Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
File: 288fb7c1-6c49-475a-9dd0-2637b4e09492.roa (raw, json)
Hash identifier: R1R4HKPCDS7KcQSnu68JDGUpfTnINu2kzdxKLYB9qd8=
Subject key identifier: C4:09:2C:0B:54:CF:DD:9C:09:22:24:DB:F0:C7:C9:92:09:D4:8F:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4624B319819E29BC5AD93D97C750C4E8737D28E1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
Signing time: Mon 16 Jun 2025 21:41:21 +0000
ROA not before: Mon 16 Jun 2025 21:41:21 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:24:b3:19:81:9e:29:bc:5a:d9:3d:97:c7:50:c4:e8:73:7d:28:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:41:21 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=16ee2e7276fde34f684d25f99c45f2d87c44c90c6a7291af3215058765c221c2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:11:ee:dd:30:d8:25:92:95:12:b0:37:c8:58:
94:6a:a6:bf:1b:e1:07:46:63:5f:ff:2a:35:0b:df:
30:d5:d2:a8:69:07:12:ee:a8:cb:1c:b6:73:46:e0:
19:89:72:e4:e2:ec:ad:1a:0d:57:89:49:ec:02:75:
6d:2c:30:2c:d2:8b:dc:dc:7f:63:c7:8f:e8:bc:e7:
d8:38:0c:87:de:c5:2f:ba:fd:3a:cf:33:bf:33:f1:
dc:34:ff:59:df:8a:79:b2:c9:fa:c1:15:fc:ba:41:
06:c5:07:1c:2c:71:9a:6c:9b:f6:ac:f4:ab:1d:cd:
6d:32:a4:da:2b:c3:50:28:3a:0a:26:13:19:81:5f:
12:2e:28:45:12:b3:a4:f4:e7:b8:c6:0a:ff:9d:fa:
c5:9f:8a:86:e1:42:4e:c7:06:9e:1d:9b:10:d8:b6:
21:9c:76:8b:23:74:a9:83:51:f5:02:e2:7e:12:5c:
3d:3c:23:04:9d:23:f8:4c:18:aa:74:43:31:68:c4:
8a:9f:22:a4:35:d7:b1:d2:32:1d:1d:a7:7c:6a:32:
4f:74:d1:9c:21:6e:89:a8:c6:21:b6:9b:66:17:5c:
b0:db:0b:59:c6:4f:cd:9b:8f:f9:29:2f:16:9a:00:
74:5a:91:24:9f:07:9e:d0:01:9a:d0:f3:6d:3e:5b:
fb:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:09:2C:0B:54:CF:DD:9C:09:22:24:DB:F0:C7:C9:92:09:D4:8F:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:400::/38
Signature Algorithm: sha256WithRSAEncryption
a7:99:94:09:06:4d:46:61:96:b2:66:f6:fc:44:58:de:19:71:
e5:00:bd:8c:b8:0e:90:7e:78:f7:54:60:cf:c2:4e:5a:b6:3b:
96:ed:53:8e:c3:77:a9:29:64:95:22:61:de:b3:ed:f5:5d:aa:
6f:4a:ec:45:8e:ad:3f:c7:6e:8f:1d:13:80:07:4d:ed:ea:ca:
92:a9:e3:d2:61:99:0b:91:3b:dd:b7:fd:01:83:45:aa:60:9d:
99:d7:14:84:84:7c:bc:26:32:71:bb:d0:48:dd:03:32:cb:cc:
de:18:cb:88:ec:47:f5:2e:ff:c8:d6:1b:5a:71:e9:a3:79:ab:
70:e2:10:3d:7a:6f:05:60:d4:a4:43:6b:06:d5:56:88:29:69:
5b:53:c4:7d:9f:21:12:ec:d5:e8:14:bc:e2:a2:f0:7d:1f:97:
8a:1f:1c:a1:be:0b:36:9e:db:6e:fd:c1:13:f2:de:39:6f:6e:
54:9c:29:c1:4e:13:c1:1c:67:d7:3c:c6:00:10:54:ff:4f:7a:
20:ca:06:0a:6a:2b:cf:d7:ef:c5:63:37:26:7f:1d:c0:12:83:
39:e5:b3:27:98:e0:0c:98:7d:ca:6f:99:23:e1:04:34:92:3a:
38:ba:23:df:33:ed:10:a4:51:99:a0:c5:3e:e0:6e:58:dc:ff:
87:ca:98:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURiSzGYGeKbxa2T2Xx1DE6HN9KOEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQxMjFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2ZWUyZTcyNzZmZGUzNGY2ODRkMjVmOTljNDVmMmQ4N2M0NGM5MGM2YTcy
OTFhZjMyMTUwNTg3NjVjMjIxYzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI0R7t0w2CWSlRKwN8hYlGqmvxvhB0ZjX/8qNQvfMNXSqGkHEu6oyxy2c0bg
GYly5OLsrRoNV4lJ7AJ1bSwwLNKL3Nx/Y8eP6Lzn2DgMh97FL7r9Os8zvzPx3DT/
Wd+KebLJ+sEV/LpBBsUHHCxxmmyb9qz0qx3NbTKk2ivDUCg6CiYTGYFfEi4oRRKz
pPTnuMYK/536xZ+KhuFCTscGnh2bENi2IZx2iyN0qYNR9QLifhJcPTwjBJ0j+EwY
qnRDMWjEip8ipDXXsdIyHR2nfGoyT3TRnCFuiajGIbabZhdcsNsLWcZPzZuP+Skv
FpoAdFqRJJ8HntABmtDzbT5b+xkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTECSwL
VM/dnAkiJNvwx8mSCdSPzTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjg4ZmI3YzEtNmM0OS00NzVhLTlkZDAtMjYzN2I0ZTA5NDkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4E
MA0GCSqGSIb3DQEBCwUAA4IBAQCnmZQJBk1GYZayZvb8RFjeGXHlAL2MuA6Qfnj3
VGDPwk5atjuW7VOOw3epKWSVImHes+31XapvSuxFjq0/x26PHROAB03t6sqSqePS
YZkLkTvdt/0Bg0WqYJ2Z1xSEhHy8JjJxu9BI3QMyy8zeGMuI7Ef1Lv/I1htacemj
eatw4hA9em8FYNSkQ2sG1VaIKWlbU8R9nyES7NXoFLziovB9H5eKHxyhvgs2nttu
/cET8t45b25UnCnBThPBHGfXPMYAEFT/T3ogygYKaivP1+/FYzcmfx3AEoM55bMn
mOAMmH3Kb5kj4QQ0kjo4uiPfM+0QpFGZoMU+4G5Y3P+HypgE
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:02:48 2025 by rpki-client