Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67233a4e-590e-4497-a72c-fe940d42b798.roa
File: 67233a4e-590e-4497-a72c-fe940d42b798.roa (raw, json)
Hash identifier: RVLHFK5HcWNjFhNmaKfu9d2ajxp4dIAPFquQ5GvXEgE=
Subject key identifier: 2F:7E:15:C7:C2:00:BA:8F:0D:CC:18:E5:8E:9B:37:D8:29:2B:E8:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 02D0AEB4D9917A97387CB3E23A2DAA38CA88E2C1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67233a4e-590e-4497-a72c-fe940d42b798.roa
Signing time: Mon 16 Jun 2025 21:50:17 +0000
ROA not before: Mon 16 Jun 2025 21:50:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:d0:ae:b4:d9:91:7a:97:38:7c:b3:e2:3a:2d:aa:38:ca:88:e2:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:50:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=d9a1086678a2935e12a39b9074aac776dcdb3fee7cce405552df24f48ae557d3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d9:37:0b:fb:66:19:57:d4:1f:10:11:7d:b9:
22:d3:d4:ab:9d:f8:ab:dd:6b:7b:08:34:68:c7:b1:
9a:b4:5b:34:bc:7d:12:94:7f:13:41:04:04:25:c9:
0f:57:02:1b:ef:6a:c7:27:56:12:0a:32:e4:0f:83:
67:02:29:57:8d:24:b5:70:af:a6:ef:71:f3:7d:85:
92:77:fc:d4:cf:e1:84:52:26:eb:6c:5a:66:ff:2f:
d8:d6:6c:79:24:60:b6:ef:c8:8d:0e:59:d5:94:33:
3a:c5:14:15:b1:c1:61:80:2b:41:32:23:80:a4:5d:
dc:72:be:28:76:37:ac:99:18:27:a7:ba:43:9c:95:
ed:29:91:07:d9:b9:08:ab:ee:8e:e2:27:7a:97:f9:
47:f9:02:ee:38:6a:1f:59:24:44:71:5c:b9:65:c3:
8d:80:1a:1f:e2:8c:ec:67:25:fd:6e:d6:fe:da:35:
e6:69:86:58:28:74:7a:c9:a7:f8:3e:dc:a8:e5:2d:
3e:68:13:4e:d1:74:b3:49:cf:53:08:02:87:ec:6a:
28:a4:1b:81:87:2a:41:c7:65:6b:2f:c4:ea:ac:48:
8a:07:65:05:49:fd:1b:6a:87:f3:d3:4d:ce:e2:b8:
d3:62:d0:e9:a9:cc:04:9c:53:ad:4a:3a:b2:ef:70:
54:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:7E:15:C7:C2:00:BA:8F:0D:CC:18:E5:8E:9B:37:D8:29:2B:E8:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67233a4e-590e-4497-a72c-fe940d42b798.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c::/32
Signature Algorithm: sha256WithRSAEncryption
6e:ac:27:bd:ed:e8:e2:ab:48:a5:95:5b:9e:31:15:4c:36:ec:
79:87:a6:1e:64:c6:2a:db:77:90:93:60:dd:29:c7:47:7e:8b:
3d:e3:60:79:be:20:fd:ff:70:bb:7e:07:d5:11:af:53:b6:c9:
60:24:94:2a:7d:36:fc:09:ea:c9:c0:5b:f4:ab:2d:c6:1e:8a:
75:a2:ec:0f:e6:78:d1:f9:1f:73:c0:23:52:b0:d8:46:27:c5:
63:c2:70:73:53:5c:d7:fa:4e:39:97:31:80:c6:3e:b6:3c:9e:
88:85:b0:c4:8c:be:14:54:23:92:0c:f8:ba:26:6c:99:b6:28:
ef:3e:f0:ec:72:c9:8c:63:ba:a6:ee:8c:de:73:91:9e:00:85:
b0:9f:b6:f2:b8:9a:e0:38:b5:2d:7f:64:04:21:93:a0:ae:17:
ab:a2:0d:e3:d9:8f:ca:f4:ab:5a:e0:7b:50:00:4d:0b:13:23:
2c:24:59:49:39:94:47:1d:d7:56:5a:66:f0:ab:43:35:0c:c1:
d3:ac:03:98:56:e8:3c:dd:f7:0f:ac:bf:34:56:5c:47:79:82:
50:47:06:6a:09:26:8d:4f:a3:c5:4c:ea:08:1a:6f:f4:71:64:
57:92:2b:cd:22:8e:72:ca:46:e0:f4:b3:18:a7:58:78:a0:0f:
58:5e:50:8b
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUAtCutNmRepc4fLPiOi2qOMqI4sEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTUwMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5YTEwODY2NzhhMjkzNWUxMmEzOWI5MDc0YWFjNzc2ZGNkYjNmZWU3Y2Nl
NDA1NTUyZGYyNGY0OGFlNTU3ZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjZNwv7ZhlX1B8QEX25ItPUq534q91rewg0aMexmrRbNLx9EpR/E0EEBCXJ
D1cCG+9qxydWEgoy5A+DZwIpV40ktXCvpu9x832Fknf81M/hhFIm62xaZv8v2NZs
eSRgtu/IjQ5Z1ZQzOsUUFbHBYYArQTIjgKRd3HK+KHY3rJkYJ6e6Q5yV7SmRB9m5
CKvujuInepf5R/kC7jhqH1kkRHFcuWXDjYAaH+KM7Gcl/W7W/to15mmGWCh0esmn
+D7cqOUtPmgTTtF0s0nPUwgCh+xqKKQbgYcqQcdlay/E6qxIigdlBUn9G2qH89NN
zuK402LQ6anMBJxTrUo6su9wVJMCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQvfhXH
wgC6jw3MGOWOmzfYKSvobzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjcyMzNhNGUtNTkwZS00NDk3LWE3MmMtZmU5NDBkNDJiNzk4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hww
DQYJKoZIhvcNAQELBQADggEBAG6sJ73t6OKrSKWVW54xFUw27HmHph5kxirbd5CT
YN0px0d+iz3jYHm+IP3/cLt+B9URr1O2yWAklCp9NvwJ6snAW/SrLcYeinWi7A/m
eNH5H3PAI1Kw2EYnxWPCcHNTXNf6TjmXMYDGPrY8noiFsMSMvhRUI5IM+LombJm2
KO8+8OxyyYxjuqbujN5zkZ4AhbCftvK4muA4tS1/ZAQhk6CuF6uiDePZj8r0q1rg
e1AATQsTIywkWUk5lEcd11ZaZvCrQzUMwdOsA5hW6Dzd9w+svzRWXEd5glBHBmoJ
Jo1Po8VM6ggab/RxZFeSK80ijnLKRuD0sxinWHigD1heUIs=
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:58:10 2025 by rpki-client