Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
File: 758ab83f-3a25-48db-a214-04c27915b62e.roa (raw, json)
Hash identifier: XVwIzE4vyWcCLZ6q2NCAO4qW4t7wA0qbDaYVMHj8bVM=
Subject key identifier: 8E:55:60:E0:B7:2B:EF:16:2B:7C:3E:86:7B:6D:E0:A7:FB:84:17:16
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65ADAA5F5043AA16FB914EDCB9F353BFC01DE626
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
Signing time: Mon 16 Jun 2025 21:31:44 +0000
ROA not before: Mon 16 Jun 2025 21:31:44 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:ad:aa:5f:50:43:aa:16:fb:91:4e:dc:b9:f3:53:bf:c0:1d:e6:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:44 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=379be803fec212f2a3a4c78766e6759c1baf0c4c8a66fcbcea938a57a69f354d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b6:61:97:a8:5d:ad:a6:50:bc:6b:50:c1:12:
fe:1d:64:d0:39:8e:e4:d6:d1:b7:aa:6c:c5:b2:a8:
ba:70:48:18:6d:56:d0:34:73:81:fa:ac:03:8b:64:
f5:17:88:2b:0c:2b:5c:d4:b5:7a:78:76:b4:59:4a:
f2:5d:4c:21:5e:8f:87:a6:6b:1e:1d:73:18:46:38:
05:d0:5c:91:57:99:3e:6d:9b:68:2b:62:ad:31:7b:
25:6b:2f:a5:f0:50:b5:ed:fb:cc:9f:7a:60:7d:56:
80:50:9c:2f:d3:d4:15:fd:cd:ec:09:98:ee:ca:00:
dd:84:94:16:c8:a4:5f:0e:54:bc:be:8b:fb:e4:34:
8f:f3:db:bd:e4:99:a4:a7:a5:ce:50:3b:ee:54:a9:
70:a7:41:dd:e7:5a:4c:c2:8a:b4:56:55:0f:a3:7b:
a9:95:77:01:1b:78:67:3f:69:da:0e:38:2f:da:61:
8c:c3:c2:51:34:af:2d:cd:5e:05:46:ad:db:69:c7:
fa:57:2b:7e:f9:00:19:7f:a0:eb:fb:34:4a:02:0a:
2b:5e:73:38:03:c8:28:45:8b:56:af:cd:c2:a8:7e:
ea:83:7a:a4:bd:20:2d:fb:0f:1c:6a:fd:0f:d1:bf:
99:2e:df:90:c1:89:e2:e7:31:db:cd:8a:34:e3:00:
5b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:55:60:E0:B7:2B:EF:16:2B:7C:3E:86:7B:6D:E0:A7:FB:84:17:16
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:a000::/40
Signature Algorithm: sha256WithRSAEncryption
4c:0b:93:3f:b7:26:f2:a6:7c:ba:83:70:e8:a8:c2:3a:bb:29:
21:59:26:7d:2e:f8:24:5b:53:5c:6d:e8:35:b4:e4:e9:af:9e:
56:b5:47:31:c9:37:8f:7f:7b:cd:02:ad:66:1d:04:3f:d3:30:
0e:24:a1:3d:5e:4c:37:76:f8:00:c8:6a:71:79:33:8c:c9:0c:
08:d4:02:aa:34:8f:e2:f0:72:72:f3:5e:69:6d:01:0c:2a:cd:
b4:1f:cd:af:cf:da:3c:21:83:64:f4:d2:f3:79:b6:33:29:98:
ca:f3:27:a8:10:e5:34:77:23:f4:c0:7c:42:cf:dc:b5:9a:80:
c7:42:10:a2:e2:53:e3:a5:5e:87:08:ca:97:8b:20:54:e2:7f:
82:94:28:40:08:16:80:d6:09:9c:1f:4e:17:ca:84:17:5a:ed:
eb:48:4f:e7:57:63:71:f8:70:82:69:c4:d9:d1:4a:9d:d4:83:
7a:2e:a7:e6:1c:2d:78:f3:28:32:fe:50:35:27:e8:5a:78:a5:
74:6a:d8:15:da:1c:ed:1a:ef:63:85:6a:2c:69:22:78:88:c4:
c4:e8:ce:a4:5e:69:9b:f5:4b:9e:ef:a8:dd:c3:f4:b2:46:e6:
2e:da:76:aa:4a:a5:c0:45:4f:ea:57:b7:ee:c0:f9:4c:63:80:
06:f8:76:42
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZa2qX1BDqhb7kU7cufNTv8Ad5iYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxNDRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3OWJlODAzZmVjMjEyZjJhM2E0Yzc4NzY2ZTY3NTljMWJhZjBjNGM4YTY2
ZmNiY2VhOTM4YTU3YTY5ZjM1NGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMu2YZeoXa2mULxrUMES/h1k0DmO5NbRt6psxbKounBIGG1W0DRzgfqsA4tk
9ReIKwwrXNS1enh2tFlK8l1MIV6Ph6ZrHh1zGEY4BdBckVeZPm2baCtirTF7JWsv
pfBQte37zJ96YH1WgFCcL9PUFf3N7AmY7soA3YSUFsikXw5UvL6L++Q0j/PbveSZ
pKelzlA77lSpcKdB3edaTMKKtFZVD6N7qZV3ARt4Zz9p2g44L9phjMPCUTSvLc1e
BUat22nH+lcrfvkAGX+g6/s0SgIKK15zOAPIKEWLVq/Nwqh+6oN6pL0gLfsPHGr9
D9G/mS7fkMGJ4ucx282KNOMAW9kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSOVWDg
tyvvFit8PoZ7beCn+4QXFjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzU4YWI4M2YtM2EyNS00OGRiLWEyMTQtMDRjMjc5MTViNjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2g
MA0GCSqGSIb3DQEBCwUAA4IBAQBMC5M/tybypny6g3DoqMI6uykhWSZ9LvgkW1Nc
beg1tOTpr55WtUcxyTePf3vNAq1mHQQ/0zAOJKE9Xkw3dvgAyGpxeTOMyQwI1AKq
NI/i8HJy815pbQEMKs20H82vz9o8IYNk9NLzebYzKZjK8yeoEOU0dyP0wHxCz9y1
moDHQhCi4lPjpV6HCMqXiyBU4n+ClChACBaA1gmcH04XyoQXWu3rSE/nV2Nx+HCC
acTZ0Uqd1IN6LqfmHC148ygy/lA1J+haeKV0atgV2hztGu9jhWosaSJ4iMTE6M6k
Xmmb9Uue76jdw/SyRuYu2naqSqXARU/qV7fuwPlMY4AG+HZC
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:20 2025 by rpki-client