Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
File: 58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa (raw, json)
Hash identifier: iGbHguC84Mb2RPviNyzZuhK2JSMT+68ucms0gZnLnjc=
Subject key identifier: 5C:18:D0:DE:71:3E:93:0D:36:5F:8C:19:CD:77:12:89:83:B1:35:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77C9A9D396F54148E6A29538A51901C3349AB383
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
Signing time: Mon 16 Jun 2025 20:20:11 +0000
ROA not before: Mon 16 Jun 2025 20:20:11 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:c9:a9:d3:96:f5:41:48:e6:a2:95:38:a5:19:01:c3:34:9a:b3:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:20:11 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=1378957802916e606774a2452d7dca08db4e75d5d0a3299b034037907ad7c201, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3e:fc:3a:e6:39:15:51:79:8d:08:68:ed:f1:
de:8d:2e:81:01:fa:28:d1:65:74:af:6d:96:26:c4:
70:c8:c7:3b:5b:32:4e:f9:d2:13:fe:09:a8:04:65:
19:78:ca:18:a9:b5:ad:9f:fe:c5:32:b7:5f:dd:33:
0d:dd:c0:aa:87:d8:55:ae:21:23:65:22:59:f5:96:
66:af:9c:a4:b3:58:96:25:9e:b1:6c:42:87:97:de:
f1:07:39:a2:a3:6c:18:60:66:36:97:ee:71:76:53:
ed:f2:dc:a4:6c:5e:19:b8:da:f5:6c:f3:be:9e:4e:
8f:74:29:cc:ad:60:47:35:7c:a1:14:eb:99:14:60:
e5:ee:97:da:c8:9f:83:5e:57:15:4c:45:e4:af:cc:
20:84:be:8c:d4:a8:74:46:b4:85:f7:e4:3b:f7:6f:
74:8a:01:01:46:7c:39:4d:e6:cf:55:fb:22:ba:0c:
44:1f:88:f0:43:29:3b:aa:41:b6:d8:a4:12:0e:e3:
dd:81:bb:f9:cf:bb:d1:51:9c:cf:6c:ee:22:fd:e7:
e1:01:61:68:d9:4c:6b:f6:ef:e9:37:3f:ac:28:58:
fa:81:4d:95:8c:c6:a7:ee:84:17:c0:c8:50:9d:dd:
24:bb:ef:44:46:39:77:58:cf:4e:41:83:f2:2c:1d:
b8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:18:D0:DE:71:3E:93:0D:36:5F:8C:19:CD:77:12:89:83:B1:35:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2040::/48
Signature Algorithm: sha256WithRSAEncryption
c0:47:04:ce:1e:98:bb:2c:5e:93:a7:94:b6:fc:96:6b:56:69:
1f:1f:99:3c:a4:eb:97:04:4e:39:d0:bd:28:4b:0e:a1:1b:68:
3a:5b:85:e9:ea:be:68:03:90:b3:6a:74:c2:87:32:a0:76:f4:
7a:61:25:77:fb:10:21:7c:12:0e:27:85:29:9e:e5:1b:8d:b6:
4e:bd:bf:20:b0:18:01:f4:c1:a0:d2:88:94:1a:84:cb:d2:87:
65:b6:6c:94:47:45:b8:eb:2c:a8:65:9b:2b:30:93:18:64:01:
e3:15:0c:00:17:7d:cd:d5:31:64:f1:1e:05:60:54:fd:a3:31:
d2:e4:39:86:3c:60:c1:e9:32:b6:b3:75:18:4e:7e:f3:0e:d8:
9b:49:66:88:f2:54:4a:34:88:84:d7:5d:16:fd:04:73:81:4c:
31:6d:ea:9d:b7:9a:3a:11:c1:02:92:98:9f:8a:8a:4b:5e:d9:
7c:91:c0:e1:17:b6:75:14:96:35:c1:bc:3d:b8:54:cf:d0:1d:
bc:dd:44:ce:ad:42:df:b4:0d:65:ea:4a:ee:2b:e0:36:5d:36:
69:df:f4:a7:dc:74:53:96:ab:b6:00:e9:34:af:25:29:10:4d:
91:d4:32:61:16:03:e4:6d:39:22:77:ed:fa:d2:c3:f1:69:7d:
1c:19:fd:6a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUd8mp05b1QUjmopU4pRkBwzSas4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIwMTFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzNzg5NTc4MDI5MTZlNjA2Nzc0YTI0NTJkN2RjYTA4ZGI0ZTc1ZDVkMGEz
Mjk5YjAzNDAzNzkwN2FkN2MyMDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKk+/DrmORVReY0IaO3x3o0ugQH6KNFldK9tlibEcMjHO1syTvnSE/4JqARl
GXjKGKm1rZ/+xTK3X90zDd3AqofYVa4hI2UiWfWWZq+cpLNYliWesWxCh5fe8Qc5
oqNsGGBmNpfucXZT7fLcpGxeGbja9Wzzvp5Oj3QpzK1gRzV8oRTrmRRg5e6X2sif
g15XFUxF5K/MIIS+jNSodEa0hffkO/dvdIoBAUZ8OU3mz1X7IroMRB+I8EMpO6pB
ttikEg7j3YG7+c+70VGcz2zuIv3n4QFhaNlMa/bv6Tc/rChY+oFNlYzGp+6EF8DI
UJ3dJLvvREY5d1jPTkGD8iwduCECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRcGNDe
cT6TDTZfjBnNdxKJg7E1wDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTg1NTdhODktYjQzMS00OWMzLWJjMGUtZDQ5ZTJkNGM3OWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
QDANBgkqhkiG9w0BAQsFAAOCAQEAwEcEzh6Yuyxek6eUtvyWa1ZpHx+ZPKTrlwRO
OdC9KEsOoRtoOluF6eq+aAOQs2p0wocyoHb0emEld/sQIXwSDieFKZ7lG422Tr2/
ILAYAfTBoNKIlBqEy9KHZbZslEdFuOssqGWbKzCTGGQB4xUMABd9zdUxZPEeBWBU
/aMx0uQ5hjxgwekytrN1GE5+8w7Ym0lmiPJUSjSIhNddFv0Ec4FMMW3qnbeaOhHB
ApKYn4qKS17ZfJHA4Re2dRSWNcG8PbhUz9AdvN1Ezq1C37QNZepK7ivgNl02ad/0
p9x0U5artgDpNK8lKRBNkdQyYRYD5G05Inft+tLD8Wl9HBn9ag==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:27:59 2025 by rpki-client