Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
File: 376be0fe-aebc-4855-80a4-ea95cf413b51.roa (raw, json)
Hash identifier: /X4THc/EeK5nR0sfcesbtaXu5rzzF6tiz+Ul84O74Vc=
Subject key identifier: 19:E1:AB:D8:8E:EA:D5:39:62:16:8C:83:C9:D4:0C:72:53:10:94:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2AE8809B8CE5D264A9221339213F120940A034E7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
Signing time: Wed 25 Jun 2025 00:50:08 +0000
ROA not before: Wed 25 Jun 2025 00:50:08 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:e8:80:9b:8c:e5:d2:64:a9:22:13:39:21:3f:12:09:40:a0:34:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 25 00:50:08 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=162b10addb12f943e241fc5b6fa0550e32d9fa94f99cb0356295256d16d29be5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d4:e0:7f:a1:a6:0e:8a:c9:58:c4:d9:ea:c6:
4a:3f:1f:2d:16:b3:f4:7d:da:a5:27:eb:1a:f3:0d:
94:22:3d:d5:da:c6:1f:01:a3:cb:f4:9c:0f:fe:8b:
ad:b7:ee:4b:7e:54:e3:4b:ca:a9:eb:03:4b:2e:a9:
4a:b6:21:a2:dc:bc:59:37:10:d5:a1:5d:5b:ec:31:
08:16:32:e9:51:12:21:9a:a2:2d:54:c5:d6:4e:c7:
10:c3:b3:2d:4f:6f:a3:a9:d0:36:8e:e4:ea:7c:97:
4f:5e:64:92:fc:fe:3f:60:dc:53:4e:1e:38:95:29:
ba:b6:9a:86:81:6d:b2:1e:92:99:de:9a:45:3b:a7:
4a:1c:b9:8c:8f:f0:b4:f3:24:13:b4:a8:71:5a:61:
14:88:b6:fd:d5:b8:ca:65:4b:71:62:0d:00:43:d6:
00:6b:f9:68:1f:ea:74:44:fd:2b:d7:f5:2a:25:59:
03:10:64:6e:2f:3e:23:a7:27:e6:15:62:da:dd:f3:
09:fa:35:5e:01:c2:15:c0:fb:87:a5:2e:29:f7:fe:
e4:d5:4c:22:b9:25:aa:0a:10:2f:79:ae:1e:45:9a:
25:73:e7:f8:fd:1e:bb:08:9a:d9:c4:6a:9c:e9:c0:
19:f5:fd:83:8b:61:15:cf:7c:01:2d:2a:7e:fe:e5:
4f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:E1:AB:D8:8E:EA:D5:39:62:16:8C:83:C9:D4:0C:72:53:10:94:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:5000::/40
Signature Algorithm: sha256WithRSAEncryption
35:ea:62:8a:3d:75:55:df:4f:e4:0e:14:6e:76:f8:f7:5d:7e:
db:cb:bb:b3:0e:0f:1d:c9:99:e3:ed:82:f6:04:3f:fa:72:42:
94:2d:2c:44:d8:28:1a:03:59:94:ba:f0:3c:89:47:d4:fd:fd:
49:93:51:d7:86:6e:93:6f:3a:35:37:be:4c:fc:93:dd:aa:14:
90:85:fb:6d:93:f4:47:db:6a:ef:e6:2a:95:9a:b9:02:71:62:
79:86:7f:00:c4:ce:7c:13:58:d7:66:b6:22:15:1f:df:6b:0c:
bb:d1:c2:78:2c:bf:af:60:ad:3d:47:87:9a:54:bf:72:eb:bb:
88:30:1d:6e:a0:37:44:81:75:7f:c6:63:c5:3f:51:39:6b:90:
83:19:89:70:a0:33:b9:73:69:1d:d2:4f:ac:6e:8d:e8:ef:27:
18:4e:68:a9:74:4a:41:3f:b5:e3:0e:c9:f7:4b:d9:67:af:4a:
68:52:16:fc:7f:8d:58:e8:0e:54:a7:6f:7e:89:f9:1e:74:12:
e3:2e:4d:af:c4:51:43:66:49:5d:9a:d7:ea:f9:20:3d:14:25:
f6:56:f5:99:70:77:d9:bc:dc:e2:27:99:d6:f5:ac:40:0a:07:
6a:f3:db:5e:dc:25:3d:23:89:26:62:37:96:cf:20:e7:2a:90:
79:e4:84:67
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKuiAm4zl0mSpIhM5IT8SCUCgNOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjUwMDUwMDhaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2MmIxMGFkZGIxMmY5NDNlMjQxZmM1YjZmYTA1NTBlMzJkOWZhOTRmOTlj
YjAzNTYyOTUyNTZkMTZkMjliZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJrU4H+hpg6KyVjE2erGSj8fLRaz9H3apSfrGvMNlCI91drGHwGjy/ScD/6L
rbfuS35U40vKqesDSy6pSrYhoty8WTcQ1aFdW+wxCBYy6VESIZqiLVTF1k7HEMOz
LU9vo6nQNo7k6nyXT15kkvz+P2DcU04eOJUpuraahoFtsh6Smd6aRTunShy5jI/w
tPMkE7SocVphFIi2/dW4ymVLcWINAEPWAGv5aB/qdET9K9f1KiVZAxBkbi8+I6cn
5hVi2t3zCfo1XgHCFcD7h6UuKff+5NVMIrklqgoQL3muHkWaJXPn+P0euwia2cRq
nOnAGfX9g4thFc98AS0qfv7lT9kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQZ4avY
jurVOWIWjIPJ1AxyUxCUbzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mzc2YmUwZmUtYWViYy00ODU1LTgwYTQtZWE5NWNmNDEzYjUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA16mKKPXVV30/kDhRudvj3XX7by7uzDg8dyZnj
7YL2BD/6ckKULSxE2CgaA1mUuvA8iUfU/f1Jk1HXhm6Tbzo1N75M/JPdqhSQhftt
k/RH22rv5iqVmrkCcWJ5hn8AxM58E1jXZrYiFR/fawy70cJ4LL+vYK09R4eaVL9y
67uIMB1uoDdEgXV/xmPFP1E5a5CDGYlwoDO5c2kd0k+sbo3o7ycYTmipdEpBP7Xj
Dsn3S9lnr0poUhb8f41Y6A5Up29+ifkedBLjLk2vxFFDZkldmtfq+SA9FCX2VvWZ
cHfZvNziJ5nW9axACgdq89te3CU9I4kmYjeWzyDnKpB55IRn
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:19 2025 by rpki-client