Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5836d090-8999-43ab-a38c-f63a0e829c0b.roa
File: 5836d090-8999-43ab-a38c-f63a0e829c0b.roa (raw, json)
Hash identifier: gWlDbtcWz+l0tZPX2+E5Fc2RSHPDzgcX+iAP0YuFTso=
Subject key identifier: 03:CB:16:8C:4B:F9:D6:EC:00:79:A6:6B:F7:77:F3:BC:84:BD:D3:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C5887084DF9E4AC4E4A4FAED4280DBB75B807A6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5836d090-8999-43ab-a38c-f63a0e829c0b.roa
Signing time: Mon 16 Jun 2025 19:51:45 +0000
ROA not before: Mon 16 Jun 2025 19:51:45 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:58:87:08:4d:f9:e4:ac:4e:4a:4f:ae:d4:28:0d:bb:75:b8:07:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:51:45 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=2c64ac746b4ff21aa379d3527caffe0d165307ffed82e49ffdf9eec8e4fac940, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9c:b2:91:b1:37:53:30:51:b7:a0:1f:bf:ec:
99:7e:40:02:13:22:a7:be:56:4c:99:a0:5c:8d:9b:
5b:85:00:1e:56:79:02:b2:86:e5:34:01:a1:e3:e9:
82:d3:0c:62:4e:f2:33:d4:50:9a:1d:a6:9a:04:2b:
e1:26:f9:af:e4:98:63:c7:cb:98:9b:23:63:3c:77:
2e:11:25:26:a5:9c:ef:dc:2c:6e:2b:df:75:a8:e6:
b2:3f:de:a9:db:4b:6d:a5:fe:42:65:6a:07:37:7a:
4b:66:24:0f:45:a3:17:5e:18:72:82:2d:aa:86:4c:
c7:f0:59:af:6d:ff:10:49:5d:cf:85:bf:7b:b4:06:
88:b1:19:65:1e:11:40:68:71:72:1f:50:02:fc:55:
78:46:03:cf:cc:b7:54:d5:88:e1:bc:28:a9:d1:f9:
4e:dd:73:81:70:fb:e4:9b:ae:39:c3:94:f4:9b:ca:
c4:27:fa:06:47:d0:f8:dc:79:71:c3:74:cd:a6:cf:
be:b0:6e:4f:ef:77:a3:55:29:f0:4b:ea:c9:28:0a:
65:0e:b0:84:2e:76:99:e1:5f:64:3d:d6:f8:ab:a5:
26:97:77:1d:b4:63:b8:e5:a4:56:cc:7f:e1:cd:87:
9b:e5:f0:98:d8:17:fc:8f:7c:61:41:dc:0d:38:c5:
c4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:CB:16:8C:4B:F9:D6:EC:00:79:A6:6B:F7:77:F3:BC:84:BD:D3:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5836d090-8999-43ab-a38c-f63a0e829c0b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
a4:f9:6d:ec:d6:ad:26:1e:d0:eb:25:c4:7c:42:6b:b9:15:96:
29:fa:32:48:c0:df:8b:ee:0e:7c:5a:d3:38:6f:c9:04:d1:8f:
d1:a8:6c:36:be:24:fc:19:0e:46:b2:b6:80:64:a0:73:e4:8f:
3b:5f:8f:8f:77:d7:43:69:69:ff:35:8f:94:38:06:49:1f:27:
61:ac:52:8b:e2:d1:43:89:ef:c1:e7:19:a1:9a:e5:59:09:74:
5a:3e:6b:b7:3b:2f:66:36:9d:9b:92:15:b0:79:d1:20:45:36:
26:1c:bd:21:b8:41:fa:19:fe:f0:3b:1b:f0:34:01:80:ee:08:
5a:b4:7b:c4:96:7a:81:5b:a1:2c:f8:68:bd:31:2d:a1:c5:c0:
b8:1e:aa:55:29:9a:a0:82:8d:ca:05:1d:cf:a4:6d:2c:43:ac:
26:88:6e:6c:0b:bf:82:b7:f7:2b:10:90:16:d9:ce:02:62:f3:
01:72:6a:cd:2a:14:76:77:47:6a:f3:82:b8:62:73:61:3a:ce:
2a:14:e3:5c:b4:98:25:9a:c0:68:04:bd:94:af:70:fa:e8:a3:
cb:cc:5a:fd:5c:5b:99:4b:56:56:a1:8b:f6:cb:c3:9d:0e:f2:
e8:a0:08:28:22:dc:01:94:fe:09:ef:4c:57:84:0a:9a:62:4b:
34:00:56:96
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULFiHCE355KxOSk+u1CgNu3W4B6YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUxNDVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjNjRhYzc0NmI0ZmYyMWFhMzc5ZDM1MjdjYWZmZTBkMTY1MzA3ZmZlZDgy
ZTQ5ZmZkZjllZWM4ZTRmYWM5NDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMacspGxN1MwUbegH7/smX5AAhMip75WTJmgXI2bW4UAHlZ5ArKG5TQBoePp
gtMMYk7yM9RQmh2mmgQr4Sb5r+SYY8fLmJsjYzx3LhElJqWc79wsbivfdajmsj/e
qdtLbaX+QmVqBzd6S2YkD0WjF14YcoItqoZMx/BZr23/EEldz4W/e7QGiLEZZR4R
QGhxch9QAvxVeEYDz8y3VNWI4bwoqdH5Tt1zgXD75JuuOcOU9JvKxCf6BkfQ+Nx5
ccN0zabPvrBuT+93o1Up8EvqySgKZQ6whC52meFfZD3W+KulJpd3HbRjuOWkVsx/
4c2Hm+XwmNgX/I98YUHcDTjFxL0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQDyxaM
S/nW7AB5pmv3d/O8hL3TdTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTgzNmQwOTAtODk5OS00M2FiLWEzOGMtZjYzYTBlODI5YzBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCk+W3s1q0mHtDrJcR8Qmu5FZYp+jJIwN+L7g58
WtM4b8kE0Y/RqGw2viT8GQ5GsraAZKBz5I87X4+Pd9dDaWn/NY+UOAZJHydhrFKL
4tFDie/B5xmhmuVZCXRaPmu3Oy9mNp2bkhWwedEgRTYmHL0huEH6Gf7wOxvwNAGA
7ghatHvElnqBW6Es+Gi9MS2hxcC4HqpVKZqggo3KBR3PpG0sQ6wmiG5sC7+Ct/cr
EJAW2c4CYvMBcmrNKhR2d0dq84K4YnNhOs4qFONctJglmsBoBL2Ur3D66KPLzFr9
XFuZS1ZWoYv2y8OdDvLooAgoItwBlP4J70xXhAqaYks0AFaW
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:26:30 2025 by rpki-client