Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5238c13f-b2a5-43d9-9624-d2e714a9bf53.roa
File: 5238c13f-b2a5-43d9-9624-d2e714a9bf53.roa (raw, json)
Hash identifier: VJmgHhSZXqrnNnjAl074GY6HVhgjKTMqmm2c+ql66hU=
Subject key identifier: 46:32:02:1F:98:75:55:20:AA:BA:5A:FE:7F:4D:18:A8:41:87:29:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C6E11A5044E374E3136522E0F19C2CFD351A841
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5238c13f-b2a5-43d9-9624-d2e714a9bf53.roa
Signing time: Fri 20 Jun 2025 00:10:36 +0000
ROA not before: Fri 20 Jun 2025 00:10:36 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02f:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:6e:11:a5:04:4e:37:4e:31:36:52:2e:0f:19:c2:cf:d3:51:a8:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 20 00:10:36 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=cfe8868efad823b6d8e6658e47c2522ef37fe669848a3c349d3f4eb01f03628f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:82:82:02:93:39:9f:80:2b:12:fd:16:ca:7e:
c4:25:43:74:43:6c:c4:48:48:38:9b:a6:db:05:61:
d2:e4:ad:9f:5f:d1:f7:dc:56:83:bd:ce:13:cc:db:
9e:d9:37:ed:d6:e9:4b:80:c8:f4:cc:81:fe:c6:c2:
94:52:9b:9d:c6:8b:ac:dd:e4:82:80:7d:8c:bd:3f:
93:b3:9a:53:94:15:50:a8:95:2f:be:1e:fd:5c:63:
ce:8a:23:c4:c1:ea:33:89:17:6c:52:30:32:87:1e:
f9:d3:f8:0b:22:1c:95:2a:46:a2:3d:6e:fd:ff:97:
c1:4b:93:9e:c3:42:32:64:0c:a9:e4:5b:53:6b:ad:
8c:6a:d8:69:00:2f:20:de:bc:47:e0:08:b4:b3:e3:
ef:fd:2f:c2:63:fe:d5:d8:4d:09:d3:c9:91:46:13:
1d:2e:df:f9:a7:47:71:0d:80:c4:b0:f2:72:9c:f1:
d0:3c:1f:b5:e7:16:0f:50:82:c0:39:c4:e7:e3:ee:
22:71:d5:45:de:82:52:1c:cd:4d:a2:5a:31:87:3c:
bd:4a:08:97:93:d5:7e:57:05:2f:27:d3:1b:52:a8:
ba:99:32:28:73:6b:7e:8e:35:33:53:5b:e7:1b:27:
96:64:0b:02:67:41:2e:d7:fb:ee:8b:37:da:b1:ba:
a2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:32:02:1F:98:75:55:20:AA:BA:5A:FE:7F:4D:18:A8:41:87:29:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5238c13f-b2a5-43d9-9624-d2e714a9bf53.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02f:800::/37
Signature Algorithm: sha256WithRSAEncryption
c6:4c:08:6d:21:ed:8d:76:7a:0a:48:27:e2:be:df:37:1d:23:
6e:9e:4b:f9:8d:42:92:15:75:32:c6:5d:1c:a9:c6:fa:46:12:
77:a3:49:a9:e0:e6:48:92:ae:15:60:ee:9c:4c:81:2a:4f:4c:
6f:55:80:3c:de:bf:c1:d5:0c:0e:db:05:fb:3d:88:fc:56:fc:
8f:14:0b:f9:31:49:33:bd:5a:0e:15:09:b3:ec:3a:4b:c4:7b:
5c:c4:d1:ac:38:4c:76:66:2b:6d:c7:1f:01:a9:d8:90:e3:76:
51:f2:fa:8e:7e:c5:71:22:a5:0f:b1:34:59:58:46:8f:5b:9e:
3b:db:77:5b:43:c6:7f:e6:9b:24:82:24:ec:b2:3f:b9:36:47:
f7:04:35:18:a8:16:55:0d:1e:4f:f0:48:84:91:c5:85:ee:9d:
a8:8a:fb:27:a3:8e:33:f0:d2:b6:d6:20:6c:b1:2e:a2:ac:e4:
b6:75:05:c8:88:9c:57:4e:04:d7:8f:70:93:6a:ab:57:78:5b:
57:e1:0f:6c:ea:20:f5:e0:e0:13:c9:1d:59:4f:91:27:40:81:
8a:b3:a7:dd:fd:64:8b:14:af:1b:60:c8:63:15:d6:7a:20:19:
0e:4a:a3:8d:70:40:2f:9c:5f:99:15:8d:95:2c:ee:a0:16:af:
ae:14:a8:fd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfG4RpQRON04xNlIuDxnCz9NRqEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjAwMDEwMzZaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmZTg4NjhlZmFkODIzYjZkOGU2NjU4ZTQ3YzI1MjJlZjM3ZmU2Njk4NDhh
M2MzNDlkM2Y0ZWIwMWYwMzYyOGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN2CggKTOZ+AKxL9Fsp+xCVDdENsxEhIOJum2wVh0uStn1/R99xWg73OE8zb
ntk37dbpS4DI9MyB/sbClFKbncaLrN3kgoB9jL0/k7OaU5QVUKiVL74e/Vxjzooj
xMHqM4kXbFIwMoce+dP4CyIclSpGoj1u/f+XwUuTnsNCMmQMqeRbU2utjGrYaQAv
IN68R+AItLPj7/0vwmP+1dhNCdPJkUYTHS7f+adHcQ2AxLDycpzx0DwftecWD1CC
wDnE5+PuInHVRd6CUhzNTaJaMYc8vUoIl5PVflcFLyfTG1KoupkyKHNrfo41M1Nb
5xsnlmQLAmdBLtf77os32rG6oiUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRGMgIf
mHVVIKq6Wv5/TRioQYcp0DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTIzOGMxM2YtYjJhNS00M2Q5LTk2MjQtZDJlNzE0YTliZjUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0C8I
MA0GCSqGSIb3DQEBCwUAA4IBAQDGTAhtIe2NdnoKSCfivt83HSNunkv5jUKSFXUy
xl0cqcb6RhJ3o0mp4OZIkq4VYO6cTIEqT0xvVYA83r/B1QwO2wX7PYj8VvyPFAv5
MUkzvVoOFQmz7DpLxHtcxNGsOEx2Zittxx8BqdiQ43ZR8vqOfsVxIqUPsTRZWEaP
W54723dbQ8Z/5pskgiTssj+5Nkf3BDUYqBZVDR5P8EiEkcWF7p2oivsno44z8NK2
1iBssS6irOS2dQXIiJxXTgTXj3CTaqtXeFtX4Q9s6iD14OATyR1ZT5EnQIGKs6fd
/WSLFK8bYMhjFdZ6IBkOSqONcEAvnF+ZFY2VLO6gFq+uFKj9
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:30:03 2025 by rpki-client