Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
File: 0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa (raw, json)
Hash identifier: rCJkWdwcf1oI3iCl1sceTq6qRWV7Qqp+iWn+ACoR1r8=
Subject key identifier: BA:BC:83:06:55:4B:D4:F3:ED:BC:F1:50:57:43:E1:E5:08:0E:53:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 461C5EA8A628BE4C3C82D44FAF0E02F8642AA688
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
Signing time: Mon 16 Jun 2025 21:31:31 +0000
ROA not before: Mon 16 Jun 2025 21:31:31 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:1c:5e:a8:a6:28:be:4c:3c:82:d4:4f:af:0e:02:f8:64:2a:a6:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:31 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8ba2acdc29b97ec8ef31450ca0736d2ce0c12936292a27c662610adde053e867, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0a:35:f2:a3:8f:10:ff:ed:fc:78:b7:90:6f:
11:20:8a:da:0a:1c:e7:3a:4e:ef:92:df:7a:09:cb:
79:dd:fc:70:73:e4:c2:c2:0c:23:d8:99:c9:fc:ed:
54:90:6e:24:9e:7f:11:8a:84:d9:7b:78:90:5d:a8:
cf:b1:5a:96:9f:80:85:2b:2c:5b:50:56:c8:d5:08:
45:c4:fc:7a:db:5d:21:b5:66:1e:13:af:e4:34:a6:
8d:d4:2f:a8:e5:9d:33:f8:0f:9f:4d:82:14:12:b5:
3f:01:4a:08:7c:be:e8:4b:0b:53:70:ff:d7:dc:c0:
d2:47:4a:1b:41:47:70:da:65:b0:96:76:62:f3:1c:
5b:a9:62:f5:24:b1:12:3c:2b:c0:dc:81:ed:f8:25:
36:1c:db:77:ea:86:da:09:a1:00:90:35:58:b2:ce:
4a:d8:bf:24:54:52:0f:a1:e2:0a:3c:eb:6a:99:8a:
a6:27:30:45:4c:44:85:4f:f4:d9:48:6b:65:63:13:
1c:00:45:50:47:9e:35:a2:74:80:c1:9a:e5:39:2c:
31:0c:a5:13:12:0a:02:f7:1a:b8:2f:e6:21:4f:67:
6a:a0:cd:8c:be:d5:e5:d2:1f:94:01:fb:40:0e:d4:
c0:93:25:a9:0e:af:5b:93:2d:98:d1:49:98:67:b4:
12:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:BC:83:06:55:4B:D4:F3:ED:BC:F1:50:57:43:E1:E5:08:0E:53:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
4c:4e:db:3b:92:6b:3e:3d:b4:02:b6:ce:c2:88:7b:bb:82:08:
59:65:33:3c:71:ca:1e:f0:ff:1f:75:9b:ce:1e:f7:ad:77:db:
b6:30:b2:08:87:dc:f1:ae:f1:e6:46:d4:ce:93:b5:47:54:ac:
11:d9:38:a9:4b:8f:fa:df:28:b0:34:62:3e:07:0f:63:84:bf:
15:2f:d0:61:29:37:45:d9:b9:3b:d1:59:76:44:96:98:e6:39:
92:05:bc:63:6e:9e:58:cc:0d:b8:99:ca:41:3f:05:6a:fe:de:
53:b2:75:63:4e:19:76:39:ad:3d:0c:2a:c5:53:49:34:24:df:
89:2c:0c:be:9c:51:c2:77:f6:9d:a9:ca:a6:81:d4:79:3b:76:
98:0b:a8:01:9b:59:c4:45:24:08:9c:f5:c1:da:1f:0d:06:03:
ff:b0:82:30:55:4b:3d:31:25:f1:f2:ce:10:d3:90:7f:9d:2e:
e0:d1:39:29:c2:77:ea:cc:2f:cb:42:5c:75:d4:a9:8c:eb:f8:
b1:90:b1:0e:ee:a3:e3:fc:1c:da:92:32:45:03:33:4f:81:ad:
f4:48:98:7c:59:9e:44:75:77:7c:18:ee:e6:71:85:c1:80:8c:
40:58:f8:e9:f9:26:30:2f:1a:41:fb:70:83:40:25:38:33:43:
a2:6c:ac:88
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURhxeqKYovkw8gtRPrw4C+GQqpogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxMzFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiYTJhY2RjMjliOTdlYzhlZjMxNDUwY2EwNzM2ZDJjZTBjMTI5MzYyOTJh
MjdjNjYyNjEwYWRkZTA1M2U4NjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIcKNfKjjxD/7fx4t5BvESCK2goc5zpO75LfegnLed38cHPkwsIMI9iZyfzt
VJBuJJ5/EYqE2Xt4kF2oz7Falp+AhSssW1BWyNUIRcT8ettdIbVmHhOv5DSmjdQv
qOWdM/gPn02CFBK1PwFKCHy+6EsLU3D/19zA0kdKG0FHcNplsJZ2YvMcW6li9SSx
EjwrwNyB7fglNhzbd+qG2gmhAJA1WLLOSti/JFRSD6HiCjzrapmKpicwRUxEhU/0
2UhrZWMTHABFUEeeNaJ0gMGa5TksMQylExIKAvcauC/mIU9naqDNjL7V5dIflAH7
QA7UwJMlqQ6vW5MtmNFJmGe0EocCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS6vIMG
VUvU8+288VBXQ+HlCA5ToDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGUwODI1MzctNmUzNi00NzRhLTlmZjgtYjdkM2JjYWFiYjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Drg
MA0GCSqGSIb3DQEBCwUAA4IBAQBMTts7kms+PbQCts7CiHu7gghZZTM8ccoe8P8f
dZvOHvetd9u2MLIIh9zxrvHmRtTOk7VHVKwR2TipS4/63yiwNGI+Bw9jhL8VL9Bh
KTdF2bk70Vl2RJaY5jmSBbxjbp5YzA24mcpBPwVq/t5TsnVjThl2Oa09DCrFU0k0
JN+JLAy+nFHCd/adqcqmgdR5O3aYC6gBm1nERSQInPXB2h8NBgP/sIIwVUs9MSXx
8s4Q05B/nS7g0TkpwnfqzC/LQlx11KmM6/ixkLEO7qPj/BzakjJFAzNPga30SJh8
WZ5EdXd8GO7mcYXBgIxAWPjp+SYwLxpB+3CDQCU4M0OibKyI
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:41 2025 by rpki-client