Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
File: 5246cdd9-6493-4560-b4c3-8d974de78b57.roa (raw, json)
Hash identifier: WbKJkLCGKQdBCWsC9h7nBCgudyk2cKu64f3wfqJ50uk=
Subject key identifier: 64:8D:79:69:B7:DE:3A:D9:37:A6:DF:88:11:A1:8F:56:88:C3:50:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20E9C65C7259DF8CF2F347DB5DADB30CB22D44C5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
Signing time: Tue 17 Jun 2025 00:40:06 +0000
ROA not before: Tue 17 Jun 2025 00:40:06 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:e9:c6:5c:72:59:df:8c:f2:f3:47:db:5d:ad:b3:0c:b2:2d:44:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:06 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=3560b044f089c2011cbf5e92c3e5dd16e4040fc8ca9308d331e1d1274b046502, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:cb:64:ae:c6:0d:40:79:b9:51:25:9a:ed:4b:
9b:86:90:84:16:2c:e7:35:79:0c:4d:ca:f0:2d:b8:
ff:9c:83:f2:46:a4:59:05:6a:0c:0e:f7:e5:03:2f:
7a:5b:75:0a:3a:87:c9:6c:43:2b:a8:0c:f0:e6:86:
1f:41:d1:23:55:d2:29:f6:08:3d:63:fd:84:20:c9:
4a:da:a4:07:8a:75:49:1f:d2:44:c9:f2:a5:77:7c:
5e:ca:a3:4d:9d:4d:ec:9d:97:31:4d:2f:35:c6:2a:
8b:ab:3e:48:60:68:1b:12:35:36:2a:bc:ec:ea:f4:
d8:fe:e3:83:59:d4:00:a7:cf:85:e9:54:1d:17:9f:
19:4f:32:cb:4b:73:38:3f:0b:38:ba:d3:8f:cd:c9:
1d:c9:34:08:cb:d8:5c:7e:f8:18:6f:b1:e5:75:1d:
65:62:96:75:2d:76:57:78:86:bc:6b:53:be:ee:f0:
e1:24:d8:0d:80:4f:ed:4f:78:72:5d:74:55:26:8c:
8f:7b:21:25:0a:1d:94:be:81:02:ac:0b:09:14:04:
39:68:7f:ad:bd:0b:ca:99:3c:1f:de:23:e0:c3:b0:
22:a7:c4:29:99:4b:98:50:fc:fa:5e:65:65:4c:6d:
38:55:41:cf:8f:e3:44:c4:63:f5:c3:d3:40:eb:27:
08:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:8D:79:69:B7:DE:3A:D9:37:A6:DF:88:11:A1:8F:56:88:C3:50:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:c000::/40
Signature Algorithm: sha256WithRSAEncryption
c0:b2:1c:ec:7a:e2:6c:16:73:3c:17:df:65:8b:0e:e0:49:a1:
c1:1c:d3:fb:70:5b:9a:a9:52:39:26:a5:ea:87:01:04:a1:2c:
62:46:c9:4d:a1:ab:a2:a3:f7:5b:47:2a:ca:06:52:2b:03:3b:
11:e7:a7:35:e8:ec:e7:bb:9e:2a:e7:d5:7d:fd:34:45:b0:eb:
42:9c:e2:d7:5c:12:d6:0b:6c:d2:55:5e:ca:67:cc:27:3a:08:
39:d3:02:15:7b:fc:ec:7b:ed:13:3e:bf:ac:fc:2b:ad:92:9a:
e8:bf:15:f2:a9:7f:1f:4c:b5:6f:62:8a:69:77:f9:36:53:81:
ec:30:44:6f:54:85:d3:e3:81:5d:60:02:2a:66:42:a7:ea:7b:
43:ca:d2:ad:b6:37:a5:10:00:69:d8:70:94:90:a9:f8:19:76:
99:81:18:85:60:e3:06:29:5c:63:6f:ec:e0:54:07:a2:ff:06:
f0:91:75:f8:6a:bd:81:d3:0d:fc:c4:d6:91:4a:56:df:71:3a:
6e:91:97:40:89:cf:2d:27:4f:c2:1d:a6:34:bc:5c:39:05:3a:
b9:22:76:96:0f:da:86:c4:bf:ef:63:e3:79:92:e2:c9:7f:58:
41:b2:65:14:da:0e:02:8d:b4:33:b9:96:22:a6:ff:99:d6:56:
88:88:0e:77
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIOnGXHJZ34zy80fbXa2zDLItRMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQwMDZaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1NjBiMDQ0ZjA4OWMyMDExY2JmNWU5MmMzZTVkZDE2ZTQwNDBmYzhjYTkz
MDhkMzMxZTFkMTI3NGIwNDY1MDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrLZK7GDUB5uVElmu1Lm4aQhBYs5zV5DE3K8C24/5yD8kakWQVqDA735QMv
elt1CjqHyWxDK6gM8OaGH0HRI1XSKfYIPWP9hCDJStqkB4p1SR/SRMnypXd8Xsqj
TZ1N7J2XMU0vNcYqi6s+SGBoGxI1Niq87Or02P7jg1nUAKfPhelUHRefGU8yy0tz
OD8LOLrTj83JHck0CMvYXH74GG+x5XUdZWKWdS12V3iGvGtTvu7w4STYDYBP7U94
cl10VSaMj3shJQodlL6BAqwLCRQEOWh/rb0Lypk8H94j4MOwIqfEKZlLmFD8+l5l
ZUxtOFVBz4/jRMRj9cPTQOsnCMMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRkjXlp
t9462Tem34gRoY9WiMNQvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI0NmNkZDktNjQ5My00NTYwLWI0YzMtOGQ5NzRkZTc4YjU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DjA
MA0GCSqGSIb3DQEBCwUAA4IBAQDAshzseuJsFnM8F99liw7gSaHBHNP7cFuaqVI5
JqXqhwEEoSxiRslNoauio/dbRyrKBlIrAzsR56c16Oznu54q59V9/TRFsOtCnOLX
XBLWC2zSVV7KZ8wnOgg50wIVe/zse+0TPr+s/CutkprovxXyqX8fTLVvYoppd/k2
U4HsMERvVIXT44FdYAIqZkKn6ntDytKttjelEABp2HCUkKn4GXaZgRiFYOMGKVxj
b+zgVAei/wbwkXX4ar2B0w38xNaRSlbfcTpukZdAic8tJ0/CHaY0vFw5BTq5InaW
D9qGxL/vY+N5kuLJf1hBsmUU2g4CjbQzuZYipv+Z1laIiA53
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:08:29 2025 by rpki-client