Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
File: 404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa (raw, json)
Hash identifier: rg422xbCYWvZTiWWlDw1Q33ILiM5zepiDxg9H8vGXFQ=
Subject key identifier: 2D:41:14:4B:FE:17:79:85:EE:69:95:01:FF:C6:99:92:21:1E:CE:2F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 379869D9854FC088FF20D441A791F73A88678D34
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
Signing time: Mon 16 Jun 2025 21:50:13 +0000
ROA not before: Mon 16 Jun 2025 21:50:13 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d017::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:98:69:d9:85:4f:c0:88:ff:20:d4:41:a7:91:f7:3a:88:67:8d:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:50:13 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=940ddda8fa4bce18b50524551b8330237e1fc335220a850dd15fbff72986855f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:1b:49:78:22:3c:de:42:c3:85:b3:86:96:ed:
2d:7a:6f:e2:d9:00:af:d9:c0:c4:16:8a:51:60:3e:
32:df:0b:41:a0:32:2d:b0:50:3f:06:37:84:3f:7a:
7b:6e:06:dc:75:f6:95:94:8e:47:ea:a9:82:40:27:
81:99:9e:a0:92:16:70:f0:5f:21:d3:09:ef:6e:c9:
d7:ce:82:1a:6f:b3:c0:53:f7:39:3e:eb:27:c3:56:
99:3a:c2:6b:f7:6a:6c:47:1e:c9:3c:dd:c2:c8:56:
19:f0:d9:a8:fe:ba:86:c4:9b:bf:d0:75:53:6a:03:
c9:8b:a2:4c:2b:3a:03:c2:5f:d2:cb:3a:82:57:27:
62:68:38:f6:3f:a1:36:50:de:de:80:c9:38:6a:9f:
1a:eb:d8:a9:c3:01:93:ed:a5:d8:be:28:60:86:e7:
90:36:14:fa:d8:06:b2:e4:61:42:7f:fd:ad:ce:26:
15:51:c3:0e:0c:78:4e:ed:15:8d:2d:f2:04:8e:39:
9d:ba:b3:36:87:94:e8:de:5d:cc:5d:7e:d8:52:95:
a0:f8:04:ea:92:e2:d3:cf:82:1c:fc:97:1c:67:9a:
36:93:63:a0:c6:64:df:89:9e:54:e0:9b:fe:78:fc:
42:09:56:26:b4:ef:ba:b9:56:7c:d1:38:68:7e:c8:
26:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:41:14:4B:FE:17:79:85:EE:69:95:01:FF:C6:99:92:21:1E:CE:2F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d017::/36
Signature Algorithm: sha256WithRSAEncryption
63:49:8c:4e:86:27:95:d9:d1:68:e0:fe:f5:71:f4:b2:05:a1:
cf:21:52:96:aa:10:ea:8c:a9:08:5b:14:c2:f9:a7:b9:ba:01:
4a:60:55:56:a2:ca:c1:02:18:74:56:a1:ac:4c:25:14:a0:42:
2b:bc:a6:81:e8:34:2c:32:e5:eb:6e:20:e0:78:41:c9:93:5d:
e9:32:05:38:c4:c4:3f:ee:8c:c2:1b:17:a1:af:af:3b:2b:5f:
a2:ec:fe:42:aa:e0:00:2d:24:58:c9:ef:3e:b7:b3:17:06:b7:
9f:45:cc:48:8a:4e:40:c4:d1:48:54:eb:4f:3e:cf:4d:12:76:
65:9d:3c:4f:59:aa:a5:fb:3d:a7:66:10:1d:1a:0d:18:39:ee:
c0:e4:2f:e0:66:c2:1a:82:6a:ad:13:cf:e9:67:33:25:71:52:
86:a2:ba:65:3a:96:ba:ff:1b:b1:c5:23:83:32:53:a1:8b:a8:
c5:0c:16:e6:74:0d:3e:34:92:2e:94:ca:1a:7f:24:3c:f1:32:
a3:0b:e0:84:f5:dc:c1:9c:b6:2c:9c:f7:4f:a4:a8:b8:29:cf:
65:cb:34:2a:46:83:67:2d:20:4e:41:89:4a:20:ff:4f:a9:96:
88:f8:bc:ae:1c:91:09:63:b9:3c:de:2c:b4:17:6c:fb:8c:cd:
bf:59:37:12
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN5hp2YVPwIj/INRBp5H3OohnjTQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTUwMTNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0MGRkZGE4ZmE0YmNlMThiNTA1MjQ1NTFiODMzMDIzN2UxZmMzMzUyMjBh
ODUwZGQxNWZiZmY3Mjk4Njg1NWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0bSXgiPN5Cw4WzhpbtLXpv4tkAr9nAxBaKUWA+Mt8LQaAyLbBQPwY3hD96
e24G3HX2lZSOR+qpgkAngZmeoJIWcPBfIdMJ727J186CGm+zwFP3OT7rJ8NWmTrC
a/dqbEceyTzdwshWGfDZqP66hsSbv9B1U2oDyYuiTCs6A8Jf0ss6glcnYmg49j+h
NlDe3oDJOGqfGuvYqcMBk+2l2L4oYIbnkDYU+tgGsuRhQn/9rc4mFVHDDgx4Tu0V
jS3yBI45nbqzNoeU6N5dzF1+2FKVoPgE6pLi08+CHPyXHGeaNpNjoMZk34meVOCb
/nj8QglWJrTvurlWfNE4aH7IJqcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQtQRRL
/hd5he5plQH/xpmSIR7OLzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA0ZWYxYWYtZTA1Mi00MWI4LWEwYmYtNzBlM2ZhMGFhMDUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BcA
MA0GCSqGSIb3DQEBCwUAA4IBAQBjSYxOhieV2dFo4P71cfSyBaHPIVKWqhDqjKkI
WxTC+ae5ugFKYFVWosrBAhh0VqGsTCUUoEIrvKaB6DQsMuXrbiDgeEHJk13pMgU4
xMQ/7ozCGxehr687K1+i7P5CquAALSRYye8+t7MXBrefRcxIik5AxNFIVOtPPs9N
EnZlnTxPWaql+z2nZhAdGg0YOe7A5C/gZsIagmqtE8/pZzMlcVKGorplOpa6/xux
xSODMlOhi6jFDBbmdA0+NJIulMoafyQ88TKjC+CE9dzBnLYsnPdPpKi4Kc9lyzQq
RoNnLSBOQYlKIP9PqZaI+LyuHJEJY7k83iy0F2z7jM2/WTcS
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:56 2025 by rpki-client