Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa
File: 669652b6-0b22-49a0-b29f-dfb51835c988.roa (raw, json)
Hash identifier: 8HYRtfh5VEJNSy/i+gibExM5+GgMnhOyOog6aScM6M4=
Subject key identifier: 97:67:A9:82:3C:97:3F:54:4E:AC:F1:66:EB:02:73:02:79:B0:A2:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6691D3894ED5FADA39A42C47FADEF3474F1F9918
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa
Signing time: Mon 16 Jun 2025 21:40:18 +0000
ROA not before: Mon 16 Jun 2025 21:40:18 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:91:d3:89:4e:d5:fa:da:39:a4:2c:47:fa:de:f3:47:4f:1f:99:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:40:18 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=79ba89c9d87e8d6242e0bfffe8ff1bb351bf7dd46257ae6675294267adedb6c8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:68:f4:0f:11:c7:1d:b8:3c:93:0c:2a:64:1b:
3c:dc:56:38:67:77:e8:5e:09:3c:14:7f:8d:32:6b:
ca:68:88:58:10:31:1f:26:5e:de:94:9e:18:da:bc:
b8:ad:66:5b:81:e8:eb:5f:bb:0a:eb:51:31:a7:b3:
f8:0e:13:64:8f:63:75:d8:e8:77:2e:42:6e:4e:d9:
76:41:81:2b:77:b6:a0:b4:eb:07:d5:fe:52:8a:ee:
a6:76:06:59:63:64:9b:af:c2:79:24:8e:53:8e:87:
56:fb:33:07:42:4d:e7:14:c1:17:25:99:7b:a1:4f:
58:2f:9c:76:7d:dd:32:d0:cd:d8:38:1e:95:41:13:
ab:c5:3f:ba:c1:a0:53:f6:3e:48:15:4f:4b:98:8d:
e9:8e:c2:8d:53:5d:87:e7:ce:42:43:54:54:b8:80:
0a:57:3f:8a:2a:39:2c:2c:0a:b0:4c:8e:7d:7f:5a:
cf:e4:83:7a:cb:57:06:91:ea:ab:4d:32:56:f4:bb:
ea:65:8c:30:f7:76:78:73:a7:ac:c3:57:55:a1:df:
72:75:4f:fd:83:2f:20:88:8e:2d:2d:32:1b:db:2b:
42:34:e2:74:b7:fb:a3:95:8a:42:05:9b:31:2e:d7:
38:ad:8e:0a:e9:37:c6:b9:be:cd:87:75:e5:6c:98:
23:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:67:A9:82:3C:97:3F:54:4E:AC:F1:66:EB:02:73:02:79:B0:A2:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c::/38
Signature Algorithm: sha256WithRSAEncryption
04:c6:63:0f:3f:f3:c2:b9:b1:1b:8a:43:92:04:84:48:75:06:
9d:82:31:94:f4:99:27:5f:7c:0d:6e:47:62:83:a7:7b:59:7d:
e3:13:e8:10:b0:1f:50:e8:4a:85:79:6b:7f:59:70:7a:f6:d9:
e1:d7:cb:e6:bf:c0:48:ff:91:da:87:9c:e4:bd:c8:d0:9f:2e:
34:3a:88:67:7b:bd:54:56:76:7c:a7:58:50:9f:f8:d4:21:ba:
6c:84:41:16:cf:8f:0b:1b:b9:c5:89:1c:ab:ff:15:17:25:7b:
f5:d7:44:d2:54:91:22:7b:fb:55:97:53:82:fd:df:e4:db:58:
d7:5a:60:e4:2f:57:41:f3:09:2a:db:c1:46:d9:0e:cb:6f:ec:
2f:33:b1:48:4c:85:2f:73:d8:ef:d7:1d:89:38:73:0a:96:3d:
57:61:eb:23:11:a0:f3:67:37:4e:e1:c3:5f:c7:14:83:a6:3e:
0d:4d:95:69:20:5d:c4:ca:e7:e3:8c:cc:d5:0f:e4:40:76:c1:
c2:ff:14:c2:2c:6e:1a:7b:b3:3b:e1:13:d3:de:95:a2:5d:a0:
c0:1e:ba:2f:08:4f:2b:00:3d:a3:5a:63:92:b4:04:0a:88:78:
30:55:da:c9:7b:45:4c:a2:0c:eb:9b:92:40:5e:47:92:05:2f:
22:02:1d:3f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZpHTiU7V+to5pCxH+t7zR08fmRgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQwMThaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5YmE4OWM5ZDg3ZThkNjI0MmUwYmZmZmU4ZmYxYmIzNTFiZjdkZDQ2MjU3
YWU2Njc1Mjk0MjY3YWRlZGI2YzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNo9A8Rxx24PJMMKmQbPNxWOGd36F4JPBR/jTJrymiIWBAxHyZe3pSeGNq8
uK1mW4Ho61+7CutRMaez+A4TZI9jddjody5Cbk7ZdkGBK3e2oLTrB9X+UorupnYG
WWNkm6/CeSSOU46HVvszB0JN5xTBFyWZe6FPWC+cdn3dMtDN2DgelUETq8U/usGg
U/Y+SBVPS5iN6Y7CjVNdh+fOQkNUVLiAClc/iio5LCwKsEyOfX9az+SDestXBpHq
q00yVvS76mWMMPd2eHOnrMNXVaHfcnVP/YMvIIiOLS0yG9srQjTidLf7o5WKQgWb
MS7XOK2OCuk3xrm+zYd15WyYI+cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSXZ6mC
PJc/VE6s8WbrAnMCebCiyDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjY5NjUyYjYtMGIyMi00OWEwLWIyOWYtZGZiNTE4MzVjOTg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwA
MA0GCSqGSIb3DQEBCwUAA4IBAQAExmMPP/PCubEbikOSBIRIdQadgjGU9JknX3wN
bkdig6d7WX3jE+gQsB9Q6EqFeWt/WXB69tnh18vmv8BI/5Hah5zkvcjQny40Oohn
e71UVnZ8p1hQn/jUIbpshEEWz48LG7nFiRyr/xUXJXv110TSVJEie/tVl1OC/d/k
21jXWmDkL1dB8wkq28FG2Q7Lb+wvM7FITIUvc9jv1x2JOHMKlj1XYesjEaDzZzdO
4cNfxxSDpj4NTZVpIF3EyufjjMzVD+RAdsHC/xTCLG4ae7M74RPT3pWiXaDAHrov
CE8rAD2jWmOStAQKiHgwVdrJe0VMogzrm5JAXkeSBS8iAh0/
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:32 2025 by rpki-client