Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
File: 17057de1-0841-47c5-9f52-f4f803d5e2d4.roa (raw, json)
Hash identifier: LJGpFQ9O6pczTMi0MpD9hp801EWFUb7UvBGsaEKyy8w=
Subject key identifier: 71:32:C3:D4:ED:A6:18:B5:A4:D5:3A:5E:10:26:03:49:1B:0E:9A:CC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 19D5C401FDE617C5752C1F1F3496C719CBED6D59
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
Signing time: Mon 16 Jun 2025 21:10:11 +0000
ROA not before: Mon 16 Jun 2025 21:10:11 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:d5:c4:01:fd:e6:17:c5:75:2c:1f:1f:34:96:c7:19:cb:ed:6d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:10:11 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=3499d5e7bcf5e5bc052ffaf1426b3dbe6eba7e292b938f8ef2f5b8ecdeb7c636, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d3:46:5c:b6:9c:cf:20:c5:4f:d9:83:87:89:
d5:e3:04:43:08:e5:40:a4:3f:3b:6a:39:a7:68:8f:
92:c1:95:c6:ac:c9:1c:8b:86:8c:6b:ac:a2:d0:98:
1a:91:6f:01:4e:94:a4:a4:07:33:92:f0:b9:b3:94:
3c:83:90:f8:0b:4d:3d:38:01:b0:12:ae:c4:b5:48:
34:db:5e:2b:85:f9:d9:7d:b1:61:6c:5c:40:d6:1d:
f3:cd:47:aa:ae:fc:6f:38:5e:21:6e:55:8d:71:15:
9f:0c:1c:1f:8b:9c:ed:2b:34:43:70:76:14:22:c3:
18:05:e7:78:eb:44:f9:3f:c5:90:ac:85:da:f6:fe:
b7:14:0f:8d:9f:46:77:da:24:b5:a8:a7:b4:77:9f:
c6:bd:a2:21:58:97:16:44:1b:74:a8:37:45:33:d4:
4e:25:e3:8a:d6:77:79:7d:25:ae:b8:91:79:a0:f2:
bc:ed:70:25:ef:76:e2:c1:54:f9:13:6e:19:45:a1:
f4:64:09:e4:df:e6:5d:8a:a8:db:63:7f:a8:37:49:
ad:25:65:7d:01:05:03:92:ef:06:a1:10:4a:fb:32:
38:ea:74:63:1d:e8:fa:de:38:53:57:d5:14:65:d9:
88:18:44:f1:8a:e3:7a:0b:35:0a:2e:b9:d9:cc:71:
3d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:32:C3:D4:ED:A6:18:B5:A4:D5:3A:5E:10:26:03:49:1B:0E:9A:CC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
94:f7:20:d1:4c:c4:c8:94:ff:84:20:04:95:e6:4d:05:fc:00:
a0:76:d5:d9:36:8b:2d:7b:1c:58:b9:44:4a:7a:34:a5:b4:d7:
c7:95:bc:d1:e9:44:1c:f4:a3:31:50:88:52:f6:39:d9:30:d1:
10:3b:d2:80:16:38:9d:7e:14:83:81:4f:12:76:4b:69:e0:e6:
a6:f7:89:40:eb:b8:9f:8e:52:09:e3:66:96:5e:1d:74:d0:36:
2b:a4:71:59:96:ef:3b:d3:99:56:77:6e:a3:a4:f1:ba:39:49:
43:61:98:0d:60:0c:17:35:92:e7:6c:f8:25:35:2b:61:ab:1c:
5e:9a:8d:5e:44:9a:14:c4:8e:1b:10:70:69:e0:d9:52:f7:a1:
25:2c:18:10:8e:eb:87:ff:e6:0c:83:ea:8e:60:bd:25:8d:28:
85:1a:5a:50:8f:1b:a7:64:c3:af:92:1b:1b:7b:27:f2:f2:06:
6d:89:b1:de:52:1b:80:0c:48:71:da:83:c7:d2:b9:0e:cd:a9:
6a:2e:99:45:e5:f9:5b:eb:48:f8:85:ec:a7:db:16:78:de:8e:
29:bd:cd:64:ca:ac:89:bf:3a:f2:0c:be:8e:97:17:a9:cc:98:
af:bf:51:7d:92:13:57:59:a0:25:bc:2f:f8:6f:c8:f9:70:cf:
de:b3:f9:5a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGdXEAf3mF8V1LB8fNJbHGcvtbVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTEwMTFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0OTlkNWU3YmNmNWU1YmMwNTJmZmFmMTQyNmIzZGJlNmViYTdlMjkyYjkz
OGY4ZWYyZjViOGVjZGViN2M2MzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMXTRly2nM8gxU/Zg4eJ1eMEQwjlQKQ/O2o5p2iPksGVxqzJHIuGjGusotCY
GpFvAU6UpKQHM5LwubOUPIOQ+AtNPTgBsBKuxLVINNteK4X52X2xYWxcQNYd881H
qq78bzheIW5VjXEVnwwcH4uc7Ss0Q3B2FCLDGAXneOtE+T/FkKyF2vb+txQPjZ9G
d9oktaintHefxr2iIViXFkQbdKg3RTPUTiXjitZ3eX0lrriReaDyvO1wJe924sFU
+RNuGUWh9GQJ5N/mXYqo22N/qDdJrSVlfQEFA5LvBqEQSvsyOOp0Yx3o+t44U1fV
FGXZiBhE8Yrjegs1Ci652cxxPYECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRxMsPU
7aYYtaTVOl4QJgNJGw6azDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTcwNTdkZTEtMDg0MS00N2M1LTlmNTItZjRmODAzZDVlMmQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dpg
MA0GCSqGSIb3DQEBCwUAA4IBAQCU9yDRTMTIlP+EIASV5k0F/ACgdtXZNostexxY
uURKejSltNfHlbzR6UQc9KMxUIhS9jnZMNEQO9KAFjidfhSDgU8Sdktp4Oam94lA
67ifjlIJ42aWXh100DYrpHFZlu8705lWd26jpPG6OUlDYZgNYAwXNZLnbPglNSth
qxxemo1eRJoUxI4bEHBp4NlS96ElLBgQjuuH/+YMg+qOYL0ljSiFGlpQjxunZMOv
khsbeyfy8gZtibHeUhuADEhx2oPH0rkOzalqLplF5flb60j4heyn2xZ43o4pvc1k
yqyJvzryDL6OlxepzJivv1F9khNXWaAlvC/4b8j5cM/es/la
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:58:32 2025 by rpki-client