Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
File: 515f7e85-9223-47e5-be2b-42ec6a12a88b.roa (raw, json)
Hash identifier: MTJ5D50PrnpJyxYsbBo/ueVtJaTF6sYcyvl+yCyhaic=
Subject key identifier: B1:F2:0D:82:E6:5D:4F:6E:75:13:1E:FB:F7:EB:EA:1D:F6:08:8E:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C1C4AAB5CE73BAF9BD8F39DF8FF32CB0B6959BC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
Signing time: Mon 16 Jun 2025 21:31:40 +0000
ROA not before: Mon 16 Jun 2025 21:31:40 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:1c:4a:ab:5c:e7:3b:af:9b:d8:f3:9d:f8:ff:32:cb:0b:69:59:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:40 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=d3978c9b76762312a2f8158d82b57d9f76eaf38c323e601418394191bb40eaf3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:11:da:d1:cf:bd:e1:bf:98:0c:15:fd:29:27:
cc:6d:ed:65:34:91:b1:1f:67:ea:94:51:06:ee:b9:
71:f3:c1:75:c2:14:c0:67:c8:d8:ed:ab:b1:80:cc:
1a:ba:e9:8e:09:5b:13:b0:71:6b:75:0a:ac:1f:94:
79:c4:81:b6:5f:57:60:63:81:39:6d:b6:39:ef:9f:
81:59:b7:17:10:34:f1:58:29:75:96:64:71:05:20:
63:47:ae:70:be:6f:0e:e7:d3:e1:f6:42:99:c7:7c:
8d:b9:51:60:4f:25:c7:60:68:cb:c4:e8:5c:c9:1a:
be:e0:3a:b3:88:e9:c7:0a:c5:b3:87:f5:6f:81:97:
bc:f2:2a:46:66:15:27:91:f5:17:df:e2:c4:07:47:
ad:d0:11:a1:b0:13:d4:06:8e:3d:ff:a9:6a:32:75:
12:8b:6c:9c:cc:99:1c:9a:d1:81:ab:23:7b:36:78:
0c:bd:a3:75:73:73:88:6a:0f:59:97:ee:a9:67:38:
7c:e6:1a:eb:83:e7:69:be:38:8a:50:48:63:df:d7:
9d:54:90:96:8c:d8:f1:22:64:03:bf:44:00:f7:01:
d1:86:81:da:22:75:48:e0:37:7c:c2:c9:1c:67:14:
28:e3:c4:80:8d:b2:ee:19:ef:3d:20:e4:4a:04:60:
21:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F2:0D:82:E6:5D:4F:6E:75:13:1E:FB:F7:EB:EA:1D:F6:08:8E:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:9000::/40
Signature Algorithm: sha256WithRSAEncryption
09:50:3b:9e:8d:a3:27:d0:04:40:80:54:27:03:55:2e:42:38:
f2:02:e5:b8:03:67:d3:80:97:ae:d6:41:38:37:b8:7c:5b:fd:
7d:50:fb:1b:52:3f:1c:1f:10:79:23:62:f8:05:79:cb:e2:5a:
73:4d:ef:60:dd:c3:1b:6b:76:09:18:d2:36:49:0a:81:6a:c3:
b4:41:4a:7d:e5:11:f0:9a:d7:4e:bc:9b:49:97:54:e1:b4:fa:
f1:e1:fc:c6:1f:09:b4:26:fb:7e:46:d3:a4:77:a8:01:5a:b2:
04:b3:b6:48:a0:e1:df:4e:cc:f6:42:15:38:e0:49:13:a7:6e:
45:1e:c9:1f:78:c3:0c:66:43:a7:50:4c:14:b7:ae:e2:42:09:
f6:74:44:fd:71:d4:30:0c:8c:49:fc:96:08:37:80:53:18:ea:
08:d9:1f:ef:08:38:36:70:cc:b5:58:d4:21:de:0b:e6:d6:92:
9e:70:93:c0:a0:ba:44:9f:d2:13:0d:e0:e2:4f:70:20:2d:de:
87:e9:a4:8a:a6:c5:10:b1:af:2b:81:16:ee:48:86:96:6c:f6:
54:98:d7:18:4b:0c:c9:d1:22:10:0f:1b:02:f7:e7:55:df:e0:
f7:98:78:1d:eb:09:ab:a7:17:b1:a2:56:9f:47:7a:f9:2b:21:
3e:10:e0:4c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfBxKq1znO6+b2POd+P8yywtpWbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxNDBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzOTc4YzliNzY3NjIzMTJhMmY4MTU4ZDgyYjU3ZDlmNzZlYWYzOGMzMjNl
NjAxNDE4Mzk0MTkxYmI0MGVhZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJgR2tHPveG/mAwV/SknzG3tZTSRsR9n6pRRBu65cfPBdcIUwGfI2O2rsYDM
GrrpjglbE7Bxa3UKrB+UecSBtl9XYGOBOW22Oe+fgVm3FxA08VgpdZZkcQUgY0eu
cL5vDufT4fZCmcd8jblRYE8lx2Boy8ToXMkavuA6s4jpxwrFs4f1b4GXvPIqRmYV
J5H1F9/ixAdHrdARobAT1AaOPf+pajJ1EotsnMyZHJrRgasjezZ4DL2jdXNziGoP
WZfuqWc4fOYa64Pnab44ilBIY9/XnVSQlozY8SJkA79EAPcB0YaB2iJ1SOA3fMLJ
HGcUKOPEgI2y7hnvPSDkSgRgIUkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSx8g2C
5l1PbnUTHvv36+od9giO9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTE1ZjdlODUtOTIyMy00N2U1LWJlMmItNDJlYzZhMTJhODhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAJUDuejaMn0ARAgFQnA1UuQjjyAuW4A2fTgJeu
1kE4N7h8W/19UPsbUj8cHxB5I2L4BXnL4lpzTe9g3cMba3YJGNI2SQqBasO0QUp9
5RHwmtdOvJtJl1ThtPrx4fzGHwm0Jvt+RtOkd6gBWrIEs7ZIoOHfTsz2QhU44EkT
p25FHskfeMMMZkOnUEwUt67iQgn2dET9cdQwDIxJ/JYIN4BTGOoI2R/vCDg2cMy1
WNQh3gvm1pKecJPAoLpEn9ITDeDiT3AgLd6H6aSKpsUQsa8rgRbuSIaWbPZUmNcY
SwzJ0SIQDxsC9+dV3+D3mHgd6wmrpxexolafR3r5KyE+EOBM
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:32 2025 by rpki-client