:71:33:04:c1:35:d2:fe:c6:3b:de:6e:
52:96:86:3a:0e:0f:ca:fe:1c:c6:c2:fd:88:d7:a9:
9c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:0F:D8:94:8A:56:A0:1F:BD:9A:E3:CA:DB:A2:07:25:93:BA:AF:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08648cfd-d5cb-4480-92d0-084369ff8b4d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:1040::/46
Signature Algorithm: sha256WithRSAEncryption
6e:c8:46:6d:79:88:a9:10:1a:63:56:ff:20:00:95:f4:83:9e:
fe:e6:85:bd:50:14:72:cf:8e:80:c9:ac:60:d9:91:10:23:31:
95:11:8d:2a:3b:d7:6c:e8:59:69:ee:e1:76:52:7e:c8:de:cf:
eb:d0:45:49:be:ec:9b:42:3c:05:af:d8:2b:d3:4c:35:68:ba:
93:0b:fa:8d:6f:74:d9:50:51:7b:46:6d:e8:70:bc:f9:3d:ba:
42:59:d1:85:e9:56:09:28:c9:41:2b:8c:0e:9a:2b:3d:4b:fe:
d7:81:67:82:59:be:a7:ae:b8:c7:2f:d5:55:58:5b:3c:47:b3:
6f:28:db:7b:96:23:b8:13:17:c0:c8:d4:51:c5:60:5f:dc:cb:
69:91:9c:ba:56:f0:c8:c0:25:74:df:52:15:2d:05:79:e6:07:
19:ac:80:47:3c:e9:ce:94:9c:76:fb:68:07:f5:8c:86:de:09:
5b:9d:19:a7:87:8b:65:6b:e8:56:02:7b:a3:81:03:2b:c1:09:
13:f7:32:98:e7:13:15:40:a2:58:68:42:e4:e3:2a:55:ae:01:
a7:c1:02:87:71:cb:1b:98:18:0c:97:85:81:fa:82:45:59:3d:
be:19:e3:6e:80:c0:03:87:09:0d:d5:44:54:53:4a:ad:b6:d2:
cd:89:14:45
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAzb5fkOu4QL/d9ss3PZQ+gn4BJ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTAwNTNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmOTYxMGE3YzRkOTZiODZmOGM3NTc2YTQxMTJiOTE4MmQ4ODFkNjM0MzA5
ODNhNTdiNDIyNjk0ODE4ZWE4MDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANY3bdDKTE5GecHrytQzcyyM0Yw7nrivcKxmt0qZWNoED1kFnphknfpofOpX
mueieksWlWRPcC09tB1FVzSHM3HerCpG95Jgu6SfO0r4HHNkuIzmxpyS0svhPH7D
RMSq97OfRN9i27/2JX8gUu48sOwkP9S3ZZyMcghKISmnaEAWoubzjdi5jL/hZfMO
DekWpg528qddiG5KLlgR53Yxz+dcA+txLNJoDe+n/P9dYaw0LImygNR8847oVK2p
0L9ttGSzIIdY3foyGwvMn80sbzIt1yevvVwSqP7SdElIhB08/klGF3EzBME10v7G
O95uUpaGOg4Pyv4cxsL9iNepnLMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQcD9iU
ilagH72a48rbogclk7qv7TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDg2NDhjZmQtZDVjYi00NDgwLTkyZDAtMDg0MzY5ZmY4YjRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HsQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAbshGbXmIqRAaY1b/IACV9IOe/uaFvVAUcs+O
gMmsYNmRECMxlRGNKjvXbOhZae7hdlJ+yN7P69BFSb7sm0I8Ba/YK9NMNWi6kwv6
jW902VBRe0Zt6HC8+T26QlnRhelWCSjJQSuMDporPUv+14Fnglm+p664xy/VVVhb
PEezbyjbe5YjuBMXwMjUUcVgX9zLaZGculbwyMAldN9SFS0FeeYHGayARzzpzpSc
dvtoB/WMht4JW50Zp4eLZWvoVgJ7o4EDK8EJE/cymOcTFUCiWGhC5OMqVa4Bp8EC
h3HLG5gYDJeFgfqCRVk9vhnjboDAA4cJDdVEVFNKrbbSzYkURQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:08 2025 by rpki-client