Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
File: 50b60672-d484-48a0-9016-474bafea8912.roa (raw, json)
Hash identifier: R6oa1zPkpUaffh8uIIdRQCGFWY4gHPrpzE3j2WVy1pU=
Subject key identifier: C3:7E:18:3D:A7:3E:01:64:EE:30:96:B9:0B:E0:FD:45:B0:FE:54:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20367D6A3765A1DFF7C14423F36F7FB37C37026F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
Signing time: Mon 16 Jun 2025 21:40:50 +0000
ROA not before: Mon 16 Jun 2025 21:40:50 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:36:7d:6a:37:65:a1:df:f7:c1:44:23:f3:6f:7f:b3:7c:37:02:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:40:50 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=2c66ee39ec341d1a080169c717d818db9cd526ae612355f35e6ac41f4ad770bc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:59:ca:60:c0:06:24:d2:e6:f6:11:a3:7f:8d:
7c:62:ad:26:13:34:20:a7:35:ab:c1:7b:07:4a:d5:
4c:76:64:73:9c:7c:9d:71:61:e1:e6:3f:3c:7b:4a:
53:17:7e:25:ed:e4:20:49:30:bf:5b:08:2d:40:7b:
cb:33:1c:4e:1c:6c:53:65:03:7b:40:a4:5a:4f:f2:
a1:39:ce:1f:28:18:d6:6a:df:de:2a:5b:c5:b4:b7:
f5:70:c9:a0:4a:1b:b9:4c:9d:fb:7d:22:24:2d:d1:
e1:d2:90:a8:e0:1d:7a:a8:d3:45:7a:d0:1d:7c:b7:
e7:1b:59:c3:b8:c4:c5:78:36:77:ca:3b:63:db:2c:
ff:6c:fe:3b:6c:f3:c1:35:c3:03:a1:ed:72:21:f0:
f8:7d:60:9c:3c:ed:fe:44:46:a3:55:76:57:22:d5:
1c:75:e3:29:70:9f:21:d2:0a:c8:44:f8:ce:2a:d0:
89:4b:2c:5e:92:08:a3:75:f7:b5:21:e0:93:e5:fd:
fe:ab:e7:f8:16:5b:bf:89:18:9f:51:9b:f2:8e:ac:
a2:35:30:fd:92:e5:87:9a:72:24:c4:33:7c:1a:b0:
3e:97:73:20:bc:50:40:5e:2f:b4:67:af:ad:30:67:
0c:7a:f8:3a:9b:d3:d3:60:af:85:2d:ed:89:4a:21:
d4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:7E:18:3D:A7:3E:01:64:EE:30:96:B9:0B:E0:FD:45:B0:FE:54:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/36
Signature Algorithm: sha256WithRSAEncryption
a5:05:f3:5a:60:8b:99:4f:12:c7:4d:7e:70:55:3a:71:97:06:
ed:67:0b:a9:5d:28:7a:f0:f5:dd:0c:5c:fc:65:65:3e:f0:a6:
f8:6b:37:d3:0b:84:5d:ff:ae:54:d3:af:52:10:ac:22:f6:8e:
4b:f0:9f:47:83:36:0a:ac:b2:d2:f9:c6:54:0a:19:f2:46:16:
cd:1f:e0:da:1c:34:1e:a0:91:07:5f:d7:c6:f6:64:a7:a0:09:
af:e2:53:24:01:76:e5:f5:ab:f8:a7:db:52:cc:f7:32:ed:26:
86:a5:19:a9:a7:49:db:e2:31:e4:9f:a2:c3:31:34:7f:1e:25:
18:2c:4b:0f:45:8e:df:a7:67:4a:9c:d1:30:fe:95:19:2e:ca:
19:73:f6:17:c1:6f:76:e3:f7:9a:83:fa:1b:06:db:24:60:9a:
ac:1a:21:26:4a:9a:91:8d:b8:e1:0b:fd:0f:b7:7c:53:a6:25:
8f:cd:b3:29:73:fa:52:03:0a:8d:72:61:4f:77:27:92:a9:3a:
f9:0e:ae:3c:36:4e:35:e1:0e:ce:68:0e:e0:b9:e1:f7:d1:41:
61:44:25:90:a4:6a:f0:f9:1b:13:73:b1:63:91:80:3b:de:00:
da:26:b4:1c:e9:a6:19:7e:40:fc:a5:fa:79:1d:8c:15:4f:cc:
29:34:32:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIDZ9ajdlod/3wUQj829/s3w3Am8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQwNTBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjNjZlZTM5ZWMzNDFkMWEwODAxNjljNzE3ZDgxOGRiOWNkNTI2YWU2MTIz
NTVmMzVlNmFjNDFmNGFkNzcwYmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMtZymDABiTS5vYRo3+NfGKtJhM0IKc1q8F7B0rVTHZkc5x8nXFh4eY/PHtK
Uxd+Je3kIEkwv1sILUB7yzMcThxsU2UDe0CkWk/yoTnOHygY1mrf3ipbxbS39XDJ
oEobuUyd+30iJC3R4dKQqOAdeqjTRXrQHXy35xtZw7jExXg2d8o7Y9ss/2z+O2zz
wTXDA6HtciHw+H1gnDzt/kRGo1V2VyLVHHXjKXCfIdIKyET4zirQiUssXpIIo3X3
tSHgk+X9/qvn+BZbv4kYn1Gb8o6sojUw/ZLlh5pyJMQzfBqwPpdzILxQQF4vtGev
rTBnDHr4OpvT02CvhS3tiUoh1PUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTDfhg9
pz4BZO4wlrkL4P1FsP5U5TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTBiNjA2NzItZDQ4NC00OGEwLTkwMTYtNDc0YmFmZWE4OTEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQClBfNaYIuZTxLHTX5wVTpxlwbtZwupXSh68PXd
DFz8ZWU+8Kb4azfTC4Rd/65U069SEKwi9o5L8J9HgzYKrLLS+cZUChnyRhbNH+Da
HDQeoJEHX9fG9mSnoAmv4lMkAXbl9av4p9tSzPcy7SaGpRmpp0nb4jHkn6LDMTR/
HiUYLEsPRY7fp2dKnNEw/pUZLsoZc/YXwW924/eag/obBtskYJqsGiEmSpqRjbjh
C/0Pt3xTpiWPzbMpc/pSAwqNcmFPdyeSqTr5Dq48Nk414Q7OaA7gueH30UFhRCWQ
pGrw+RsTc7FjkYA73gDaJrQc6aYZfkD8pfp5HYwVT8wpNDL6
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:18:19 2025 by rpki-client