Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/507c534d-189b-43b3-945a-dd040ee200d5.roa
File: 507c534d-189b-43b3-945a-dd040ee200d5.roa (raw, json)
Hash identifier: b1AMJr3zm+XNgTI/qcmbbrblMa48lVmFhPjbx7RXk0Q=
Subject key identifier: 27:FA:57:0F:C0:A6:DA:6D:8E:14:24:59:6C:15:6E:AB:33:BB:51:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0456F07BE2091C69E68F6D921123FE3A0A3114A1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/507c534d-189b-43b3-945a-dd040ee200d5.roa
Signing time: Mon 16 Jun 2025 21:11:00 +0000
ROA not before: Mon 16 Jun 2025 21:11:00 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:56:f0:7b:e2:09:1c:69:e6:8f:6d:92:11:23:fe:3a:0a:31:14:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:11:00 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=094660a891f630ad7f288dc3e50cc6b4648a0c920047841c62eaf8d2156eab08, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:91:17:2a:c6:d2:01:a2:ef:af:cf:fe:73:d2:
8b:91:a9:dd:da:af:15:8e:f5:05:4d:90:76:00:3c:
d0:1f:0d:af:0f:65:14:8d:6b:88:32:f8:11:7c:1c:
ba:70:c1:50:2c:50:84:66:5b:81:6a:c2:55:e9:30:
85:f7:df:b4:e8:7c:66:bc:fb:f8:9c:94:92:55:b0:
2c:08:83:a4:df:fa:b8:65:28:6c:94:df:cc:ba:d3:
a7:b6:70:77:be:44:c2:1e:df:30:d4:27:b9:2f:8f:
a9:fe:ec:7b:de:f2:fb:05:d1:f4:bc:06:5a:9e:06:
72:a3:50:92:fd:51:66:59:c9:c0:f6:d0:bd:01:a4:
dc:c7:66:e4:89:8f:71:79:96:58:93:57:1d:50:77:
f1:85:58:e4:8b:11:d9:c4:b3:27:e1:80:09:9c:e2:
9a:3c:18:a7:68:7f:3a:03:45:4a:a0:8d:43:67:71:
99:5d:8c:d1:bb:a5:81:a7:cf:0a:e6:79:97:0d:86:
c1:9b:2c:47:74:63:c9:f7:d6:84:4e:fd:81:9f:2b:
d2:b9:99:1e:f0:b9:33:b6:36:cb:93:4e:3c:9a:05:
a0:f4:84:c5:4f:a5:44:ee:12:21:bc:1c:6e:c6:e7:
a9:b0:88:99:e5:69:f8:34:8c:5b:27:fe:4e:e5:52:
04:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:FA:57:0F:C0:A6:DA:6D:8E:14:24:59:6C:15:6E:AB:33:BB:51:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/507c534d-189b-43b3-945a-dd040ee200d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:9000::/40
Signature Algorithm: sha256WithRSAEncryption
3b:01:4f:22:e4:b5:42:a0:7e:11:52:ac:fa:e8:c2:07:4e:a7:
fe:63:f5:fb:9d:ae:00:36:d8:ed:59:b9:62:67:11:63:91:d4:
af:f1:4e:b1:04:71:88:e7:3c:1d:26:c4:00:19:39:8c:12:ab:
8c:ba:d9:b7:80:1e:e3:33:ae:55:da:d0:f7:8f:8e:5f:74:11:
9b:48:c1:ec:7b:be:cc:21:2e:5a:87:a9:ad:1d:a8:89:51:5e:
46:a1:92:73:48:be:9a:27:7d:3e:e0:d0:1d:27:25:a1:62:d8:
22:40:03:57:51:62:9f:97:7b:11:71:0f:57:9e:21:4e:a2:dc:
dc:75:7d:19:f3:3a:c3:3d:73:61:d1:f1:5b:ce:8f:fc:64:06:
c7:a0:1b:5c:07:70:69:f3:63:8e:25:e5:68:29:a3:3d:1f:46:
2c:f7:e3:a8:79:82:b4:5d:96:9d:7d:24:89:54:4f:a8:43:a0:
e0:e2:45:ce:f1:df:fe:11:b2:c7:60:e2:a0:2f:ef:dc:d6:0b:
6c:c6:3f:4d:3b:74:7d:11:ee:bd:2f:7b:e9:c4:88:35:16:1f:
2f:49:1d:75:95:37:a5:05:84:e8:19:5e:23:c7:bc:f8:55:2b:
79:ef:e3:14:12:53:69:0a:d9:74:8b:85:49:5c:aa:52:77:03:
12:13:ba:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBFbwe+IJHGnmj22SESP+OgoxFKEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTExMDBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5NDY2MGE4OTFmNjMwYWQ3ZjI4OGRjM2U1MGNjNmI0NjQ4YTBjOTIwMDQ3
ODQxYzYyZWFmOGQyMTU2ZWFiMDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCRFyrG0gGi76/P/nPSi5Gp3dqvFY71BU2QdgA80B8Nrw9lFI1riDL4EXwc
unDBUCxQhGZbgWrCVekwhffftOh8Zrz7+JyUklWwLAiDpN/6uGUobJTfzLrTp7Zw
d75Ewh7fMNQnuS+Pqf7se97y+wXR9LwGWp4GcqNQkv1RZlnJwPbQvQGk3Mdm5ImP
cXmWWJNXHVB38YVY5IsR2cSzJ+GACZzimjwYp2h/OgNFSqCNQ2dxmV2M0bulgafP
CuZ5lw2GwZssR3RjyffWhE79gZ8r0rmZHvC5M7Y2y5NOPJoFoPSExU+lRO4SIbwc
bsbnqbCImeVp+DSMWyf+TuVSBKUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQn+lcP
wKbabY4UJFlsFW6rM7tRtDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTA3YzUzNGQtMTg5Yi00M2IzLTk0NWEtZGQwNDBlZTIwMGQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DqQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA7AU8i5LVCoH4RUqz66MIHTqf+Y/X7na4ANtjt
WbliZxFjkdSv8U6xBHGI5zwdJsQAGTmMEquMutm3gB7jM65V2tD3j45fdBGbSMHs
e77MIS5ah6mtHaiJUV5GoZJzSL6aJ30+4NAdJyWhYtgiQANXUWKfl3sRcQ9XniFO
otzcdX0Z8zrDPXNh0fFbzo/8ZAbHoBtcB3Bp82OOJeVoKaM9H0Ys9+OoeYK0XZad
fSSJVE+oQ6Dg4kXO8d/+EbLHYOKgL+/c1gtsxj9NO3R9Ee69L3vpxIg1Fh8vSR11
lTelBYToGV4jx7z4VSt57+MUElNpCtl0i4VJXKpSdwMSE7qR
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:27:44 2025 by rpki-client