Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
File: 1977ffde-7d26-418c-800c-ccacd18fe560.roa (raw, json)
Hash identifier: gHrdhkSyqMvKGrSceMgTOxEy+xBocwtOGKr7SKgGEwc=
Subject key identifier: 1E:D3:E2:F4:97:17:92:E2:4D:CD:0B:BC:8C:12:E1:FA:F0:63:63:FD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 268711541E0514BB28FB841D0A596E855B279D0E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
Signing time: Tue 24 Jun 2025 15:00:04 +0000
ROA not before: Tue 24 Jun 2025 15:00:04 +0000
ROA not after: Tue 29 Jul 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:87:11:54:1e:05:14:bb:28:fb:84:1d:0a:59:6e:85:5b:27:9d:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 24 15:00:04 2025 GMT
Not After : Jul 29 23:59:59 2025 GMT
Subject: serialNumber=cb2ae63ff6006181ff2572f1e54332833515e9afb490a4d1f7447caffa20f160, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3f:35:e7:a2:70:1e:8c:8c:e3:d9:60:aa:98:
59:9c:bc:96:18:33:20:2f:76:52:40:7b:70:6a:b0:
d5:87:0a:88:a1:f1:08:86:2a:fd:ec:87:0e:aa:99:
63:ba:e9:d6:1a:95:30:4a:6b:ad:e1:33:47:02:f4:
f3:72:a7:6b:6f:bb:cd:e6:d9:ab:56:15:d6:03:ec:
2d:63:8a:72:b2:c1:f8:53:64:25:c3:39:25:33:bc:
10:0c:24:7d:44:18:4e:83:b6:b5:dc:d0:9c:f8:7b:
f3:be:76:49:26:b4:dd:f4:60:3b:69:8f:e0:97:3a:
e1:9e:32:f7:88:4b:7d:24:23:06:cf:66:d6:9c:1c:
e1:06:e4:8a:7f:ae:13:5f:f1:9e:b3:85:c6:89:5e:
5c:d9:29:1e:82:4d:e7:f2:4e:54:c1:df:e5:50:d9:
b5:94:ab:10:ae:eb:29:ef:23:08:dd:41:ac:c2:01:
9a:ff:5e:e9:ac:b1:af:f6:8b:63:64:06:12:9c:95:
24:3c:c1:03:f6:e1:06:77:d6:0d:87:ab:47:11:b1:
cf:40:4b:71:f0:a7:d9:b1:9a:39:e4:9f:c8:a4:8a:
65:32:d4:e7:4b:ac:39:ae:9a:92:88:75:46:93:22:
a8:76:1e:2d:26:7f:f6:41:48:7a:d0:2d:7b:f6:fb:
03:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D3:E2:F4:97:17:92:E2:4D:CD:0B:BC:8C:12:E1:FA:F0:63:63:FD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
44:b5:15:f8:93:c7:95:7d:0a:3d:81:3a:b0:73:75:93:30:b0:
7b:d2:8a:9f:c1:8d:10:19:53:5d:e3:8f:42:dc:11:66:c2:8b:
de:9d:19:34:e0:bf:14:da:ec:6a:ec:19:af:af:c4:e2:2f:2a:
3e:87:84:c0:91:ea:01:4f:7f:c7:67:c3:b6:7b:02:a3:bb:1f:
1c:5f:07:f9:e1:f6:0c:58:c8:87:f1:38:2d:69:14:76:17:77:
df:b9:4a:6a:71:e9:d5:56:8c:52:9e:ea:e4:73:99:aa:bc:64:
47:87:56:69:33:64:d7:93:2f:00:88:23:37:8b:6f:d2:c1:22:
b6:68:65:3b:af:55:96:50:3a:fe:32:fc:2d:51:7e:89:c5:2d:
6f:d0:8a:0c:cc:c8:de:e7:47:e1:ae:92:ac:d7:df:37:0b:9b:
a4:e3:64:9c:f0:4f:14:24:6d:6a:2f:d8:ef:70:9a:f6:8c:b8:
4b:eb:ea:74:b5:50:e8:2e:92:ae:65:c1:5f:39:9d:3d:fc:e8:
fa:fa:e2:05:7b:ba:bb:2c:e6:de:84:0f:70:b0:3a:91:71:c3:
6e:e2:25:28:3f:36:bd:d6:19:c0:f5:5a:f2:b9:c2:1a:03:80:
10:be:48:a1:26:fc:9e:39:b0:d4:8c:37:2e:1a:d2:14:d6:a3:
99:ec:7c:02
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUJocRVB4FFLso+4QdClluhVsnnQ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjQxNTAwMDRaFw0yNTA3MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiMmFlNjNmZjYwMDYxODFmZjI1NzJmMWU1NDMzMjgzMzUxNWU5YWZiNDkw
YTRkMWY3NDQ3Y2FmZmEyMGYxNjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMI/NeeicB6MjOPZYKqYWZy8lhgzIC92UkB7cGqw1YcKiKHxCIYq/eyHDqqZ
Y7rp1hqVMEprreEzRwL083Kna2+7zebZq1YV1gPsLWOKcrLB+FNkJcM5JTO8EAwk
fUQYToO2tdzQnPh78752SSa03fRgO2mP4Jc64Z4y94hLfSQjBs9m1pwc4Qbkin+u
E1/xnrOFxoleXNkpHoJN5/JOVMHf5VDZtZSrEK7rKe8jCN1BrMIBmv9e6ayxr/aL
Y2QGEpyVJDzBA/bhBnfWDYerRxGxz0BLcfCn2bGaOeSfyKSKZTLU50usOa6akoh1
RpMiqHYeLSZ/9kFIetAte/b7A9MCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQe0+L0
lxeS4k3NC7yMEuH68GNj/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTk3N2ZmZGUtN2QyNi00MThjLTgwMGMtY2NhY2QxOGZlNTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBAES1FfiTx5V9Cj2BOrBzdZMwsHvSip/BjRAZU13j
j0LcEWbCi96dGTTgvxTa7GrsGa+vxOIvKj6HhMCR6gFPf8dnw7Z7AqO7HxxfB/nh
9gxYyIfxOC1pFHYXd9+5Smpx6dVWjFKe6uRzmaq8ZEeHVmkzZNeTLwCIIzeLb9LB
IrZoZTuvVZZQOv4y/C1RfonFLW/QigzMyN7nR+GukqzX3zcLm6TjZJzwTxQkbWov
2O9wmvaMuEvr6nS1UOgukq5lwV85nT386Pr64gV7urss5t6ED3CwOpFxw27iJSg/
Nr3WGcD1WvK5whoDgBC+SKEm/J45sNSMNy4a0hTWo5nsfAI=
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:27 2025 by rpki-client