Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
File: 1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa (raw, json)
Hash identifier: E4ySWFwnFL1vXCCD53KRV6TfontiTxfJscpj2dnR1Kc=
Subject key identifier: 81:13:36:AF:8D:88:8B:B7:91:D5:2A:B9:94:43:FB:18:4C:C0:11:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FCF7CA42C6BF5124DF164BB2B0102C33D1CE986
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
Signing time: Mon 16 Jun 2025 21:40:56 +0000
ROA not before: Mon 16 Jun 2025 21:40:56 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:cf:7c:a4:2c:6b:f5:12:4d:f1:64:bb:2b:01:02:c3:3d:1c:e9:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:40:56 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=9933c3c4dc433bac6dbc675c02b0354625e89b139af82f4c471db78dc2bdc6cb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ff:c9:40:d9:39:2d:1c:ce:07:8c:4a:d7:6c:
ae:07:58:ff:53:0b:54:a7:63:d4:de:21:83:22:20:
72:81:f5:8b:64:de:29:7c:ef:6b:67:9f:01:7e:78:
f5:08:d2:ca:29:8f:bc:97:07:ec:89:0b:a9:e5:61:
57:51:46:14:eb:4b:21:81:34:02:16:b1:53:2c:9f:
5a:64:de:33:41:13:4c:17:4e:0d:b6:03:fc:17:55:
26:4a:0e:c8:7c:02:45:c5:22:67:1a:6e:ff:d0:f3:
8f:66:10:73:46:fb:19:93:ed:c0:c7:6f:90:ac:ae:
88:2d:bc:1c:79:29:22:96:4b:8a:5e:01:6a:d7:01:
08:0a:f2:c7:03:b7:41:de:25:59:db:ce:b3:9e:da:
7f:08:2a:ff:a9:2b:eb:06:bc:53:a4:a7:12:65:cb:
03:49:27:95:1e:64:85:35:e9:aa:51:1d:c7:50:42:
46:bd:e2:b2:d8:62:b1:0c:4c:d5:2b:f7:82:42:b8:
5b:17:c3:d1:52:53:07:c5:4d:e3:b6:59:12:d5:54:
0d:b1:d4:6a:e1:19:01:0b:7d:9f:a9:e2:aa:a5:22:
13:17:2e:22:77:03:9f:fc:af:7f:bd:21:87:e9:0a:
fd:ee:73:7a:5c:5c:2f:d3:87:c3:46:9d:cd:38:25:
4e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:13:36:AF:8D:88:8B:B7:91:D5:2A:B9:94:43:FB:18:4C:C0:11:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d:800::/37
Signature Algorithm: sha256WithRSAEncryption
64:5b:b5:d5:74:9b:04:92:02:6c:c0:f3:74:73:51:6d:a3:fe:
13:2b:4b:20:67:ec:4f:a2:5b:34:97:28:e6:4d:28:44:be:c2:
1f:d6:68:cf:31:4f:e2:e3:1a:f5:2c:6c:d0:77:df:d9:d9:8a:
5d:44:5a:82:b2:44:49:fe:92:08:0f:82:0f:35:7f:9f:39:0a:
be:4f:00:f7:b1:e1:ef:5b:d8:dc:b5:18:a9:11:b9:c0:e7:1d:
84:e3:a2:53:50:6c:78:e8:db:15:6f:a5:c2:2b:8e:cd:d7:55:
57:93:a4:9a:54:0b:ef:c8:cd:12:b4:7b:28:72:09:f6:13:98:
2f:86:24:1a:68:ba:79:99:7e:b0:45:5a:47:91:92:20:6a:65:
d3:92:92:b0:53:c8:41:f0:f3:99:bb:66:e4:79:8d:9a:dc:67:
d5:46:d3:c5:bd:8a:ca:64:41:59:0c:df:0e:6e:8c:46:52:a6:
11:67:bd:17:53:89:36:b0:a1:a9:e2:84:fa:7b:38:a0:0e:95:
b3:f4:9b:f8:49:6a:54:dc:18:4f:5e:b1:06:34:ca:9d:90:69:
25:08:00:76:fe:c3:a5:fc:c7:7d:4c:8f:6c:da:6f:55:16:ec:
fa:2b:d2:4a:68:e0:fa:7c:c3:cd:45:dc:da:94:48:5c:a2:48:
42:68:f7:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf898pCxr9RJN8WS7KwECwz0c6YYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQwNTZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5MzNjM2M0ZGM0MzNiYWM2ZGJjNjc1YzAyYjAzNTQ2MjVlODliMTM5YWY4
MmY0YzQ3MWRiNzhkYzJiZGM2Y2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKf/yUDZOS0czgeMStdsrgdY/1MLVKdj1N4hgyIgcoH1i2TeKXzva2efAX54
9QjSyimPvJcH7IkLqeVhV1FGFOtLIYE0AhaxUyyfWmTeM0ETTBdODbYD/BdVJkoO
yHwCRcUiZxpu/9Dzj2YQc0b7GZPtwMdvkKyuiC28HHkpIpZLil4BatcBCAryxwO3
Qd4lWdvOs57afwgq/6kr6wa8U6SnEmXLA0knlR5khTXpqlEdx1BCRr3isthisQxM
1Sv3gkK4WxfD0VJTB8VN47ZZEtVUDbHUauEZAQt9n6niqqUiExcuIncDn/yvf70h
h+kK/e5zelxcL9OHw0adzTglTo8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSBEzav
jYiLt5HVKrmUQ/sYTMARPTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQ0ODBiNmQtMjVmYy00ZjM3LWIxMjUtZjQ1Y2UyMzZmNGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0I
MA0GCSqGSIb3DQEBCwUAA4IBAQBkW7XVdJsEkgJswPN0c1Fto/4TK0sgZ+xPols0
lyjmTShEvsIf1mjPMU/i4xr1LGzQd9/Z2YpdRFqCskRJ/pIID4IPNX+fOQq+TwD3
seHvW9jctRipEbnA5x2E46JTUGx46NsVb6XCK47N11VXk6SaVAvvyM0StHsocgn2
E5gvhiQaaLp5mX6wRVpHkZIgamXTkpKwU8hB8POZu2bkeY2a3GfVRtPFvYrKZEFZ
DN8OboxGUqYRZ70XU4k2sKGp4oT6ezigDpWz9Jv4SWpU3BhPXrEGNMqdkGklCAB2
/sOl/Md9TI9s2m9VFuz6K9JKaOD6fMPNRdzalEhcokhCaPd0
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:25:22 2025 by rpki-client