Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
File: 38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa (raw, json)
Hash identifier: PEm1uA9fc2gOeDIQFUFns9GMIugfReAePORFSBb9cGA=
Subject key identifier: E4:17:E3:85:0D:95:AC:7C:97:6A:52:10:C1:C3:D0:9D:C1:40:8D:F1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B340CE6903AAE047E43AF9670D5482B29CAB9C3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
Signing time: Mon 16 Jun 2025 21:00:09 +0000
ROA not before: Mon 16 Jun 2025 21:00:09 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:34:0c:e6:90:3a:ae:04:7e:43:af:96:70:d5:48:2b:29:ca:b9:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:00:09 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=1d92ea6b814951df43994de1e3c7d676c42b61b6954deb54ad3e4be89e702e78, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:12:e3:02:6c:d0:34:db:e3:40:66:7b:48:a6:
b7:f5:d9:cc:16:ed:cf:13:b8:73:a1:3f:af:c8:13:
01:bd:9c:55:4f:71:f8:fc:69:ed:85:90:b5:4e:f6:
79:fa:4d:3b:9b:b8:7e:c8:2e:2f:5e:39:89:a0:91:
b7:90:30:6e:3a:73:c5:4a:b4:8c:e6:6c:bd:9e:ac:
2e:c0:43:c8:7d:f8:33:65:f0:cd:be:cc:6a:28:42:
fb:7e:a1:8b:fe:90:27:3d:e8:11:70:7b:53:63:24:
d0:ae:a7:68:61:0c:ba:21:b1:fe:53:e0:39:ca:1f:
7a:29:73:2f:84:fd:51:d1:a5:ac:dd:d2:59:0c:6a:
f4:f5:05:98:7f:7f:40:6a:35:85:de:56:6e:ea:c7:
f4:fe:86:81:f9:95:43:1b:e3:f5:46:1d:b1:12:03:
8e:8f:65:d2:16:86:81:b1:40:eb:c4:b2:da:87:36:
0c:1f:77:f9:1c:80:ae:b3:d1:91:55:d1:4f:f9:a3:
4b:a9:bf:a3:d5:fe:b6:07:ec:6c:be:fe:2c:2c:42:
58:94:e7:db:d0:31:e5:1d:e4:6f:6f:58:b3:09:81:
4b:44:14:b1:56:2f:48:ad:32:75:6f:19:8b:25:2b:
b9:63:d6:bd:6d:40:5c:3f:59:8c:59:f7:19:63:e5:
80:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:17:E3:85:0D:95:AC:7C:97:6A:52:10:C1:C3:D0:9D:C1:40:8D:F1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:6000::/40
Signature Algorithm: sha256WithRSAEncryption
9c:27:76:ea:8e:ea:3b:e4:44:53:3f:a4:fc:7e:a2:10:3f:df:
0f:73:67:f4:9d:ba:98:1f:58:0d:b2:f1:ed:f3:87:21:10:e5:
2b:c1:88:ed:f5:69:cc:0e:dc:07:15:f9:b5:4a:35:bd:4f:4a:
ef:51:44:12:d9:08:6a:5d:d3:31:2f:17:95:4c:d4:38:31:4e:
b9:dc:b7:e7:f8:88:34:5d:c4:f8:b9:0c:11:de:7e:39:9a:cb:
f1:0f:ea:85:7a:19:86:7a:39:40:08:0f:e7:67:05:71:96:d3:
40:03:03:57:23:1c:15:fd:d7:10:07:57:45:49:b1:cd:42:d4:
44:b3:a6:8f:99:b3:fa:b7:c4:0b:43:59:83:27:cc:80:69:4b:
28:ab:b4:cb:bf:07:34:c5:c8:ab:5c:24:d1:24:17:2c:b3:d4:
26:e3:02:23:14:3e:e6:2d:8c:14:77:41:d5:1d:16:eb:1e:4c:
43:61:3c:19:b0:3c:51:19:02:5c:23:19:88:9d:3d:65:95:39:
05:9e:d6:0e:d3:16:33:d9:d1:51:4a:93:29:7b:f3:7c:71:84:
2b:26:dc:fb:30:f6:ef:a4:72:dc:d1:22:c7:c6:c5:f4:50:80:
f2:81:58:26:69:58:08:1a:99:2e:48:a8:9a:05:d9:b1:21:0d:
e5:27:f0:25
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUazQM5pA6rgR+Q6+WcNVIKynKucMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTAwMDlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkOTJlYTZiODE0OTUxZGY0Mzk5NGRlMWUzYzdkNjc2YzQyYjYxYjY5NTRk
ZWI1NGFkM2U0YmU4OWU3MDJlNzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN8S4wJs0DTb40Bme0imt/XZzBbtzxO4c6E/r8gTAb2cVU9x+Pxp7YWQtU72
efpNO5u4fsguL145iaCRt5AwbjpzxUq0jOZsvZ6sLsBDyH34M2Xwzb7MaihC+36h
i/6QJz3oEXB7U2Mk0K6naGEMuiGx/lPgOcofeilzL4T9UdGlrN3SWQxq9PUFmH9/
QGo1hd5WburH9P6GgfmVQxvj9UYdsRIDjo9l0haGgbFA68Sy2oc2DB93+RyArrPR
kVXRT/mjS6m/o9X+tgfsbL7+LCxCWJTn29Ax5R3kb29YswmBS0QUsVYvSK0ydW8Z
iyUruWPWvW1AXD9ZjFn3GWPlgKcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTkF+OF
DZWsfJdqUhDBw9CdwUCN8TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzhmOWMwZjAtYTEwOS00ODVjLWJkMmQtMmUxYTQ0MGI4NjRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVg
MA0GCSqGSIb3DQEBCwUAA4IBAQCcJ3bqjuo75ERTP6T8fqIQP98Pc2f0nbqYH1gN
svHt84chEOUrwYjt9WnMDtwHFfm1SjW9T0rvUUQS2QhqXdMxLxeVTNQ4MU653Lfn
+Ig0XcT4uQwR3n45msvxD+qFehmGejlACA/nZwVxltNAAwNXIxwV/dcQB1dFSbHN
QtREs6aPmbP6t8QLQ1mDJ8yAaUsoq7TLvwc0xcirXCTRJBcss9Qm4wIjFD7mLYwU
d0HVHRbrHkxDYTwZsDxRGQJcIxmInT1llTkFntYO0xYz2dFRSpMpe/N8cYQrJtz7
MPbvpHLc0SLHxsX0UIDygVgmaVgIGpkuSKiaBdmxIQ3lJ/Al
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:05 2025 by rpki-client