Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3401cced-770c-4585-9f39-cb17444bbb38.roa
File: 3401cced-770c-4585-9f39-cb17444bbb38.roa (raw, json)
Hash identifier: Ns6Vn2Xa1xB7L3FXPFsLPrWdNNdacbMyNLIMTa5ozNM=
Subject key identifier: CD:53:D7:0C:36:8A:36:16:BE:69:77:3A:FA:83:F3:6C:A0:F7:00:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6CD14DBC9038D46C89FD548EAF4E602F50D86A8A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3401cced-770c-4585-9f39-cb17444bbb38.roa
Signing time: Wed 25 Jun 2025 00:50:05 +0000
ROA not before: Wed 25 Jun 2025 00:50:05 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:d1:4d:bc:90:38:d4:6c:89:fd:54:8e:af:4e:60:2f:50:d8:6a:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 25 00:50:05 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=f9b7bd876dbe7b1d60734b2c77a60576e375d3ff8ad9c47973a8067598080164, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4f:64:a6:62:3c:cd:a4:11:a7:84:ef:52:94:
9c:7e:b0:6b:08:c0:01:28:ba:c5:3f:41:7d:f1:65:
71:d2:16:88:d5:34:7c:36:53:80:c0:af:48:23:c5:
ba:c7:40:65:6c:ab:04:24:15:cd:67:da:1d:68:98:
2e:f4:bd:8c:04:2f:88:f6:df:fa:66:72:fa:b2:b9:
77:b8:da:6e:f8:f9:60:63:65:35:8e:76:76:47:83:
e8:f5:e6:fd:a3:36:6b:a5:45:1f:63:75:e4:cd:96:
d0:79:6d:39:b3:1f:62:e6:cb:c6:21:7b:1d:ec:4f:
9e:87:86:24:78:09:0b:2c:7d:6c:ff:c7:ab:83:a6:
bf:50:6b:fb:bb:d9:f2:69:fd:4d:41:b1:5f:8a:2c:
49:b6:cd:94:9d:d6:0e:09:8c:b5:2a:ea:ad:ce:7d:
a0:82:44:b2:09:97:d5:f9:fe:79:cc:de:15:ca:9f:
bf:0d:a7:7e:e7:34:33:66:a4:88:9c:88:0a:48:6a:
8e:e2:91:1f:d2:b9:c0:f1:82:e1:35:4e:60:f4:9f:
73:dd:bf:dd:5c:60:b1:8d:29:f9:4d:5c:f3:58:47:
0e:96:1d:e3:4e:b4:bc:1c:62:09:31:ae:1e:93:b4:
36:2f:8a:54:cc:48:32:fe:9b:f9:20:9e:5b:4a:08:
0e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:53:D7:0C:36:8A:36:16:BE:69:77:3A:FA:83:F3:6C:A0:F7:00:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3401cced-770c-4585-9f39-cb17444bbb38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032::/32
Signature Algorithm: sha256WithRSAEncryption
09:48:3a:18:94:f7:84:6e:b1:03:ef:d3:62:12:b8:d5:ea:f2:
0e:1e:13:69:99:fb:44:d3:1c:42:7c:37:25:93:15:90:89:6b:
d2:e8:36:c7:47:de:92:4d:19:cb:40:46:f0:6f:82:5b:56:47:
33:c2:22:fa:8b:71:d1:d5:35:ab:3d:de:f7:ea:4c:80:11:d0:
be:fb:ba:82:41:f2:c2:c5:ad:21:c2:55:89:d1:1f:ae:63:4c:
8b:e7:7a:fa:5f:52:25:25:e3:f1:38:bd:20:3f:f4:5d:0d:92:
87:4e:1f:ec:eb:7e:e0:5a:21:16:05:28:93:4a:fa:4b:0d:a8:
ec:b5:ac:8f:cb:ff:f0:11:45:63:44:8d:cc:38:30:7c:6a:01:
d8:af:a5:6c:11:62:09:fc:58:36:5f:0f:27:a4:15:cd:23:b4:
d3:be:e7:d6:5b:7c:e3:c1:13:5f:9d:fb:70:e4:13:b3:75:9b:
e1:11:af:13:c3:c2:1e:1f:1f:16:d7:37:98:48:7c:64:12:b2:
6c:2c:39:55:54:83:88:8d:58:e6:f1:79:93:93:f9:c3:9c:0b:
09:73:b9:85:b9:3d:f7:9b:71:3a:b1:85:95:ca:e0:2b:48:16:
fd:cf:c9:70:a6:c6:51:44:b8:8d:8d:b8:e4:aa:6b:14:66:57:
e1:c1:0d:83
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUbNFNvJA41GyJ/VSOr05gL1DYaoowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjUwMDUwMDVaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5YjdiZDg3NmRiZTdiMWQ2MDczNGIyYzc3YTYwNTc2ZTM3NWQzZmY4YWQ5
YzQ3OTczYTgwNjc1OTgwODAxNjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpPZKZiPM2kEaeE71KUnH6wawjAASi6xT9BffFlcdIWiNU0fDZTgMCvSCPF
usdAZWyrBCQVzWfaHWiYLvS9jAQviPbf+mZy+rK5d7jabvj5YGNlNY52dkeD6PXm
/aM2a6VFH2N15M2W0HltObMfYubLxiF7HexPnoeGJHgJCyx9bP/Hq4Omv1Br+7vZ
8mn9TUGxX4osSbbNlJ3WDgmMtSrqrc59oIJEsgmX1fn+eczeFcqfvw2nfuc0M2ak
iJyICkhqjuKRH9K5wPGC4TVOYPSfc92/3VxgsY0p+U1c81hHDpYd4060vBxiCTGu
HpO0Ni+KVMxIMv6b+SCeW0oIDlUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTNU9cM
Noo2Fr5pdzr6g/NsoPcAvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzQwMWNjZWQtNzcwYy00NTg1LTlmMzktY2IxNzQ0NGJiYjM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DIw
DQYJKoZIhvcNAQELBQADggEBAAlIOhiU94RusQPv02ISuNXq8g4eE2mZ+0TTHEJ8
NyWTFZCJa9LoNsdH3pJNGctARvBvgltWRzPCIvqLcdHVNas93vfqTIAR0L77uoJB
8sLFrSHCVYnRH65jTIvnevpfUiUl4/E4vSA/9F0NkodOH+zrfuBaIRYFKJNK+ksN
qOy1rI/L//ARRWNEjcw4MHxqAdivpWwRYgn8WDZfDyekFc0jtNO+59ZbfOPBE1+d
+3DkE7N1m+ERrxPDwh4fHxbXN5hIfGQSsmwsOVVUg4iNWObxeZOT+cOcCwlzuYW5
PfebcTqxhZXK4CtIFv3PyXCmxlFEuI2NuOSqaxRmV+HBDYM=
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:07:55 2025 by rpki-client