Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
File: 0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa (raw, json)
Hash identifier: +EEev5fomF4R6mefAzOLNyI64On8XAhGp261QTKkyVo=
Subject key identifier: F2:8C:57:B3:7A:0E:0D:93:D9:D9:A1:5A:A9:8F:43:BD:56:7B:8C:33
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53F801F126950BEE8834F62601CFECDBE700407B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
Signing time: Wed 18 Jun 2025 00:30:35 +0000
ROA not before: Wed 18 Jun 2025 00:30:35 +0000
ROA not after: Wed 23 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:f8:01:f1:26:95:0b:ee:88:34:f6:26:01:cf:ec:db:e7:00:40:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 18 00:30:35 2025 GMT
Not After : Jul 23 23:59:59 2025 GMT
Subject: serialNumber=3f54617a9644d22c484fc90d7484c909d0a3318b68429a85515514ddf6349f26, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:12:2e:16:86:f0:d2:74:4d:f0:b5:f1:bb:87:
0f:16:09:7d:18:21:43:06:67:69:92:15:36:1e:1f:
4a:39:71:69:67:d9:8d:1b:15:37:b0:e6:f9:9e:a1:
1d:47:65:73:37:11:bc:4f:b3:f5:40:a9:55:d3:06:
d6:f3:1a:2f:38:0c:f4:e9:29:80:10:f9:c7:d7:b9:
c9:ef:22:af:de:cd:41:28:da:51:1b:ab:d8:88:04:
f8:d5:d4:a3:95:ff:bb:27:30:8e:92:77:2a:53:d0:
c4:be:b5:cc:6a:6c:73:ba:07:84:44:b4:54:13:a4:
15:89:a6:f3:f9:01:72:cc:03:e3:8e:61:5c:ae:45:
e4:d7:41:b3:ff:1a:07:9a:3b:5f:6a:1f:1d:f2:2f:
fb:2e:9c:46:a1:60:fa:3c:a6:29:4d:fa:af:73:29:
81:be:1c:85:4b:ac:ab:92:94:48:7c:b5:65:a8:16:
26:27:f8:0f:bd:cb:60:84:32:26:ea:87:43:97:c1:
61:a9:d1:59:2b:0b:9a:dd:e7:ec:84:41:db:97:bb:
0f:46:2a:ca:02:7d:d7:1a:59:29:2c:95:2c:47:87:
75:5f:da:67:2e:4f:64:35:e5:81:b4:28:09:a1:96:
e5:13:94:cc:0e:4d:53:64:b9:f0:11:47:9e:36:32:
3a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:8C:57:B3:7A:0E:0D:93:D9:D9:A1:5A:A9:8F:43:BD:56:7B:8C:33
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1400::/38
Signature Algorithm: sha256WithRSAEncryption
9b:b5:5d:6d:24:6f:66:c4:e0:86:4a:1e:48:4f:f6:50:af:ae:
84:5a:31:dc:5d:10:50:7c:ed:dc:4d:5d:27:1a:86:d1:67:05:
2b:c6:82:35:32:82:7b:6d:4b:53:66:f5:40:54:f6:01:f5:d3:
70:be:97:1c:84:56:a1:47:81:3a:8b:d6:28:e2:b3:27:b2:84:
e2:19:a0:51:be:f7:f7:7c:82:87:cf:e3:ae:58:16:50:a8:9b:
a9:04:b0:4c:6d:b4:04:74:d4:a7:da:e7:62:d3:76:22:2b:a5:
4c:a9:ad:54:35:dd:c7:06:d1:29:ca:42:be:d8:6b:0d:09:88:
15:73:f4:cb:d7:ae:4b:78:ea:ee:a2:58:e0:3b:83:2a:f3:be:
86:46:82:a5:f2:f1:fb:39:c8:8e:0c:e3:dd:a2:5c:d6:fa:7e:
8e:3d:c1:d8:31:c5:d6:75:7f:a9:4b:8a:5b:5b:6c:b8:e5:8d:
79:e0:48:b2:87:f5:ff:c8:7e:8a:3b:95:99:f1:7f:06:bf:43:
85:ce:ce:80:da:03:71:87:f2:b8:b3:31:e2:87:ec:97:78:f4:
c3:d5:39:4c:6f:48:3a:49:b3:de:1e:91:1c:5b:13:d2:0b:04:
e7:7e:64:68:9f:36:10:d7:48:d2:bd:d0:53:79:e7:0e:20:1c:
7b:0d:4f:aa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUU/gB8SaVC+6INPYmAc/s2+cAQHswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTgwMDMwMzVaFw0yNTA3MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmNTQ2MTdhOTY0NGQyMmM0ODRmYzkwZDc0ODRjOTA5ZDBhMzMxOGI2ODQy
OWE4NTUxNTUxNGRkZjYzNDlmMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYSLhaG8NJ0TfC18buHDxYJfRghQwZnaZIVNh4fSjlxaWfZjRsVN7Dm+Z6h
HUdlczcRvE+z9UCpVdMG1vMaLzgM9OkpgBD5x9e5ye8ir97NQSjaURur2IgE+NXU
o5X/uycwjpJ3KlPQxL61zGpsc7oHhES0VBOkFYmm8/kBcswD445hXK5F5NdBs/8a
B5o7X2ofHfIv+y6cRqFg+jymKU36r3Mpgb4chUusq5KUSHy1ZagWJif4D73LYIQy
JuqHQ5fBYanRWSsLmt3n7IRB25e7D0YqygJ91xpZKSyVLEeHdV/aZy5PZDXlgbQo
CaGW5ROUzA5NU2S58BFHnjYyOp8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTyjFez
eg4Nk9nZoVqpj0O9VnuMMzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGZlMjc5Y2YtYjU1Zi00ZDk2LTk5NTgtZWMzZWNkNjRiMGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQU
MA0GCSqGSIb3DQEBCwUAA4IBAQCbtV1tJG9mxOCGSh5IT/ZQr66EWjHcXRBQfO3c
TV0nGobRZwUrxoI1MoJ7bUtTZvVAVPYB9dNwvpcchFahR4E6i9Yo4rMnsoTiGaBR
vvf3fIKHz+OuWBZQqJupBLBMbbQEdNSn2udi03YiK6VMqa1UNd3HBtEpykK+2GsN
CYgVc/TL165LeOruoljgO4Mq876GRoKl8vH7OciODOPdolzW+n6OPcHYMcXWdX+p
S4pbW2y45Y154Eiyh/X/yH6KO5WZ8X8Gv0OFzs6A2gNxh/K4szHih+yXePTD1TlM
b0g6SbPeHpEcWxPSCwTnfmRonzYQ10jSvdBTeecOIBx7DU+q
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:56:40 2025 by rpki-client