Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
File: 50253a85-74b2-4a74-ab18-15a98f3496b2.roa (raw, json)
Hash identifier: R8FsSNqh1qURAsxw99oiXBNk7E8AaB8+VDrUZinX0OI=
Subject key identifier: D8:14:12:DB:4E:B4:64:A2:4A:77:FF:FA:CC:00:88:0C:59:32:45:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 31B89F3D6FD0DC675D82ED277379532090E38387
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
Signing time: Mon 16 Jun 2025 21:11:02 +0000
ROA not before: Mon 16 Jun 2025 21:11:02 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:b8:9f:3d:6f:d0:dc:67:5d:82:ed:27:73:79:53:20:90:e3:83:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:11:02 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8dd51a46c70347943ea4fe177e66c5aa26e789eb1f27caa632910b3d22107923, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5b:70:5a:8f:05:3a:5c:9d:d9:12:b5:36:2b:
ac:fe:c6:0a:40:f7:5c:f6:89:e8:86:de:b4:e0:fa:
08:ec:74:a0:63:4c:14:41:ef:74:fb:de:bf:fb:23:
e6:95:7f:71:53:ac:36:3a:4b:35:9e:2a:77:c0:30:
62:90:f1:6f:64:3e:0b:b1:12:6d:4a:00:e6:0c:84:
7f:8b:c4:c2:72:96:22:7e:61:5d:69:34:cc:b3:a4:
e0:23:f2:5c:a0:c9:69:ca:4f:75:01:56:ee:22:88:
ce:e3:69:27:81:e1:fa:0e:00:51:3e:de:2f:af:1b:
a2:a7:8b:50:08:9f:90:b8:39:a6:73:79:91:fa:45:
1e:73:9f:f8:b8:bb:1c:16:08:3a:37:e7:f7:f0:78:
b5:48:49:be:f6:d1:4e:47:a8:3b:2f:42:fa:8d:af:
77:df:ff:88:0e:d7:a9:9f:3b:d9:36:b4:64:70:32:
4d:d5:12:c1:6a:e5:2e:7b:ff:ce:ca:6d:e2:fa:2e:
00:74:df:a0:65:25:9b:47:b3:79:2d:07:e4:2d:c2:
bb:30:37:87:18:20:b5:19:0d:23:6e:c7:16:1b:90:
3f:38:dd:cf:1e:9e:05:3f:4c:7e:6c:e9:18:4b:77:
18:d7:89:63:71:ca:41:ff:e3:4e:3d:1b:da:49:ad:
9c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:14:12:DB:4E:B4:64:A2:4A:77:FF:FA:CC:00:88:0C:59:32:45:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:8000::/40
Signature Algorithm: sha256WithRSAEncryption
23:37:1b:96:b7:6d:39:cb:ed:e1:1a:80:35:f8:91:05:08:81:
78:e7:88:ff:9d:4d:6f:66:60:17:7d:bc:46:d9:db:0c:1e:4f:
00:aa:54:5c:cf:49:9d:98:11:5d:41:97:06:96:4f:1b:fe:d9:
08:40:2a:c5:49:c9:c4:b7:cc:f3:ec:69:74:7e:97:66:7c:97:
1e:f9:94:31:da:b8:86:d0:4c:25:7c:fb:e3:37:27:e8:ff:26:
ee:47:8c:ef:d2:1b:0a:cb:79:7d:f9:5b:7e:6a:65:18:98:e0:
00:62:bb:9f:aa:39:73:e9:b8:25:d0:99:4e:f7:67:35:61:1f:
aa:13:ba:eb:8e:bf:de:38:e9:3c:9f:68:45:38:f6:a2:a1:ad:
66:86:bb:87:f8:db:c4:51:33:be:8f:90:66:e1:17:33:70:a6:
17:a8:23:a6:88:c9:c3:dd:cb:27:83:36:a5:43:29:24:09:67:
97:5c:c5:eb:08:83:0a:dd:a8:66:82:3d:5e:a3:55:55:c0:4b:
be:cf:b8:65:72:97:1b:c7:64:16:14:3e:e4:9d:37:e6:4c:dd:
78:44:ea:4d:67:57:23:7a:ef:49:96:49:68:b2:e2:0c:42:ee:
65:df:87:c4:3a:4c:ba:9d:de:75:4b:65:66:d2:2a:a8:42:00:
3d:91:a4:8c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMbifPW/Q3Gddgu0nc3lTIJDjg4cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTExMDJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkZDUxYTQ2YzcwMzQ3OTQzZWE0ZmUxNzdlNjZjNWFhMjZlNzg5ZWIxZjI3
Y2FhNjMyOTEwYjNkMjIxMDc5MjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJbcFqPBTpcndkStTYrrP7GCkD3XPaJ6IbetOD6COx0oGNMFEHvdPvev/sj
5pV/cVOsNjpLNZ4qd8AwYpDxb2Q+C7ESbUoA5gyEf4vEwnKWIn5hXWk0zLOk4CPy
XKDJacpPdQFW7iKIzuNpJ4Hh+g4AUT7eL68boqeLUAifkLg5pnN5kfpFHnOf+Li7
HBYIOjfn9/B4tUhJvvbRTkeoOy9C+o2vd9//iA7XqZ872Ta0ZHAyTdUSwWrlLnv/
zspt4vouAHTfoGUlm0ezeS0H5C3CuzA3hxggtRkNI27HFhuQPzjdzx6eBT9Mfmzp
GEt3GNeJY3HKQf/jTj0b2kmtnAMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTYFBLb
TrRkokp3//rMAIgMWTJFVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTAyNTNhODUtNzRiMi00YTc0LWFiMTgtMTVhOThmMzQ5NmIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWA
MA0GCSqGSIb3DQEBCwUAA4IBAQAjNxuWt205y+3hGoA1+JEFCIF454j/nU1vZmAX
fbxG2dsMHk8AqlRcz0mdmBFdQZcGlk8b/tkIQCrFScnEt8zz7Gl0fpdmfJce+ZQx
2riG0EwlfPvjNyfo/ybuR4zv0hsKy3l9+Vt+amUYmOAAYrufqjlz6bgl0JlO92c1
YR+qE7rrjr/eOOk8n2hFOPaioa1mhruH+NvEUTO+j5Bm4RczcKYXqCOmiMnD3csn
gzalQykkCWeXXMXrCIMK3ahmgj1eo1VVwEu+z7hlcpcbx2QWFD7knTfmTN14ROpN
Z1cjeu9JlklosuIMQu5l34fEOky6nd51S2Vm0iqoQgA9kaSM
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:25 2025 by rpki-client