Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
File: 7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa (raw, json)
Hash identifier: 1PSIcdO6rSb3zYYMoCuoc1F+s375R5HeVKiFqlutypQ=
Subject key identifier: 0E:49:4C:F6:D0:AC:34:D1:E6:91:AD:00:05:CA:B5:4B:EA:9D:C2:96
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5252219740783A242636E6498FC787949DAC1CB6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
Signing time: Tue 17 Jun 2025 00:41:07 +0000
ROA not before: Tue 17 Jun 2025 00:41:07 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:52:21:97:40:78:3a:24:26:36:e6:49:8f:c7:87:94:9d:ac:1c:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:41:07 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=a23a7651f73f452f57b0453e132abe15547e7be221d9fa61558f48eeeb97856d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f2:71:08:67:f9:f2:b2:6a:40:9f:20:be:5e:
cc:8f:ab:1c:61:e6:d2:0c:a2:3d:c9:12:6f:3b:40:
d2:84:fb:0f:93:d9:dd:c7:0e:da:b5:94:a1:23:f5:
a7:7c:1c:1d:ec:12:d4:a9:2a:99:dc:fa:7d:78:80:
94:b9:aa:2c:ac:01:a5:62:bd:73:0f:5f:9b:f8:e8:
b6:52:4d:0e:cf:d0:d4:bc:6d:ed:83:61:41:13:30:
07:12:90:20:ea:27:e4:af:d7:65:2f:f7:bc:5f:4b:
4b:ac:2f:4b:c6:ba:23:b4:ee:66:ce:ad:22:63:6d:
45:ce:2a:07:90:eb:ae:6a:9e:ee:fd:13:bc:30:16:
10:fc:70:91:15:11:17:8d:39:f2:30:2d:44:f4:64:
9f:a0:f3:46:f3:b0:7c:42:0d:a3:b3:28:9b:52:14:
a7:a1:17:85:b8:6d:17:7d:a8:39:d8:63:d7:04:be:
ff:97:88:01:81:83:6f:7a:aa:99:91:5e:1c:e7:a4:
10:2d:99:43:1d:18:73:f8:7a:0f:7f:af:a9:35:68:
97:b6:a3:6f:3e:64:91:cc:e4:1e:65:0b:88:0f:96:
36:a5:e2:67:92:2c:88:be:b8:2a:76:38:69:74:92:
22:d2:d9:ef:5c:12:d8:e6:54:8e:ce:f3:72:62:3f:
8e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:49:4C:F6:D0:AC:34:D1:E6:91:AD:00:05:CA:B5:4B:EA:9D:C2:96
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:e000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:02:0e:c2:11:fa:e8:3e:77:a6:3b:50:be:b5:80:cb:d8:1d:
fd:b9:87:32:f5:2a:5b:26:4a:84:08:01:72:88:0c:f5:ca:96:
6f:4c:4d:91:eb:2f:16:ce:b6:63:4c:d2:b1:3c:22:6f:e8:c9:
88:aa:fb:f2:df:6c:52:1f:b9:26:e8:a0:52:58:8a:7a:9b:dd:
6d:56:24:6d:cf:e2:fd:e8:89:af:e3:31:8e:1a:3a:dc:50:41:
64:61:d9:9d:a3:a4:0f:e7:85:e8:1b:51:fb:af:d1:bf:8b:f2:
e0:15:9d:d2:46:eb:95:ab:42:dc:9c:29:c9:f9:60:3e:f1:a5:
30:0b:6e:5f:9d:94:28:8f:33:7c:91:f5:bb:c0:8e:75:45:4b:
a8:a8:81:2e:ce:92:a3:3f:74:e9:cb:6d:34:61:c8:6c:99:75:
a7:e2:bd:52:a3:38:ea:db:f4:94:b4:ff:15:30:ab:83:65:4e:
98:bf:02:b1:b9:32:b3:4d:4d:b5:d4:14:d8:f2:9b:0b:79:79:
69:fc:95:b6:15:88:13:0c:98:ca:f4:e4:87:4e:e9:a6:d4:f5:
3b:19:46:91:68:14:87:28:43:8c:d8:d0:b0:23:78:38:5b:1d:
a6:27:ff:7f:30:84:5a:f8:73:8f:92:09:2a:69:f8:d2:c4:e6:
6c:14:83:c2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUlIhl0B4OiQmNuZJj8eHlJ2sHLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQxMDdaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyM2E3NjUxZjczZjQ1MmY1N2IwNDUzZTEzMmFiZTE1NTQ3ZTdiZTIyMWQ5
ZmE2MTU1OGY0OGVlZWI5Nzg1NmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTycQhn+fKyakCfIL5ezI+rHGHm0gyiPckSbztA0oT7D5PZ3ccO2rWUoSP1
p3wcHewS1Kkqmdz6fXiAlLmqLKwBpWK9cw9fm/jotlJNDs/Q1Lxt7YNhQRMwBxKQ
IOon5K/XZS/3vF9LS6wvS8a6I7TuZs6tImNtRc4qB5Drrmqe7v0TvDAWEPxwkRUR
F4058jAtRPRkn6DzRvOwfEINo7Mom1IUp6EXhbhtF32oOdhj1wS+/5eIAYGDb3qq
mZFeHOekEC2ZQx0Yc/h6D3+vqTVol7ajbz5kkczkHmULiA+WNqXiZ5IsiL64KnY4
aXSSItLZ71wS2OZUjs7zcmI/jvUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQOSUz2
0Kw00eaRrQAFyrVL6p3CljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2EyMjE1ZTctNWVlMi00MjBiLThmOTgtNWUwZmFlZjRjYmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Djg
MA0GCSqGSIb3DQEBCwUAA4IBAQA8Ag7CEfroPnemO1C+tYDL2B39uYcy9SpbJkqE
CAFyiAz1ypZvTE2R6y8WzrZjTNKxPCJv6MmIqvvy32xSH7km6KBSWIp6m91tViRt
z+L96Imv4zGOGjrcUEFkYdmdo6QP54XoG1H7r9G/i/LgFZ3SRuuVq0LcnCnJ+WA+
8aUwC25fnZQojzN8kfW7wI51RUuoqIEuzpKjP3Tpy200YchsmXWn4r1Sozjq2/SU
tP8VMKuDZU6YvwKxuTKzTU211BTY8psLeXlp/JW2FYgTDJjK9OSHTumm1PU7GUaR
aBSHKEOM2NCwI3g4Wx2mJ/9/MIRa+HOPkgkqafjSxOZsFIPC
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:56:49 2025 by rpki-client