Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25e5dc44-9b73-42f2-b6d1-c0f559b533bd.roa
File: 25e5dc44-9b73-42f2-b6d1-c0f559b533bd.roa (raw, json)
Hash identifier: UqNQaSgZvEE8K1V4ARiJz2EElC5munyMapGXoA8sBos=
Subject key identifier: 92:9C:3E:A1:0D:E1:0A:44:1D:6B:3B:93:48:A4:AA:7E:3F:00:39:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 42688D9C3FE00B9475138497AB7E78088D752127
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25e5dc44-9b73-42f2-b6d1-c0f559b533bd.roa
Signing time: Mon 16 Jun 2025 20:30:19 +0000
ROA not before: Mon 16 Jun 2025 20:30:19 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:20c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:68:8d:9c:3f:e0:0b:94:75:13:84:97:ab:7e:78:08:8d:75:21:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:30:19 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8108f5689292a222aa5689d05c24bce0d30f5f8f5a7815232b04f72e435d5fd1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1c:8e:14:38:4e:83:96:57:90:0e:d0:96:26:
3a:3b:77:59:9a:67:c3:37:af:8c:24:66:6a:42:bf:
5e:a9:a4:9a:1d:54:17:22:1d:1b:65:e0:ac:59:15:
92:f9:cb:db:97:f9:92:27:6b:00:61:08:cc:e9:f6:
1a:60:9b:ec:5b:cb:c9:7c:a7:62:d6:8f:ad:f2:4b:
cd:d1:17:fa:ff:32:43:92:b4:d4:21:7e:78:e1:a5:
e5:16:ed:d8:f4:b4:db:65:d9:c2:2c:f6:e8:0e:fe:
b9:48:5a:32:b1:45:8e:e2:f5:0e:c7:c4:a6:b1:44:
3b:c5:56:12:b3:09:70:ea:74:bb:52:71:f6:56:c0:
60:b1:26:c0:2d:7f:58:98:70:19:25:18:cc:7d:60:
a6:5c:38:2b:50:c2:16:52:fa:df:ea:67:77:79:5d:
f0:b1:93:cc:6f:10:58:3f:15:82:d9:9b:2c:23:30:
da:28:e0:25:71:e3:34:10:5d:6b:6b:cf:c6:d3:74:
5a:33:71:97:48:85:91:d4:58:f3:50:01:e0:ad:0a:
cb:e0:3c:bc:1b:f5:05:ea:83:8e:1f:ef:66:25:d4:
84:7f:64:99:d6:55:8e:98:e6:59:f5:8f:a1:20:e1:
7e:55:0b:a2:5a:3a:27:ec:d9:cc:f9:d8:5e:98:57:
a8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9C:3E:A1:0D:E1:0A:44:1D:6B:3B:93:48:A4:AA:7E:3F:00:39:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25e5dc44-9b73-42f2-b6d1-c0f559b533bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:20c0::/46
Signature Algorithm: sha256WithRSAEncryption
a8:1f:1f:f3:76:89:b8:fe:4b:59:97:3b:dc:22:a9:a6:91:b5:
d7:c6:3c:00:17:71:95:1a:d6:4d:6f:e8:cc:5c:0a:db:59:cb:
c9:a0:70:ef:fb:10:86:ce:03:09:7b:32:0f:87:e9:e6:f2:a9:
8b:19:b2:cf:8b:da:98:1e:9f:7e:ad:25:ec:0c:ab:85:ac:4e:
c1:ec:85:9b:4b:de:0f:6f:cb:a3:80:a1:5c:b5:87:f0:36:a5:
71:92:6b:35:e3:e1:13:db:e8:14:29:57:d6:5a:6a:84:d8:88:
67:41:c3:22:a2:52:d8:13:ba:59:45:36:5d:1b:d4:f3:e7:88:
71:1b:c9:3b:b5:65:d2:d9:39:51:6a:a0:dc:8f:63:2a:07:3a:
f3:b5:79:bd:09:ac:d5:6c:9f:4c:f9:4e:93:be:81:30:0f:a8:
60:a8:fb:16:c3:52:1e:5b:2a:67:c2:13:96:6f:a8:34:b9:b5:
bc:38:21:7b:8e:df:12:4f:cb:17:0a:50:e7:4e:8a:cc:a8:ce:
d0:20:9e:f0:21:07:5e:81:92:e2:a1:95:8f:11:ba:6a:d8:cc:
07:b7:ed:3a:e3:75:bf:d1:b8:9a:68:12:04:6c:c9:2e:a5:87:
95:60:94:fe:75:bd:d4:e4:b9:fc:d0:a3:77:cf:ef:8d:40:81:
5d:c9:86:62
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQmiNnD/gC5R1E4SXq354CI11IScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDMwMTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMDhmNTY4OTI5MmEyMjJhYTU2ODlkMDVjMjRiY2UwZDMwZjVmOGY1YTc4
MTUyMzJiMDRmNzJlNDM1ZDVmZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUcjhQ4ToOWV5AO0JYmOjt3WZpnwzevjCRmakK/Xqmkmh1UFyIdG2XgrFkV
kvnL25f5kidrAGEIzOn2GmCb7FvLyXynYtaPrfJLzdEX+v8yQ5K01CF+eOGl5Rbt
2PS022XZwiz26A7+uUhaMrFFjuL1DsfEprFEO8VWErMJcOp0u1Jx9lbAYLEmwC1/
WJhwGSUYzH1gplw4K1DCFlL63+pnd3ld8LGTzG8QWD8VgtmbLCMw2ijgJXHjNBBd
a2vPxtN0WjNxl0iFkdRY81AB4K0Ky+A8vBv1BeqDjh/vZiXUhH9kmdZVjpjmWfWP
oSDhflULolo6J+zZzPnYXphXqAkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSSnD6h
DeEKRB1rO5NIpKp+PwA51TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjVlNWRjNDQtOWI3My00MmYyLWI2ZDEtYzBmNTU5YjUzM2JkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hcg
wDANBgkqhkiG9w0BAQsFAAOCAQEAqB8f83aJuP5LWZc73CKpppG118Y8ABdxlRrW
TW/ozFwK21nLyaBw7/sQhs4DCXsyD4fp5vKpixmyz4vamB6ffq0l7AyrhaxOweyF
m0veD2/Lo4ChXLWH8DalcZJrNePhE9voFClX1lpqhNiIZ0HDIqJS2BO6WUU2XRvU
8+eIcRvJO7Vl0tk5UWqg3I9jKgc687V5vQms1WyfTPlOk76BMA+oYKj7FsNSHlsq
Z8ITlm+oNLm1vDghe47fEk/LFwpQ506KzKjO0CCe8CEHXoGS4qGVjxG6atjMB7ft
OuN1v9G4mmgSBGzJLqWHlWCU/nW91OS5/NCjd8/vjUCBXcmGYg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:58 2025 by rpki-client