Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
File: 455a2efe-3411-42cf-a196-73c25845d48c.roa (raw, json)
Hash identifier: CpVv8c7qhEkCYN236Lx0xVjN2JpAKlL/bNH9Dg9scvY=
Subject key identifier: B9:6E:87:12:49:B9:28:21:8B:8C:82:BF:1E:EC:42:BF:EF:92:FE:B1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F88D5A28EA16DFA1D2015551AE572CB6544DC55
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
Signing time: Mon 16 Jun 2025 21:21:19 +0000
ROA not before: Mon 16 Jun 2025 21:21:19 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:88:d5:a2:8e:a1:6d:fa:1d:20:15:55:1a:e5:72:cb:65:44:dc:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:21:19 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=e76065ac85baf776e811704afd5e00864fde87c0783ac3a28eb90a34a19d162c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:de:af:f2:f7:9d:ea:68:7c:f4:0f:60:f0:ef:
d5:fb:38:20:a4:97:c1:07:a4:dd:2e:82:7e:f0:85:
a7:1e:61:ff:6f:94:e0:f6:d7:35:bf:8d:51:2e:dd:
88:34:d0:bd:70:0f:af:1d:9d:f4:5c:e4:67:53:e5:
77:f3:37:8b:29:6b:c6:d8:36:00:aa:1e:ab:d4:97:
54:66:e4:8b:c5:e4:cf:3e:a4:84:da:bc:8e:26:18:
57:5f:a2:89:b5:4e:e9:1b:c3:70:ac:57:2a:6c:40:
15:6f:02:12:be:e5:f6:1f:b5:68:a2:50:21:58:92:
ba:28:f1:68:2a:d2:96:91:16:25:19:d8:e0:b3:ba:
db:6c:0d:83:43:08:b9:68:b4:93:ba:99:ae:76:34:
6a:17:42:8a:44:08:d4:cb:3b:6f:2a:fc:59:00:f9:
26:78:55:e7:ae:25:0a:08:c9:a2:a6:e4:25:17:a6:
5c:a8:16:98:6b:7d:fb:8c:2e:a8:7a:6e:50:37:6c:
af:ee:90:b8:5c:3e:c2:5b:d3:b3:11:2e:c3:4a:83:
f6:1a:30:af:05:83:67:89:9e:16:79:2e:ab:20:37:
4d:83:74:98:cb:2e:10:45:11:4f:f7:7d:24:fb:45:
3c:f3:65:92:30:88:c7:62:52:93:c6:39:44:b5:90:
f1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:6E:87:12:49:B9:28:21:8B:8C:82:BF:1E:EC:42:BF:EF:92:FE:B1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:2000::/40
Signature Algorithm: sha256WithRSAEncryption
25:64:31:7a:be:07:f2:d8:dd:73:d9:1d:65:93:15:3b:dd:d6:
76:12:6b:4e:87:9b:c7:6a:64:88:fa:12:7e:45:43:aa:2d:e2:
df:9e:49:55:2e:90:69:18:6e:dd:eb:d3:33:75:29:01:d3:6b:
84:69:bf:43:7d:a7:5e:a0:f5:75:46:bd:26:07:d4:8d:17:99:
ef:ea:96:55:41:6a:f8:48:3a:97:5c:db:72:6c:4d:e0:42:d6:
6c:12:df:59:30:c3:b0:4d:ba:de:41:53:91:97:5d:83:4e:ba:
33:97:53:34:87:5d:bd:0c:33:2e:d2:3d:c4:e0:cc:89:b7:3d:
c7:7b:06:5f:45:41:98:8c:4b:a0:f9:61:8b:39:aa:2f:1c:13:
38:e3:a5:6c:75:5f:b3:bd:e3:9e:cf:00:8b:23:68:e7:e7:10:
54:2d:3c:62:61:5c:4f:c1:29:a4:de:f8:ab:42:55:d7:81:10:
73:47:fb:ea:b2:22:ed:1c:e0:25:1a:48:60:27:14:79:e0:4c:
d1:29:02:67:74:e0:56:cb:27:52:4f:bd:e4:e7:e7:03:e8:d0:
4a:b5:6c:fd:02:15:08:45:e8:30:7b:5c:24:81:44:db:00:58:
e5:2d:1a:02:25:dc:93:e5:8c:26:ee:f9:ff:4d:ee:aa:e3:92:
29:51:68:d2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP4jVoo6hbfodIBVVGuVyy2VE3FUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIxMTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3NjA2NWFjODViYWY3NzZlODExNzA0YWZkNWUwMDg2NGZkZTg3YzA3ODNh
YzNhMjhlYjkwYTM0YTE5ZDE2MmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7er/L3nepofPQPYPDv1fs4IKSXwQek3S6CfvCFpx5h/2+U4PbXNb+NUS7d
iDTQvXAPrx2d9FzkZ1Pld/M3iylrxtg2AKoeq9SXVGbki8Xkzz6khNq8jiYYV1+i
ibVO6RvDcKxXKmxAFW8CEr7l9h+1aKJQIViSuijxaCrSlpEWJRnY4LO622wNg0MI
uWi0k7qZrnY0ahdCikQI1Ms7byr8WQD5JnhV564lCgjJoqbkJRemXKgWmGt9+4wu
qHpuUDdsr+6QuFw+wlvTsxEuw0qD9howrwWDZ4meFnkuqyA3TYN0mMsuEEURT/d9
JPtFPPNlkjCIx2JSk8Y5RLWQ8U0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS5bocS
SbkoIYuMgr8e7EK/75L+sTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1YTJlZmUtMzQxMS00MmNmLWExOTYtNzNjMjU4NDVkNDhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fgg
MA0GCSqGSIb3DQEBCwUAA4IBAQAlZDF6vgfy2N1z2R1lkxU73dZ2EmtOh5vHamSI
+hJ+RUOqLeLfnklVLpBpGG7d69MzdSkB02uEab9DfadeoPV1Rr0mB9SNF5nv6pZV
QWr4SDqXXNtybE3gQtZsEt9ZMMOwTbreQVORl12DTrozl1M0h129DDMu0j3E4MyJ
tz3HewZfRUGYjEug+WGLOaovHBM446VsdV+zveOezwCLI2jn5xBULTxiYVxPwSmk
3virQlXXgRBzR/vqsiLtHOAlGkhgJxR54EzRKQJndOBWyydST73k5+cD6NBKtWz9
AhUIRegwe1wkgUTbAFjlLRoCJdyT5Ywm7vn/Te6q45IpUWjS
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:21 2025 by rpki-client