Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
File: 3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa (raw, json)
Hash identifier: Xw9W/oOt3Zt2ts+r5GYIGq0JBgJY7HsMS4imETXyWAc=
Subject key identifier: 3B:36:01:62:73:B3:17:8B:FD:45:C4:53:5F:43:80:D8:D8:09:EE:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53DD5294391EDC034DAD847B1F718C09964D0194
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
Signing time: Mon 16 Jun 2025 21:40:20 +0000
ROA not before: Mon 16 Jun 2025 21:40:20 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:dd:52:94:39:1e:dc:03:4d:ad:84:7b:1f:71:8c:09:96:4d:01:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:40:20 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=ba6e72296cd0b6da608d958532546b39b8f4bc38997fc37f9d4b597fee2593a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a4:7a:ad:f8:83:1f:6c:a2:cd:d1:80:6c:e7:
57:f9:d9:97:79:49:07:51:52:c2:8c:c6:48:ae:ac:
c2:f0:a7:2d:d5:55:81:13:cf:06:43:e3:46:f3:44:
1a:63:89:2f:66:11:44:db:e2:b1:16:44:37:e0:da:
84:a3:38:f3:93:e4:3a:30:fa:aa:26:60:c4:3d:4a:
04:ca:c3:c4:a3:7b:f0:33:2c:f0:a4:61:e9:79:91:
79:57:a5:c7:4c:c8:72:68:7a:91:c1:a3:c1:13:e7:
7e:26:bd:e3:17:9d:2f:8e:ee:6c:43:78:1d:07:79:
1c:a4:6d:9d:95:99:78:34:31:43:32:30:7f:c6:55:
7f:69:66:04:20:54:ca:54:46:7d:7e:1e:15:c0:c9:
fc:ed:53:64:59:10:4f:8c:23:ed:4b:68:37:8b:fc:
47:17:a9:31:72:13:1f:7c:2b:e8:ac:eb:90:67:9f:
56:aa:b9:95:9d:bd:ab:39:39:d4:b0:22:81:d8:e9:
da:ed:63:c7:60:ea:e7:f2:a0:c8:d7:1c:b6:da:55:
41:12:41:93:e8:ef:c5:d1:1c:bd:20:ca:bf:c7:ed:
c0:98:18:e3:1e:50:2a:5a:ab:35:35:13:49:ae:02:
2f:1b:5c:f9:24:7e:b8:a8:6e:d9:ce:b5:1e:60:57:
15:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:36:01:62:73:B3:17:8B:FD:45:C4:53:5F:43:80:D8:D8:09:EE:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/38
Signature Algorithm: sha256WithRSAEncryption
3b:df:26:23:a4:85:2d:f9:ce:28:99:4e:34:33:98:16:c5:d5:
ee:24:7b:cf:a7:f8:6e:88:a9:50:1e:ef:7e:41:e0:2a:a5:87:
09:89:9f:b3:c2:a7:c0:b0:d2:aa:e5:aa:86:b9:73:8a:be:d3:
dd:71:df:98:89:e7:71:98:82:65:3d:3b:4e:e1:be:b4:13:bc:
f8:37:42:a9:fc:23:1a:5a:5a:dc:0e:ab:78:b0:b1:18:ff:c2:
33:98:d8:fc:7b:ca:15:4e:39:83:c7:93:f2:4f:c1:8b:e5:66:
3a:3d:98:38:a2:c4:84:53:80:f0:14:95:5e:83:63:83:a8:16:
bc:68:86:dd:78:28:5a:e7:9f:1f:03:4e:14:84:66:62:f9:0f:
93:ee:9f:43:ec:7b:28:64:fc:fc:a5:a3:be:b7:f1:30:c8:8d:
db:2d:2d:b5:16:7c:58:53:18:91:6e:e0:cf:5f:5f:7b:a6:c4:
fb:ea:5c:1d:ad:cf:44:d3:ea:a7:6b:14:9c:2c:1c:78:ff:a4:
10:20:d5:7e:22:63:8f:fc:43:87:6b:3d:50:9a:0f:76:2f:87:
4f:76:96:f4:c6:e3:eb:ae:e0:e6:eb:ef:ff:ae:84:ea:17:ce:
f1:5b:c9:35:2d:52:73:65:1d:16:20:a0:cb:dc:37:ce:38:f4:
98:50:af:df
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUU91SlDke3ANNrYR7H3GMCZZNAZQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQwMjBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhNmU3MjI5NmNkMGI2ZGE2MDhkOTU4NTMyNTQ2YjM5YjhmNGJjMzg5OTdm
YzM3ZjlkNGI1OTdmZWUyNTkzYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKukeq34gx9sos3RgGznV/nZl3lJB1FSwozGSK6swvCnLdVVgRPPBkPjRvNE
GmOJL2YRRNvisRZEN+DahKM485PkOjD6qiZgxD1KBMrDxKN78DMs8KRh6XmReVel
x0zIcmh6kcGjwRPnfia94xedL47ubEN4HQd5HKRtnZWZeDQxQzIwf8ZVf2lmBCBU
ylRGfX4eFcDJ/O1TZFkQT4wj7UtoN4v8RxepMXITH3wr6KzrkGefVqq5lZ29qzk5
1LAigdjp2u1jx2Dq5/KgyNccttpVQRJBk+jvxdEcvSDKv8ftwJgY4x5QKlqrNTUT
Sa4CLxtc+SR+uKhu2c61HmBXFW0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ7NgFi
c7MXi/1FxFNfQ4DY2Anu7TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2NmN2FlOWQtZDg2My00ZGIyLTk2MzUtZmI4NjQ3OWNmMDlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQA73yYjpIUt+c4omU40M5gWxdXuJHvPp/huiKlQ
Hu9+QeAqpYcJiZ+zwqfAsNKq5aqGuXOKvtPdcd+YiedxmIJlPTtO4b60E7z4N0Kp
/CMaWlrcDqt4sLEY/8IzmNj8e8oVTjmDx5PyT8GL5WY6PZg4osSEU4DwFJVeg2OD
qBa8aIbdeCha558fA04UhGZi+Q+T7p9D7HsoZPz8paO+t/EwyI3bLS21FnxYUxiR
buDPX197psT76lwdrc9E0+qnaxScLBx4/6QQINV+ImOP/EOHaz1Qmg92L4dPdpb0
xuPrruDm6+//roTqF87xW8k1LVJzZR0WIKDL3DfOOPSYUK/f
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:24 2025 by rpki-client