Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
File: 0e68fbde-eead-4e29-b902-4eed053693ac.roa (raw, json)
Hash identifier: dj0WO7ExCSW4U21JR2QwHwt1aTBB9khw7dlXddRd3/0=
Subject key identifier: 1C:99:DC:50:A2:FD:33:CC:CA:BF:27:F1:2A:6B:49:59:E2:33:F6:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 243C74B8D40C095B9A2A4224559F1AB59934A3A4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
Signing time: Mon 16 Jun 2025 21:40:57 +0000
ROA not before: Mon 16 Jun 2025 21:40:57 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:3c:74:b8:d4:0c:09:5b:9a:2a:42:24:55:9f:1a:b5:99:34:a3:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:40:57 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=e2bf9b0681172cb454bc40599adbd022a00c40b70d19cd6375d09e4106400dee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:1f:a4:4b:f0:ad:e5:86:07:73:74:7a:0b:35:
9e:dd:66:67:3d:3b:37:fe:2f:e2:a6:e4:2e:8b:f1:
f8:26:87:f6:d2:2d:c7:49:79:25:92:30:48:e5:ea:
32:7e:0e:b1:47:eb:51:40:6f:e1:a0:1b:4d:40:b9:
d1:8b:d7:c6:9f:7e:9f:b9:90:d0:55:6b:99:1b:1b:
75:db:d8:48:fe:0f:35:3c:f3:56:07:53:21:7b:ca:
47:cc:4f:6a:63:59:a1:cf:da:d2:b7:73:ed:4d:e9:
f7:4c:d2:75:b0:7e:99:90:29:2d:1a:1a:63:5e:89:
66:3e:c6:14:29:eb:03:4e:14:69:5f:78:6d:6c:d8:
7f:7f:23:70:e8:87:a0:e1:39:34:9f:99:99:d4:53:
37:42:e4:b8:51:bc:25:52:01:bb:7e:79:55:54:f0:
8a:7a:d6:3b:08:a1:53:47:92:b4:da:0c:90:cd:4f:
37:9d:96:9a:24:6e:42:e9:59:04:bd:56:92:85:46:
a8:a4:f7:cf:1a:b7:41:48:5f:20:bb:e8:48:11:51:
43:82:52:06:16:c5:d6:5a:0b:10:6a:29:a3:9a:79:
9c:fa:21:88:80:6d:c5:21:fe:3d:4d:a7:00:a3:bd:
ee:5a:53:c0:a1:9f:d3:95:20:3f:5c:df:42:cd:2e:
66:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:99:DC:50:A2:FD:33:CC:CA:BF:27:F1:2A:6B:49:59:E2:33:F6:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/36
Signature Algorithm: sha256WithRSAEncryption
ca:4f:11:23:af:18:7a:9e:97:86:c2:7f:47:86:5b:8f:a4:ae:
fb:b2:99:c5:d3:6d:fe:a8:a4:48:d0:77:11:92:34:76:8b:27:
da:8a:9d:30:35:44:5a:20:a8:93:3f:3d:cf:a6:a6:ae:63:92:
25:d0:03:5e:44:4c:be:af:11:ba:d1:1f:d9:d8:4a:fc:ba:b0:
1a:fb:e6:25:5f:ce:3f:63:8e:5d:02:5d:bc:c4:14:4b:7b:eb:
09:c9:a6:42:ed:aa:25:d9:bb:62:0e:4e:0e:80:b5:4d:ad:b0:
d7:bb:92:0f:90:73:33:12:0b:db:cc:11:18:f1:50:72:41:2d:
6e:32:4e:e9:10:a0:02:80:60:87:9f:48:8c:1a:80:f2:6c:82:
90:3c:64:61:41:c9:3b:81:18:bb:66:1d:d3:bb:7f:a4:af:cd:
12:e3:9f:81:a6:e3:7f:0e:33:5f:68:b9:d6:ed:03:e3:30:09:
a8:2d:f9:ea:3e:eb:65:30:68:09:a4:dc:e7:21:43:ef:99:86:
91:3b:26:12:85:8c:9d:94:b2:71:e2:92:c6:48:74:4f:6f:f6:
77:e4:03:fd:53:e2:70:94:e9:58:65:dc:dd:ca:da:66:ef:cb:
47:e3:43:d9:23:e2:87:2c:8d:99:59:2c:4d:99:a9:fc:61:65:
17:11:f0:9b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJDx0uNQMCVuaKkIkVZ8atZk0o6QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQwNTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyYmY5YjA2ODExNzJjYjQ1NGJjNDA1OTlhZGJkMDIyYTAwYzQwYjcwZDE5
Y2Q2Mzc1ZDA5ZTQxMDY0MDBkZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOQfpEvwreWGB3N0egs1nt1mZz07N/4v4qbkLovx+CaH9tItx0l5JZIwSOXq
Mn4OsUfrUUBv4aAbTUC50YvXxp9+n7mQ0FVrmRsbddvYSP4PNTzzVgdTIXvKR8xP
amNZoc/a0rdz7U3p90zSdbB+mZApLRoaY16JZj7GFCnrA04UaV94bWzYf38jcOiH
oOE5NJ+ZmdRTN0LkuFG8JVIBu355VVTwinrWOwihU0eStNoMkM1PN52WmiRuQulZ
BL1WkoVGqKT3zxq3QUhfILvoSBFRQ4JSBhbF1loLEGopo5p5nPohiIBtxSH+PU2n
AKO97lpTwKGf05UgP1zfQs0uZgcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQcmdxQ
ov0zzMq/J/Eqa0lZ4jP2njAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGU2OGZiZGUtZWVhZC00ZTI5LWI5MDItNGVlZDA1MzY5M2FjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BsA
MA0GCSqGSIb3DQEBCwUAA4IBAQDKTxEjrxh6npeGwn9HhluPpK77spnF023+qKRI
0HcRkjR2iyfaip0wNURaIKiTPz3PpqauY5Il0ANeREy+rxG60R/Z2Er8urAa++Yl
X84/Y45dAl28xBRLe+sJyaZC7aol2btiDk4OgLVNrbDXu5IPkHMzEgvbzBEY8VBy
QS1uMk7pEKACgGCHn0iMGoDybIKQPGRhQck7gRi7Zh3Tu3+kr80S45+BpuN/DjNf
aLnW7QPjMAmoLfnqPutlMGgJpNznIUPvmYaROyYShYydlLJx4pLGSHRPb/Z35AP9
U+JwlOlYZdzdytpm78tH40PZI+KHLI2ZWSxNman8YWUXEfCb
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:01:07 2025 by rpki-client