Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
File: 6a2f7401-8559-4633-8579-cca77d6fa971.roa (raw, json)
Hash identifier: HT/lgayVkSuvJ5/Oa6PlYVQCUf4WxU79ATaXJbe8+aA=
Subject key identifier: FF:2C:D7:4D:7B:E3:E3:46:43:9C:47:62:94:E6:4F:7C:32:0A:F9:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38B1968041B1989E09024991FC0AB6ADF6C9C402
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
Signing time: Mon 16 Jun 2025 21:41:29 +0000
ROA not before: Mon 16 Jun 2025 21:41:29 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:b1:96:80:41:b1:98:9e:09:02:49:91:fc:0a:b6:ad:f6:c9:c4:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:41:29 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=52a2c612eda58397e36bcf17c108f7084cfbe56c82414ec426a40f2039efa840, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f3:1a:ba:fc:e0:aa:1b:d4:db:93:11:b6:4f:
49:53:77:38:7d:de:7d:fe:23:cf:a2:15:0b:6f:30:
f4:d9:0b:f8:5d:51:fa:54:ca:97:4c:19:ba:d4:15:
88:99:fb:10:bb:7b:a8:ab:f7:9d:3a:e8:48:a9:4a:
2d:ae:86:5b:db:79:c4:db:5b:9f:e4:51:f1:2a:d2:
30:36:17:3e:3b:81:d0:95:37:74:fb:cd:6b:3f:27:
c8:7c:2c:33:61:b4:8b:3a:a2:69:44:fe:d3:d3:99:
fb:b0:a6:c3:4c:9b:ab:5f:07:03:eb:82:fd:c6:b9:
86:49:eb:f3:51:82:95:b3:e0:a1:cf:86:56:c2:16:
b5:6b:6a:06:c0:ea:37:ec:d5:0f:58:15:80:4b:3d:
8f:0b:54:ba:a7:c4:cc:84:cc:ca:f9:69:05:82:56:
61:09:77:92:b6:d7:e1:57:8e:15:dc:48:49:c8:a5:
7d:c0:f4:5c:e4:18:9d:23:99:20:ad:f4:5b:37:bd:
68:8e:0b:51:6f:d8:4b:db:7c:05:3f:90:03:13:4b:
3f:67:11:f4:6e:3c:7b:ca:ea:4f:04:00:22:13:9a:
2e:d8:be:14:32:70:74:f8:a3:57:47:58:3a:f8:f2:
c2:0b:90:c0:77:39:3f:6e:ca:12:31:fe:bd:38:34:
ed:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:2C:D7:4D:7B:E3:E3:46:43:9C:47:62:94:E6:4F:7C:32:0A:F9:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a::/36
Signature Algorithm: sha256WithRSAEncryption
1c:d7:12:75:8e:3d:31:9a:73:4a:b2:df:a9:44:f9:ba:4d:0d:
77:a8:4d:5d:66:f5:06:bb:24:be:94:bd:7a:a3:6b:2b:b9:0f:
04:38:2f:e7:c5:2a:d1:5a:64:0b:5a:20:6c:5b:09:a5:65:7c:
01:67:a1:ef:6c:23:96:a6:48:a1:c4:f8:04:62:e9:4b:6e:be:
eb:7e:05:a2:d3:76:32:5e:b8:c0:06:5e:ad:76:8c:a7:2a:2d:
87:18:d1:dc:04:4d:57:d2:1b:3f:01:09:ed:d6:0b:b3:ed:b9:
07:a4:a5:9e:9a:a8:5a:66:e8:6f:53:ba:04:39:a3:f0:6d:17:
40:f0:1f:00:8b:bf:bf:08:69:40:00:7d:e4:01:28:db:38:f0:
b5:6d:15:04:1d:09:32:16:fe:f9:e9:8f:6b:35:f0:10:9a:e3:
a1:bb:f0:c7:a5:85:9a:b8:6e:a4:25:d2:29:bc:f9:cb:dd:e1:
27:d9:68:4d:7f:18:d1:eb:b5:bd:dd:ca:2f:b5:26:ea:55:ff:
47:75:32:56:50:db:9f:29:8a:59:9e:c9:36:ca:7f:64:a3:29:
21:d1:14:a1:a7:e8:5e:5c:06:66:4b:64:30:d7:fd:21:6a:bd:
1e:26:34:0f:df:8b:37:a8:ff:70:06:4a:ce:98:b4:57:e2:11:
50:3a:66:4a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOLGWgEGxmJ4JAkmR/Aq2rfbJxAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQxMjlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyYTJjNjEyZWRhNTgzOTdlMzZiY2YxN2MxMDhmNzA4NGNmYmU1NmM4MjQx
NGVjNDI2YTQwZjIwMzllZmE4NDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/zGrr84Kob1NuTEbZPSVN3OH3eff4jz6IVC28w9NkL+F1R+lTKl0wZutQV
iJn7ELt7qKv3nTroSKlKLa6GW9t5xNtbn+RR8SrSMDYXPjuB0JU3dPvNaz8nyHws
M2G0izqiaUT+09OZ+7Cmw0ybq18HA+uC/ca5hknr81GClbPgoc+GVsIWtWtqBsDq
N+zVD1gVgEs9jwtUuqfEzITMyvlpBYJWYQl3krbX4VeOFdxIScilfcD0XOQYnSOZ
IK30Wze9aI4LUW/YS9t8BT+QAxNLP2cR9G48e8rqTwQAIhOaLti+FDJwdPijV0dY
OvjywguQwHc5P27KEjH+vTg07WsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT/LNdN
e+PjRkOcR2KU5k98Mgr5KzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmEyZjc0MDEtODU1OS00NjMzLTg1NzktY2NhNzdkNmZhOTcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BoA
MA0GCSqGSIb3DQEBCwUAA4IBAQAc1xJ1jj0xmnNKst+pRPm6TQ13qE1dZvUGuyS+
lL16o2sruQ8EOC/nxSrRWmQLWiBsWwmlZXwBZ6HvbCOWpkihxPgEYulLbr7rfgWi
03YyXrjABl6tdoynKi2HGNHcBE1X0hs/AQnt1guz7bkHpKWemqhaZuhvU7oEOaPw
bRdA8B8Ai7+/CGlAAH3kASjbOPC1bRUEHQkyFv756Y9rNfAQmuOhu/DHpYWauG6k
JdIpvPnL3eEn2WhNfxjR67W93covtSbqVf9HdTJWUNufKYpZnsk2yn9koykh0RSh
p+heXAZmS2Qw1/0har0eJjQP34s3qP9wBkrOmLRX4hFQOmZK
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:11:09 2025 by rpki-client