Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2270e26b-c2b1-4cc3-800b-33825c0d723b.roa
File: 2270e26b-c2b1-4cc3-800b-33825c0d723b.roa (raw, json)
Hash identifier: SawBEIwYw73siDc8E79AVMRKx3neSBYl8lqS7Sz+1qw=
Subject key identifier: DE:43:20:A8:25:E5:F8:E2:5A:3D:E1:56:F0:0D:96:FE:28:47:28:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 60C71720BB07F43E0C95C6E11CD49E4E302FEBE7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2270e26b-c2b1-4cc3-800b-33825c0d723b.roa
Signing time: Tue 17 Jun 2025 00:41:20 +0000
ROA not before: Tue 17 Jun 2025 00:41:20 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:c7:17:20:bb:07:f4:3e:0c:95:c6:e1:1c:d4:9e:4e:30:2f:eb:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:41:20 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=2c2d5d98370c7059aeefb7e330118be944bdbb97f79a16bbbb68cb49ebebea49, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b2:20:a8:34:ec:39:4c:6f:75:5e:5d:ec:2a:
2a:fb:04:e8:9c:22:49:9f:06:0c:cd:57:e3:0d:b2:
c4:9f:db:47:4d:53:c4:bd:04:b9:f7:71:3a:1d:5f:
e4:af:45:ea:e2:d9:b7:34:99:ec:42:f4:6e:e8:fc:
d9:ec:d5:a9:e2:2c:a0:cc:a6:d8:91:78:3c:d4:70:
87:ae:5e:2f:83:f6:29:a7:8d:f6:cb:f1:26:dc:f7:
4c:04:96:01:ab:a7:03:b4:b2:78:25:cd:c4:43:a9:
06:43:9a:a2:b8:a7:0f:f8:7d:f9:57:bf:98:6d:9e:
89:c4:15:ed:30:a4:0c:be:9e:2e:6d:38:60:86:e2:
43:16:f4:7b:1c:72:c3:30:79:41:cc:f0:b2:06:67:
b4:e5:40:ab:08:de:1a:79:d7:fd:40:ac:c6:e8:15:
25:94:1b:95:9c:bb:8b:f6:a6:6d:6e:e9:d2:c9:92:
e5:a6:30:57:f3:8e:01:8b:47:f9:75:dd:28:5f:cb:
7f:a7:21:f8:c5:b9:62:f4:0c:2a:b9:a5:6d:92:d9:
5a:46:f2:3a:a0:94:24:ef:4b:00:c0:42:83:34:02:
c3:fe:54:a7:2d:40:0b:06:4d:1e:87:4b:ce:4c:d2:
db:27:3e:29:58:f2:07:74:8c:1b:75:8d:66:8f:21:
bf:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:43:20:A8:25:E5:F8:E2:5A:3D:E1:56:F0:0D:96:FE:28:47:28:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2270e26b-c2b1-4cc3-800b-33825c0d723b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
09:8c:c8:44:34:f6:ca:29:33:2c:74:26:95:9f:1b:c6:62:10:
c2:32:21:c6:69:29:f1:9e:51:9b:d9:f9:aa:4d:3b:db:87:34:
bb:bf:6f:bd:0f:4b:dc:e2:12:13:d1:19:03:bb:fa:0e:ec:a6:
87:36:ad:bf:87:54:5d:30:c4:ba:fc:ca:34:9d:cf:59:38:d5:
57:83:44:3b:4f:55:14:3f:0a:5b:76:ab:63:28:89:8b:92:43:
fb:a5:30:64:d8:15:19:c3:36:2e:46:7b:ca:f1:94:a7:09:db:
70:34:67:a2:d3:75:84:f3:ad:d5:81:2f:4d:24:1d:3e:ae:1b:
26:47:14:d7:74:43:a0:31:65:07:bd:bb:b9:38:c4:82:1b:71:
b1:a9:0f:59:31:98:37:7a:7b:94:2e:ca:d6:e3:c1:10:7d:76:
6a:c1:3a:c5:8c:21:7e:5b:35:23:b9:6b:dc:35:ed:e3:57:f8:
69:9a:4b:22:97:d9:fa:c1:d9:92:25:da:ef:a7:be:e9:7d:80:
ad:e5:b0:d3:44:05:f6:bb:f6:c6:14:43:6b:f2:c5:8e:de:03:
fb:c8:45:d0:06:32:b1:a8:bb:7d:3a:65:05:09:78:24:8e:ac:
08:ab:e9:05:2e:9f:5e:5d:cf:ab:99:c3:d0:78:00:d8:01:95:
02:22:48:c8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYMcXILsH9D4MlcbhHNSeTjAv6+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQxMjBaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjMmQ1ZDk4MzcwYzcwNTlhZWVmYjdlMzMwMTE4YmU5NDRiZGJiOTdmNzlh
MTZiYmJiNjhjYjQ5ZWJlYmVhNDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWyIKg07DlMb3VeXewqKvsE6JwiSZ8GDM1X4w2yxJ/bR01TxL0EufdxOh1f
5K9F6uLZtzSZ7EL0buj82ezVqeIsoMym2JF4PNRwh65eL4P2KaeN9svxJtz3TASW
AaunA7SyeCXNxEOpBkOaorinD/h9+Ve/mG2eicQV7TCkDL6eLm04YIbiQxb0exxy
wzB5QczwsgZntOVAqwjeGnnX/UCsxugVJZQblZy7i/ambW7p0smS5aYwV/OOAYtH
+XXdKF/Lf6ch+MW5YvQMKrmlbZLZWkbyOqCUJO9LAMBCgzQCw/5Upy1ACwZNHodL
zkzS2yc+KVjyB3SMG3WNZo8hv4MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTeQyCo
JeX44lo94VbwDZb+KEcoLjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjI3MGUyNmItYzJiMS00Y2MzLTgwMGItMzM4MjVjMGQ3MjNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+w
MA0GCSqGSIb3DQEBCwUAA4IBAQAJjMhENPbKKTMsdCaVnxvGYhDCMiHGaSnxnlGb
2fmqTTvbhzS7v2+9D0vc4hIT0RkDu/oO7KaHNq2/h1RdMMS6/Mo0nc9ZONVXg0Q7
T1UUPwpbdqtjKImLkkP7pTBk2BUZwzYuRnvK8ZSnCdtwNGei03WE863VgS9NJB0+
rhsmRxTXdEOgMWUHvbu5OMSCG3GxqQ9ZMZg3enuULsrW48EQfXZqwTrFjCF+WzUj
uWvcNe3jV/hpmksil9n6wdmSJdrvp77pfYCt5bDTRAX2u/bGFENr8sWO3gP7yEXQ
BjKxqLt9OmUFCXgkjqwIq+kFLp9eXc+rmcPQeADYAZUCIkjI
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:33 2025 by rpki-client