Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
File: 455182aa-6d74-4447-81a6-6be09732e55d.roa (raw, json)
Hash identifier: g/Qe7tgA7frw7iNRyqraOFUyg5EMPGiFKVxdUnyhGAM=
Subject key identifier: 9C:DA:FA:58:4E:0B:F0:41:67:29:96:A5:28:E1:02:96:E7:AB:B8:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F3BC5F3E87739411EFA971E9D69E8BAEA832E2F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
Signing time: Mon 16 Jun 2025 21:31:04 +0000
ROA not before: Mon 16 Jun 2025 21:31:04 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:3b:c5:f3:e8:77:39:41:1e:fa:97:1e:9d:69:e8:ba:ea:83:2e:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:04 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=28eedd73043256774c5f753dbba86e9d38e968be23f8ca372ce4e3c28b875223, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:16:e2:05:ab:39:c3:5c:c7:03:27:0a:7d:a4:
88:07:d0:9c:f8:69:cf:8c:0b:92:8d:c8:79:d1:d3:
e7:21:b4:4e:81:5d:31:93:40:cf:a6:92:c5:70:51:
d7:f6:7a:6c:2f:9b:37:0b:54:82:69:34:5a:6d:77:
a3:84:5a:8e:c6:b1:fd:85:a4:e9:93:48:92:66:73:
6c:61:17:3e:12:fb:78:9e:77:5c:6b:3a:a9:e2:27:
56:28:1c:93:6a:8f:15:62:ea:f1:ec:be:cf:c9:05:
16:2b:67:1a:71:c8:5f:f2:7d:1f:ea:ba:aa:24:57:
15:13:d0:10:a0:5c:65:2d:4f:d1:df:78:93:a6:52:
98:79:9f:e3:56:d9:ac:ab:18:b6:d2:03:25:18:12:
7d:6b:96:c4:b5:12:ab:12:08:86:4c:67:71:cc:52:
4c:dc:fa:f2:eb:8b:bc:7c:cf:91:6d:9f:bc:3c:28:
05:a4:fe:de:f9:4c:fd:20:70:92:c7:dc:e2:c5:e4:
61:87:61:84:ca:75:23:e9:06:7b:4f:20:3e:2d:22:
7a:e7:11:a7:6b:97:6a:c2:77:4a:ce:e1:90:52:2e:
12:0e:84:28:59:20:14:ad:5f:76:7e:3e:fe:98:df:
e5:80:fd:c6:7e:7e:b4:b6:1d:c6:56:ff:ca:bf:c1:
5f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:DA:FA:58:4E:0B:F0:41:67:29:96:A5:28:E1:02:96:E7:AB:B8:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:c00::/38
Signature Algorithm: sha256WithRSAEncryption
9d:cd:d6:91:18:4f:06:4a:ae:61:f5:1d:e0:ae:5a:b7:58:fd:
11:8e:a6:3a:16:6b:8d:7b:13:46:f7:1c:62:33:57:36:c4:9c:
52:65:0c:79:74:76:19:06:b3:98:0f:db:e5:cf:4c:6f:4e:e0:
30:fc:e6:0f:ee:7a:c4:42:d5:cf:96:5d:ed:7d:a5:b1:51:ee:
48:1a:9d:5f:07:64:55:78:15:39:62:b6:b9:3b:0f:cf:e0:d0:
c0:37:e7:5e:d1:6d:70:42:69:92:2d:0e:a0:d4:3e:c1:91:06:
e9:3f:5a:0d:9e:ea:5d:43:d0:c1:00:05:1c:3e:86:ed:59:52:
e3:73:2e:84:85:e2:67:2f:53:d6:8f:1b:1a:7d:96:1b:ab:57:
d4:6e:ab:88:b8:a9:b4:7f:26:b3:30:60:c3:92:e7:7c:d2:c4:
24:da:41:5b:46:90:f1:47:7d:21:3e:f4:36:9f:b6:5a:99:88:
d1:51:4b:72:20:d9:e4:b7:f5:31:b2:1f:b5:3b:27:08:f6:f5:
06:72:43:93:a4:cf:2a:63:ff:d1:be:ef:74:ec:e3:3d:95:27:
99:45:5f:94:5a:47:71:ee:89:54:ca:ea:e0:a6:74:f9:89:df:
1f:47:37:58:96:3c:36:bd:43:fd:ec:b3:fd:a7:31:bc:3d:bc:
6e:1f:26:c9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDzvF8+h3OUEe+pcenWnouuqDLi8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxMDRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4ZWVkZDczMDQzMjU2Nzc0YzVmNzUzZGJiYTg2ZTlkMzhlOTY4YmUyM2Y4
Y2EzNzJjZTRlM2MyOGI4NzUyMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYW4gWrOcNcxwMnCn2kiAfQnPhpz4wLko3IedHT5yG0ToFdMZNAz6aSxXBR
1/Z6bC+bNwtUgmk0Wm13o4Rajsax/YWk6ZNIkmZzbGEXPhL7eJ53XGs6qeInVigc
k2qPFWLq8ey+z8kFFitnGnHIX/J9H+q6qiRXFRPQEKBcZS1P0d94k6ZSmHmf41bZ
rKsYttIDJRgSfWuWxLUSqxIIhkxnccxSTNz68uuLvHzPkW2fvDwoBaT+3vlM/SBw
ksfc4sXkYYdhhMp1I+kGe08gPi0ieucRp2uXasJ3Ss7hkFIuEg6EKFkgFK1fdn4+
/pjf5YD9xn5+tLYdxlb/yr/BX68CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSc2vpY
TgvwQWcplqUo4QKW56u4qjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1MTgyYWEtNmQ3NC00NDQ3LTgxYTYtNmJlMDk3MzJlNTVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4M
MA0GCSqGSIb3DQEBCwUAA4IBAQCdzdaRGE8GSq5h9R3grlq3WP0RjqY6FmuNexNG
9xxiM1c2xJxSZQx5dHYZBrOYD9vlz0xvTuAw/OYP7nrEQtXPll3tfaWxUe5IGp1f
B2RVeBU5Yra5Ow/P4NDAN+de0W1wQmmSLQ6g1D7BkQbpP1oNnupdQ9DBAAUcPobt
WVLjcy6EheJnL1PWjxsafZYbq1fUbquIuKm0fyazMGDDkud80sQk2kFbRpDxR30h
PvQ2n7ZamYjRUUtyINnkt/Uxsh+1OycI9vUGckOTpM8qY//Rvu907OM9lSeZRV+U
Wkdx7olUyurgpnT5id8fRzdYljw2vUP97LP9pzG8PbxuHybJ
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:59:06 2025 by rpki-client