Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
File: 09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa (raw, json)
Hash identifier: K8Gq+VdQx2MVdBhAL+KeZkVWyz5rVCBNqKUCLRmZb64=
Subject key identifier: D8:27:26:8B:4E:D5:B8:09:45:5A:5D:BD:9B:34:04:DB:34:96:25:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 364B9BBCD62690BBD092452D465C1D7EB76702D9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
Signing time: Mon 16 Jun 2025 20:00:12 +0000
ROA not before: Mon 16 Jun 2025 20:00:12 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:4b:9b:bc:d6:26:90:bb:d0:92:45:2d:46:5c:1d:7e:b7:67:02:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:12 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8110834808cc50a30b32113b765620c48ea60e61018b10a2d43312fe94c4ff60, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a9:86:02:3b:37:a8:fe:5b:e4:15:4a:af:26:
b9:04:ab:cd:7f:91:d1:a4:7d:3d:2d:77:64:7f:b9:
c8:f7:c9:7f:b2:33:0f:07:0a:81:8a:83:c1:02:50:
b6:d2:6c:a3:9b:a1:d7:74:ea:cf:ce:b4:a6:f1:ef:
9f:7e:cb:d9:5a:75:ce:b9:9e:96:be:b8:df:21:0a:
03:6d:b5:19:7b:a4:61:5a:1f:a8:a8:9e:6a:c1:92:
6f:47:d3:91:23:75:37:6e:b7:7d:74:98:f3:e5:ea:
93:9c:00:84:6d:b8:45:02:8b:f8:00:bd:74:14:fe:
3d:07:3e:e7:2a:75:82:01:98:7a:ec:67:f5:f0:a8:
3b:f7:55:33:a2:71:66:28:d9:6c:36:87:4d:8f:30:
89:80:58:bc:a2:2d:dd:9d:9b:bc:29:56:87:1f:2e:
be:f7:cb:19:8f:9a:de:91:e6:65:b7:b3:77:4d:c1:
8c:43:05:93:c9:f2:0c:a5:28:4d:22:1b:bd:1c:dd:
c0:95:15:16:f4:c9:17:e3:13:22:6a:9b:68:eb:ab:
fb:8a:43:23:35:ac:b8:95:c1:82:40:10:e3:00:f1:
63:90:9a:b8:e9:93:5b:ef:b1:b1:0d:38:30:9d:90:
11:ff:d5:90:fe:4a:e1:a6:9c:05:83:23:9b:d3:1c:
b6:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:27:26:8B:4E:D5:B8:09:45:5A:5D:BD:9B:34:04:DB:34:96:25:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8020::/48
Signature Algorithm: sha256WithRSAEncryption
c0:63:64:93:de:41:5c:fe:14:e3:88:f9:9e:b2:2a:f7:ab:53:
bb:75:30:a7:52:93:39:fd:a4:bc:a5:12:62:0c:8b:38:12:45:
6c:52:ad:fa:00:f8:07:c4:31:fd:95:55:cc:cf:9c:f7:0b:63:
2b:51:b2:c1:cd:f7:ed:8a:ca:75:b9:07:81:d5:cd:8c:bb:b3:
7b:d6:26:d6:e0:77:d1:5e:7c:cc:71:75:4e:bb:de:93:a3:ab:
d4:1a:da:e7:f7:c4:2f:44:b7:51:93:5b:04:54:ae:19:03:f6:
6a:24:e1:f5:6c:14:61:98:4f:fe:94:72:1b:e7:b5:cb:e3:cd:
33:8c:13:1e:e3:e5:7e:af:ec:c2:6d:86:91:da:fc:76:36:b1:
f1:c1:cf:12:c4:e7:78:bd:71:41:ef:93:37:10:6c:11:46:0e:
d8:92:ff:40:44:ca:cb:46:f6:7f:0d:10:6d:d9:77:b0:06:31:
4d:03:66:90:69:78:0b:42:0b:88:6e:a6:93:0e:a4:c0:a6:4e:
f1:5c:7d:9f:b6:26:c1:e8:21:46:bb:f0:10:da:e9:a5:49:50:
63:1e:29:fa:3a:26:c1:5e:d7:9b:5d:f7:02:9c:82:df:37:2a:
6e:f5:61:9d:b1:86:3e:fc:6c:05:66:91:80:fc:f9:e2:2a:f5:
71:c9:71:ae
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNkubvNYmkLvQkkUtRlwdfrdnAtkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwMTJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMTA4MzQ4MDhjYzUwYTMwYjMyMTEzYjc2NTYyMGM0OGVhNjBlNjEwMThi
MTBhMmQ0MzMxMmZlOTRjNGZmNjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaphgI7N6j+W+QVSq8muQSrzX+R0aR9PS13ZH+5yPfJf7IzDwcKgYqDwQJQ
ttJso5uh13Tqz860pvHvn37L2Vp1zrmelr643yEKA221GXukYVofqKieasGSb0fT
kSN1N263fXSY8+Xqk5wAhG24RQKL+AC9dBT+PQc+5yp1ggGYeuxn9fCoO/dVM6Jx
ZijZbDaHTY8wiYBYvKIt3Z2bvClWhx8uvvfLGY+a3pHmZbezd03BjEMFk8nyDKUo
TSIbvRzdwJUVFvTJF+MTImqbaOur+4pDIzWsuJXBgkAQ4wDxY5CauOmTW++xsQ04
MJ2QEf/VkP5K4aacBYMjm9Mctv8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTYJyaL
TtW4CUVaXb2bNATbNJYlHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDlmNjRlZGEtMmI5Yy00Yzg5LThlYjQtN2NmYjA4YjJiYTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
IDANBgkqhkiG9w0BAQsFAAOCAQEAwGNkk95BXP4U44j5nrIq96tTu3Uwp1KTOf2k
vKUSYgyLOBJFbFKt+gD4B8Qx/ZVVzM+c9wtjK1Gywc337YrKdbkHgdXNjLuze9Ym
1uB30V58zHF1Trvek6Or1Bra5/fEL0S3UZNbBFSuGQP2aiTh9WwUYZhP/pRyG+e1
y+PNM4wTHuPlfq/swm2Gkdr8djax8cHPEsTneL1xQe+TNxBsEUYO2JL/QETKy0b2
fw0Qbdl3sAYxTQNmkGl4C0ILiG6mkw6kwKZO8Vx9n7YmweghRrvwENrppUlQYx4p
+jomwV7Xm133ApyC3zcqbvVhnbGGPvxsBWaRgPz54ir1cclxrg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:21 2025 by rpki-client