Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
File: 7802179a-c80f-42f1-a50b-a0af1df078c2.roa (raw, json)
Hash identifier: iYJ06xh7pjBfMdbuZfuHSv00Wve3XGPSjdnrZ++5jYc=
Subject key identifier: 7B:C7:53:08:C9:5B:22:FC:32:35:48:BE:D2:D0:A3:78:42:B5:A5:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 354D6DB5349E423028D4D60448F01BADA6AD037B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
Signing time: Tue 17 Jun 2025 00:41:17 +0000
ROA not before: Tue 17 Jun 2025 00:41:17 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:4d:6d:b5:34:9e:42:30:28:d4:d6:04:48:f0:1b:ad:a6:ad:03:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:41:17 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=0d2c6d5c9d0752af2424b5aa225da24a29334a692781395921bc3ade7eeb204c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:83:0e:c7:65:32:e6:0d:c3:67:8f:6b:0d:75:
cb:d8:3a:81:f5:17:0e:e6:af:ed:5f:bb:57:2e:ac:
6e:f8:37:54:1f:31:17:b0:fb:54:2f:fd:3f:5f:6b:
09:c7:56:3e:a9:f8:6d:71:a0:ec:3e:87:c6:53:ac:
03:b2:21:94:14:58:43:36:ca:f7:89:7c:ab:24:f6:
f8:3f:41:02:e0:d9:40:1a:6a:0d:1d:e3:f1:4f:0f:
c4:a8:6b:31:61:9a:22:94:1d:18:21:6f:1d:80:93:
37:ad:ed:e4:81:23:0b:1f:6b:45:bb:79:1c:5b:00:
92:69:75:90:10:9b:55:0b:20:35:b5:99:8b:39:68:
fb:1e:da:e9:57:27:83:5c:68:c9:5f:14:26:f5:43:
61:9d:de:1b:ff:fb:24:b4:4e:db:45:f5:a8:f6:0d:
39:bf:53:1d:10:50:fc:c2:72:01:2c:01:80:3a:8f:
37:ba:40:38:6d:66:5d:05:f9:64:ef:3a:18:c6:0f:
db:4e:e3:a3:da:23:e7:71:b3:d5:d8:b1:2b:62:3b:
79:c4:20:dc:55:47:07:9f:0f:66:ae:2e:82:eb:b2:
6e:f0:58:ab:fb:7b:e2:2a:62:c5:7b:bb:d4:61:25:
d5:59:e5:f8:81:bd:3e:1c:13:e8:18:a7:61:32:38:
1d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:C7:53:08:C9:5B:22:FC:32:35:48:BE:D2:D0:A3:78:42:B5:A5:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:4000::/40
Signature Algorithm: sha256WithRSAEncryption
5e:a9:86:43:60:3a:71:3e:d1:7a:11:9f:8a:0a:e7:88:4b:c7:
0b:eb:c1:d8:f6:b5:89:1e:c7:eb:33:4a:08:0b:e8:a4:4a:0b:
7f:d2:4e:8b:2c:c1:85:bb:7f:8d:ba:81:33:4c:b5:bd:ab:1c:
22:c3:bd:38:e1:04:73:07:ca:8b:02:7d:74:65:40:04:0c:28:
ba:78:ed:87:da:36:a3:96:90:fb:b5:db:d5:3e:56:f0:59:b4:
c9:15:d6:60:d8:94:9a:a8:64:92:e6:5a:3e:bd:16:88:8e:84:
23:0d:68:7d:9d:a1:ae:05:34:40:3e:6d:b4:00:83:a7:f5:3b:
66:23:be:b8:b2:ab:6f:62:a0:33:e0:a4:e0:d3:f0:6e:c4:35:
24:72:75:24:25:54:4e:9b:04:49:f3:30:84:ea:2a:82:67:27:
a0:4e:91:1f:cd:2b:7c:f8:56:90:a6:a7:6e:8c:d0:05:8c:28:
7f:4e:c8:10:10:49:d3:f3:7d:e5:f8:9b:4b:7d:4b:7c:0f:05:
54:82:98:5e:fd:6a:1d:b4:3d:47:c3:d8:c2:c3:dd:90:1b:28:
c2:36:6c:51:b7:db:5a:69:db:ec:eb:4d:f9:b6:75:1b:79:14:
06:f6:f9:7b:d2:37:6e:49:53:21:47:7a:cc:de:1e:33:f6:f1:
c5:38:74:39
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNU1ttTSeQjAo1NYESPAbraatA3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQxMTdaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkMmM2ZDVjOWQwNzUyYWYyNDI0YjVhYTIyNWRhMjRhMjkzMzRhNjkyNzgx
Mzk1OTIxYmMzYWRlN2VlYjIwNGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCDDsdlMuYNw2ePaw11y9g6gfUXDuav7V+7Vy6sbvg3VB8xF7D7VC/9P19r
CcdWPqn4bXGg7D6HxlOsA7IhlBRYQzbK94l8qyT2+D9BAuDZQBpqDR3j8U8PxKhr
MWGaIpQdGCFvHYCTN63t5IEjCx9rRbt5HFsAkml1kBCbVQsgNbWZizlo+x7a6Vcn
g1xoyV8UJvVDYZ3eG//7JLRO20X1qPYNOb9THRBQ/MJyASwBgDqPN7pAOG1mXQX5
ZO86GMYP207jo9oj53Gz1dixK2I7ecQg3FVHB58PZq4uguuybvBYq/t74ipixXu7
1GEl1Vnl+IG9PhwT6BinYTI4Hc8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR7x1MI
yVsi/DI1SL7S0KN4QrWlmTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzgwMjE3OWEtYzgwZi00MmYxLWE1MGItYTBhZjFkZjA3OGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FlA
MA0GCSqGSIb3DQEBCwUAA4IBAQBeqYZDYDpxPtF6EZ+KCueIS8cL68HY9rWJHsfr
M0oIC+ikSgt/0k6LLMGFu3+NuoEzTLW9qxwiw7044QRzB8qLAn10ZUAEDCi6eO2H
2jajlpD7tdvVPlbwWbTJFdZg2JSaqGSS5lo+vRaIjoQjDWh9naGuBTRAPm20AIOn
9TtmI764sqtvYqAz4KTg0/BuxDUkcnUkJVROmwRJ8zCE6iqCZyegTpEfzSt8+FaQ
pqdujNAFjCh/TsgQEEnT833l+JtLfUt8DwVUgphe/WodtD1Hw9jCw92QGyjCNmxR
t9taadvs6035tnUbeRQG9vl70jduSVMhR3rM3h4z9vHFOHQ5
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:02 2025 by rpki-client