Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f8d2f8f-3d48-47ce-8524-66406f0de004.roa
File: 3f8d2f8f-3d48-47ce-8524-66406f0de004.roa (raw, json)
Hash identifier: 671s8CpoxvEbzeFcYvKJTe4EyCiC9d62IzMdVXsMTwI=
Subject key identifier: 67:4A:11:49:5B:02:AC:21:A5:F6:50:D9:9B:6F:31:7F:EF:D5:57:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 60E93C06CA09ACA42C70778736FF7C3E602EF9ED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f8d2f8f-3d48-47ce-8524-66406f0de004.roa
Signing time: Mon 16 Jun 2025 21:10:08 +0000
ROA not before: Mon 16 Jun 2025 21:10:08 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:e9:3c:06:ca:09:ac:a4:2c:70:77:87:36:ff:7c:3e:60:2e:f9:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:10:08 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=efb94886f6f96189e976ffc9dd94a53b82a5f629c2033bc7130eeefd22fa7893, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:66:b4:b6:ac:02:91:e1:e0:fc:fe:d8:9a:ea:
eb:89:25:ab:dc:0a:12:31:00:0f:4f:01:bd:5e:4b:
b2:f3:a8:46:ef:25:f0:46:fa:1d:d0:5e:41:44:4e:
13:34:74:b4:14:8e:9d:cc:a2:45:50:bc:5f:40:d7:
55:ac:a0:93:51:a5:4d:27:f8:e9:16:0c:c0:90:da:
59:a4:62:81:13:ba:15:f2:b8:c7:57:77:2e:42:e5:
e4:b7:72:ec:2f:2d:d6:6b:5b:cf:af:8c:3e:a2:f3:
8e:e8:ce:53:c3:dc:ae:67:8c:0d:4a:27:5d:d4:92:
34:93:b5:1c:91:f8:d3:58:35:4c:0f:ec:77:98:09:
20:20:6f:5c:7f:48:9f:0f:1f:45:f1:96:6c:2c:cd:
ba:16:6c:63:66:bc:31:39:45:eb:14:bf:2d:2a:18:
c9:f9:0a:fa:3e:8f:18:87:5c:e1:bd:91:1b:7e:12:
eb:82:bd:cf:a9:a6:93:10:58:58:da:f9:af:19:9d:
8a:93:61:55:2b:53:57:66:df:0d:f2:cf:d1:93:4f:
50:d9:31:b1:84:40:69:fc:6a:ee:22:bb:e0:a8:8d:
48:dd:9f:7a:60:80:0d:cf:ba:b2:ab:24:23:55:09:
8a:5b:32:95:7e:de:68:b5:44:fa:c1:05:71:14:dc:
8f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:4A:11:49:5B:02:AC:21:A5:F6:50:D9:9B:6F:31:7F:EF:D5:57:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f8d2f8f-3d48-47ce-8524-66406f0de004.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:b000::/40
Signature Algorithm: sha256WithRSAEncryption
34:b1:e2:5e:e5:91:1a:a3:9c:5f:98:57:b2:cd:2a:7f:d7:31:
5a:eb:98:77:20:5c:cb:1f:f4:94:e8:33:b1:72:29:f0:f1:69:
a0:fb:70:c8:27:ef:0f:db:23:fd:00:fa:35:e5:a2:a9:ec:f8:
59:87:c2:92:f5:b3:98:62:7a:4a:7b:d6:45:1e:db:65:79:c9:
10:76:f8:b4:61:e5:a4:cb:29:87:65:cb:24:d0:88:15:dc:be:
ca:6f:18:e4:62:89:a5:fa:36:30:40:29:f1:81:36:71:99:54:
82:1d:10:9b:b9:e2:85:6a:5f:6c:22:2a:f4:11:a9:c7:c0:56:
a1:c2:ab:0f:96:5b:1b:62:a3:d5:a6:d3:37:99:44:6a:18:c8:
50:b0:8a:f8:57:b1:03:f7:dc:84:06:de:70:d6:06:59:7b:b4:
3e:99:8a:cf:59:26:10:cf:a3:ac:0f:a5:81:62:37:ef:a0:6a:
37:67:41:0e:ac:fe:89:48:10:19:77:f7:7e:55:c1:ff:4c:31:
5b:5f:f6:b2:7f:17:d1:8b:6e:04:c3:e2:d8:dc:17:0c:2c:64:
92:ed:34:f5:59:fc:f5:84:b4:d3:31:45:76:ca:69:e5:63:07:
22:77:32:5e:a3:5b:64:25:b0:88:09:ee:43:57:b5:93:fe:15:
1e:06:d8:ea
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYOk8BsoJrKQscHeHNv98PmAu+e0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTEwMDhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmYjk0ODg2ZjZmOTYxODllOTc2ZmZjOWRkOTRhNTNiODJhNWY2MjljMjAz
M2JjNzEzMGVlZWZkMjJmYTc4OTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPBmtLasApHh4Pz+2Jrq64klq9wKEjEAD08BvV5LsvOoRu8l8Eb6HdBeQURO
EzR0tBSOncyiRVC8X0DXVaygk1GlTSf46RYMwJDaWaRigRO6FfK4x1d3LkLl5Ldy
7C8t1mtbz6+MPqLzjujOU8PcrmeMDUonXdSSNJO1HJH401g1TA/sd5gJICBvXH9I
nw8fRfGWbCzNuhZsY2a8MTlF6xS/LSoYyfkK+j6PGIdc4b2RG34S64K9z6mmkxBY
WNr5rxmdipNhVStTV2bfDfLP0ZNPUNkxsYRAafxq7iK74KiNSN2femCADc+6sqsk
I1UJilsylX7eaLVE+sEFcRTcj3ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRnShFJ
WwKsIaX2UNmbbzF/79VXIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Y4ZDJmOGYtM2Q0OC00N2NlLTg1MjQtNjY0MDZmMGRlMDA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSw
MA0GCSqGSIb3DQEBCwUAA4IBAQA0seJe5ZEao5xfmFeyzSp/1zFa65h3IFzLH/SU
6DOxcinw8Wmg+3DIJ+8P2yP9APo15aKp7PhZh8KS9bOYYnpKe9ZFHttleckQdvi0
YeWkyymHZcsk0IgV3L7KbxjkYoml+jYwQCnxgTZxmVSCHRCbueKFal9sIir0EanH
wFahwqsPllsbYqPVptM3mURqGMhQsIr4V7ED99yEBt5w1gZZe7Q+mYrPWSYQz6Os
D6WBYjfvoGo3Z0EOrP6JSBAZd/d+VcH/TDFbX/ayfxfRi24Ew+LY3BcMLGSS7TT1
Wfz1hLTTMUV2ymnlYwcidzJeo1tkJbCICe5DV7WT/hUeBtjq
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:29 2025 by rpki-client