Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
File: 8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa (raw, json)
Hash identifier: sxn0AQ/UHhuXTV57pa6A3RtgF3ICvOftk57D22GR/WQ=
Subject key identifier: C4:9C:5D:D6:70:0E:0C:A8:31:E9:2A:44:56:6A:F1:EC:FD:32:DA:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 02D997B05BFB1FF86690B8E29EAC0B0012B8C78E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
Signing time: Mon 16 Jun 2025 21:50:08 +0000
ROA not before: Mon 16 Jun 2025 21:50:08 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d028::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:d9:97:b0:5b:fb:1f:f8:66:90:b8:e2:9e:ac:0b:00:12:b8:c7:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:50:08 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=3f8733d415196ed47d020fd73888b4348fb66a7de40cc961a3cabc8ed6323f3e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:31:fe:cc:69:50:fc:ec:0e:1a:e0:a9:b0:2f:
f7:d1:82:3f:2c:3d:bf:94:f7:72:7a:f7:48:0e:00:
7b:1d:9f:25:1f:9f:84:96:37:29:97:23:6b:1c:1b:
1d:f1:51:ab:5b:fa:5e:7c:8e:c1:d8:ad:89:47:bb:
5b:a4:21:00:3c:8c:de:87:b3:f6:65:36:7d:78:fe:
15:4d:a2:72:8d:45:43:0f:f5:d2:85:e1:42:8c:a6:
14:5e:52:5b:9c:c3:73:38:94:c6:28:04:af:0a:ed:
42:c6:80:c4:d3:bc:cd:29:d7:23:3f:32:84:78:90:
0e:29:54:3f:6e:3c:23:5f:40:3f:60:4b:4f:3d:54:
ba:13:85:3f:41:e5:44:f6:b3:30:ca:d4:03:ef:fa:
d4:ec:35:a4:0c:09:52:c0:d1:4c:1c:6b:f9:f8:30:
a7:f5:a0:4a:e6:d2:f1:2e:6e:ca:3d:bf:df:94:1a:
9c:c3:1f:ff:b4:b9:cf:3f:ef:9a:09:b5:c4:be:10:
f8:c9:ab:79:a5:d6:c5:f6:be:33:f0:05:75:d7:88:
92:a5:d4:b8:95:77:7f:3b:42:9f:99:a2:55:9c:b8:
a7:0b:e7:be:51:d4:bf:f8:33:03:6c:0f:a8:72:c8:
82:6d:27:f6:16:7b:f6:41:a4:60:7c:eb:0a:03:1c:
24:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:9C:5D:D6:70:0E:0C:A8:31:E9:2A:44:56:6A:F1:EC:FD:32:DA:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d028::/36
Signature Algorithm: sha256WithRSAEncryption
76:6f:b0:b6:20:08:08:e2:f0:51:f1:51:f9:ea:9a:e5:e1:93:
6e:92:a8:43:54:06:3a:fd:fb:3b:d6:cc:87:eb:d2:b4:25:84:
62:6d:a8:33:dd:f0:c4:da:fa:b2:ef:d1:d0:87:68:78:3b:54:
7a:2f:80:27:f4:11:47:57:9e:62:a1:25:37:80:4a:a0:51:19:
5e:de:a2:9e:dd:f5:6e:78:b5:09:2d:c2:c5:23:42:e1:bd:46:
df:ef:c2:f8:b6:a2:e4:36:9a:9a:fd:a1:4f:e0:e7:a5:b7:8f:
6c:11:bb:80:13:34:62:3a:c2:73:78:5c:d9:31:2e:2c:11:7b:
f4:15:9b:dc:f8:2d:78:02:dd:2e:3b:70:12:e3:3d:e1:e3:70:
39:09:a6:83:05:c4:8d:86:d4:04:7b:1d:9d:5f:bd:81:74:0a:
06:6c:98:ff:a5:54:f2:e6:b5:41:20:af:40:e0:1e:95:bc:3a:
fa:11:11:18:0c:6a:dd:3c:59:9f:bd:69:7b:b2:f6:19:7a:e0:
84:2b:8b:21:36:a7:42:e0:8f:ec:9c:52:57:0f:27:fa:bf:05:
06:da:48:f7:04:99:87:72:ca:ef:74:4b:4d:0b:a8:f2:7f:55:
30:ee:69:40:4c:ae:ac:13:4e:b2:40:a1:a0:09:43:a7:5f:8b:
95:bc:0f:31
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAtmXsFv7H/hmkLjinqwLABK4x44wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTUwMDhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmODczM2Q0MTUxOTZlZDQ3ZDAyMGZkNzM4ODhiNDM0OGZiNjZhN2RlNDBj
Yzk2MWEzY2FiYzhlZDYzMjNmM2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANsx/sxpUPzsDhrgqbAv99GCPyw9v5T3cnr3SA4Aex2fJR+fhJY3KZcjaxwb
HfFRq1v6XnyOwditiUe7W6QhADyM3oez9mU2fXj+FU2ico1FQw/10oXhQoymFF5S
W5zDcziUxigErwrtQsaAxNO8zSnXIz8yhHiQDilUP248I19AP2BLTz1UuhOFP0Hl
RPazMMrUA+/61Ow1pAwJUsDRTBxr+fgwp/WgSubS8S5uyj2/35QanMMf/7S5zz/v
mgm1xL4Q+MmreaXWxfa+M/AFddeIkqXUuJV3fztCn5miVZy4pwvnvlHUv/gzA2wP
qHLIgm0n9hZ79kGkYHzrCgMcJPUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTEnF3W
cA4MqDHpKkRWavHs/TLaUDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODAxNWZkYzQtZTc5ZC00NDAwLWE3ODYtYzcwYWIzZjEwZDJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CgA
MA0GCSqGSIb3DQEBCwUAA4IBAQB2b7C2IAgI4vBR8VH56prl4ZNukqhDVAY6/fs7
1syH69K0JYRibagz3fDE2vqy79HQh2h4O1R6L4An9BFHV55ioSU3gEqgURle3qKe
3fVueLUJLcLFI0LhvUbf78L4tqLkNpqa/aFP4Oelt49sEbuAEzRiOsJzeFzZMS4s
EXv0FZvc+C14At0uO3AS4z3h43A5CaaDBcSNhtQEex2dX72BdAoGbJj/pVTy5rVB
IK9A4B6VvDr6EREYDGrdPFmfvWl7svYZeuCEK4shNqdC4I/snFJXDyf6vwUG2kj3
BJmHcsrvdEtNC6jyf1Uw7mlATK6sE06yQKGgCUOnX4uVvA8x
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:27 2025 by rpki-client