Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
File: 3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa (raw, json)
Hash identifier: VZz67oDVC1+dDc+7HIWSFFSRyjPVygO6A44PpRxpSvc=
Subject key identifier: 1E:50:13:90:EC:E1:CF:89:BC:24:2A:17:E9:F6:15:1A:70:30:A9:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 466093D9C607D2B058F1D3D0D71EB64C4E08F57D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
Signing time: Mon 16 Jun 2025 21:21:30 +0000
ROA not before: Mon 16 Jun 2025 21:21:30 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:60:93:d9:c6:07:d2:b0:58:f1:d3:d0:d7:1e:b6:4c:4e:08:f5:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:21:30 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=b00f7577c43ce3322e7ff427e801ce15b5e165cd5e740032195c952bafbaf352, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d7:79:15:4a:15:f0:f8:7e:9a:c6:1c:02:ac:
94:f5:07:aa:76:1a:aa:da:8e:b2:99:d2:c8:3f:f9:
09:9c:25:88:48:29:3b:2c:bf:25:92:4a:e4:67:7f:
45:d8:a3:f5:4f:a4:e7:f9:fd:46:bd:a4:6f:86:38:
45:53:43:e5:56:4d:7d:17:54:95:76:e5:36:c1:e2:
bb:94:2a:97:7f:e5:01:ff:fc:0e:04:8d:20:8b:f4:
7a:6a:b6:b3:a8:ff:34:83:c0:01:b9:6b:c8:7d:18:
5b:0e:1f:6a:c3:88:1a:bd:c7:37:81:fd:ec:44:a3:
69:b1:9b:b8:22:d1:1b:c0:89:0b:3b:4b:b9:f6:ef:
29:42:04:6e:25:13:6c:db:b4:8a:38:21:c1:d3:bb:
07:b3:7f:6d:a3:a9:a4:51:f8:1e:15:ca:f9:dc:49:
db:ed:c8:d0:11:57:2b:8b:58:7a:a9:7e:f9:88:85:
2f:24:c3:54:b2:5b:bc:b1:9e:1d:16:4d:bb:2c:23:
86:38:19:59:bb:23:d8:9a:2f:06:f6:d4:41:68:26:
6b:68:1e:7a:2c:22:78:97:3b:42:22:46:25:63:3a:
85:79:72:a7:8d:94:72:7e:35:73:d6:ed:88:98:ed:
5f:7d:8e:a0:84:6f:43:6b:72:7c:b2:c6:f5:dc:c0:
8a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:50:13:90:EC:E1:CF:89:BC:24:2A:17:E9:F6:15:1A:70:30:A9:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036::/32
Signature Algorithm: sha256WithRSAEncryption
9b:0c:8e:6e:c1:0d:1e:97:0b:6b:37:97:6b:ac:df:b2:3a:7d:
d9:34:0f:31:11:30:60:33:e4:14:ea:90:ec:56:52:f6:ed:e3:
35:96:0e:3a:ee:b4:66:59:64:89:26:61:f3:91:c2:63:63:0b:
b5:c7:d3:03:25:35:25:83:62:62:64:a4:6d:8d:dc:85:80:52:
da:83:de:7e:96:ef:5f:19:2d:2c:d6:80:4f:d7:2a:11:35:35:
e4:52:75:08:f3:0f:6e:0e:93:c5:31:4e:45:14:47:25:fd:6e:
ec:ae:11:25:90:ba:9c:3a:3d:b9:d9:3f:30:40:96:fe:d1:af:
8b:9a:c8:35:33:8e:74:7f:38:5c:dc:97:3f:84:ac:52:91:3c:
f6:c4:c3:82:e2:23:b0:25:3c:dc:03:4a:a6:c1:84:bd:a2:f5:
db:68:cb:d3:19:78:15:0b:c4:2d:69:54:20:c3:36:e4:e6:95:
65:d3:1f:44:0c:07:c3:a3:d2:40:6c:ac:40:27:8a:5b:30:77:
02:69:6b:a9:76:41:58:e7:a7:4d:99:a4:f0:8a:3e:3f:70:c4:
d0:bd:17:0e:0d:0e:9a:df:42:4d:2a:93:42:be:44:d5:e0:b7:
77:af:a7:cf:87:ad:4b:44:29:3b:2f:fa:4f:cd:59:0e:93:be:
c2:d7:9e:b2
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIURmCT2cYH0rBY8dPQ1x62TE4I9X0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIxMzBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwMGY3NTc3YzQzY2UzMzIyZTdmZjQyN2U4MDFjZTE1YjVlMTY1Y2Q1ZTc0
MDAzMjE5NWM5NTJiYWZiYWYzNTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN7XeRVKFfD4fprGHAKslPUHqnYaqtqOspnSyD/5CZwliEgpOyy/JZJK5Gd/
Rdij9U+k5/n9Rr2kb4Y4RVND5VZNfRdUlXblNsHiu5Qql3/lAf/8DgSNIIv0emq2
s6j/NIPAAblryH0YWw4fasOIGr3HN4H97ESjabGbuCLRG8CJCztLufbvKUIEbiUT
bNu0ijghwdO7B7N/baOppFH4HhXK+dxJ2+3I0BFXK4tYeql++YiFLyTDVLJbvLGe
HRZNuywjhjgZWbsj2JovBvbUQWgma2geeiwieJc7QiJGJWM6hXlyp42Ucn41c9bt
iJjtX32OoIRvQ2tyfLLG9dzAisECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQeUBOQ
7OHPibwkKhfp9hUacDCpyDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2ExNWFmMzktNjgxOC00ZWViLWJiYWYtMjgzYjdiZmZmYmE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DYw
DQYJKoZIhvcNAQELBQADggEBAJsMjm7BDR6XC2s3l2us37I6fdk0DzERMGAz5BTq
kOxWUvbt4zWWDjrutGZZZIkmYfORwmNjC7XH0wMlNSWDYmJkpG2N3IWAUtqD3n6W
718ZLSzWgE/XKhE1NeRSdQjzD24Ok8UxTkUURyX9buyuESWQupw6PbnZPzBAlv7R
r4uayDUzjnR/OFzclz+ErFKRPPbEw4LiI7AlPNwDSqbBhL2i9dtoy9MZeBULxC1p
VCDDNuTmlWXTH0QMB8Oj0kBsrEAnilswdwJpa6l2QVjnp02ZpPCKPj9wxNC9Fw4N
DprfQk0qk0K+RNXgt3evp8+HrUtEKTsv+k/NWQ6TvsLXnrI=
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:43:01 2025 by rpki-client