Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82612ca1-cd90-4772-9e6c-3237a9225105.roa
File: 82612ca1-cd90-4772-9e6c-3237a9225105.roa (raw, json)
Hash identifier: 4XzdAt6/QdzwIBjLcN5E1+J11n271v7pvfhpsM8Hnyw=
Subject key identifier: F0:2F:2F:03:20:A1:60:08:A6:45:71:74:26:F3:90:94:13:31:18:A3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 601BD16480551658F5A9ADBE7FC36475380F5862
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82612ca1-cd90-4772-9e6c-3237a9225105.roa
Signing time: Mon 16 Jun 2025 20:51:04 +0000
ROA not before: Mon 16 Jun 2025 20:51:04 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:1b:d1:64:80:55:16:58:f5:a9:ad:be:7f:c3:64:75:38:0f:58:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:51:04 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=11a31d3ea31425d86bbf45c38e5b02ec47a0fe2717aed2ed3a653a0c51edcf53, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:9b:1d:5f:2d:01:5c:49:ae:87:f8:dc:1e:1b:
4d:32:24:b7:3e:3b:fb:79:01:20:90:5b:8b:3a:6b:
ad:9a:77:84:92:ae:1d:b1:c6:11:03:fc:62:a9:2e:
a2:82:cc:bf:95:3e:9c:a1:b2:99:27:61:d5:24:41:
2f:8d:79:79:57:21:18:27:f2:6f:d2:a9:77:d3:cb:
3c:5e:6a:f1:8e:c9:de:ae:3e:52:12:5d:19:ab:73:
a3:99:a7:f6:2e:10:6d:e8:cb:de:67:2b:3c:7c:d2:
63:76:92:69:0a:14:d7:3d:02:65:3f:6b:7d:07:f9:
c0:54:42:4b:cb:72:bd:e7:e0:c7:31:84:8a:40:9b:
56:ac:b4:68:8e:3d:05:c4:d0:23:02:52:a1:49:43:
1a:b6:39:c9:ef:8c:3d:d5:7d:65:c4:7c:77:44:47:
61:9b:4e:6e:94:06:07:86:dc:7f:15:0e:3a:a9:88:
d6:1a:fe:ff:1a:de:1a:25:d0:ab:28:00:0d:74:4a:
28:c8:96:f3:38:ba:e5:48:a4:5b:61:90:c0:8d:b5:
8c:36:da:3b:20:64:48:28:f8:41:0f:21:be:06:0a:
ee:33:d3:fb:dc:02:94:ac:ca:8b:d0:58:76:2d:2e:
67:2e:54:38:2f:c6:ef:df:a6:ad:9b:96:8c:f4:aa:
e2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:2F:2F:03:20:A1:60:08:A6:45:71:74:26:F3:90:94:13:31:18:A3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82612ca1-cd90-4772-9e6c-3237a9225105.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:4000::/40
Signature Algorithm: sha256WithRSAEncryption
31:f8:54:6f:31:ea:f7:42:6d:da:5c:ab:f8:86:38:8d:d2:70:
4a:44:22:1b:33:b4:6f:87:02:69:97:bb:b3:f1:a0:a9:95:8d:
86:f7:a9:42:f0:73:b0:a4:1d:a0:3f:f7:01:27:21:09:00:f5:
2a:33:96:ec:bc:81:a6:d8:f3:35:ad:d3:ad:c3:ca:0e:ea:ec:
63:30:79:cf:51:d3:0c:a7:13:67:d0:e5:8f:b6:ad:1a:90:4e:
d2:fd:b9:3b:d1:87:44:41:01:5f:73:6b:da:17:8e:86:f4:7e:
af:7e:29:1b:20:86:ee:c0:fb:90:d2:b9:0b:bd:00:91:3d:49:
9d:06:de:60:5d:52:b7:99:13:97:5d:d9:4e:4d:1a:40:d1:14:
80:51:e9:38:7c:39:55:b4:f6:04:25:c0:b2:4f:8e:0b:4b:c9:
76:1b:ea:8f:4d:6b:ca:da:e3:2d:ca:47:9e:0f:94:da:0c:8b:
78:ed:87:cd:a5:73:a2:f6:fd:fa:eb:4f:91:17:26:1d:58:da:
0f:28:85:42:9e:88:82:af:b4:ad:89:6e:94:aa:cd:bb:72:ec:
a4:3e:f7:dd:f9:1d:1c:a0:1d:69:95:b0:1c:96:40:9c:3f:f6:
b5:5c:86:d3:3a:ae:6b:73:73:76:f9:a1:5a:d3:85:4c:fb:11:
df:bb:23:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYBvRZIBVFlj1qa2+f8NkdTgPWGIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDUxMDRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDExYTMxZDNlYTMxNDI1ZDg2YmJmNDVjMzhlNWIwMmVjNDdhMGZlMjcxN2Fl
ZDJlZDNhNjUzYTBjNTFlZGNmNTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOebHV8tAVxJrof43B4bTTIktz47+3kBIJBbizprrZp3hJKuHbHGEQP8Yqku
ooLMv5U+nKGymSdh1SRBL415eVchGCfyb9Kpd9PLPF5q8Y7J3q4+UhJdGatzo5mn
9i4QbejL3mcrPHzSY3aSaQoU1z0CZT9rfQf5wFRCS8tyvefgxzGEikCbVqy0aI49
BcTQIwJSoUlDGrY5ye+MPdV9ZcR8d0RHYZtObpQGB4bcfxUOOqmI1hr+/xreGiXQ
qygADXRKKMiW8zi65UikW2GQwI21jDbaOyBkSCj4QQ8hvgYK7jPT+9wClKzKi9BY
di0uZy5UOC/G79+mrZuWjPSq4gkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTwLy8D
IKFgCKZFcXQm85CUEzEYozAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODI2MTJjYTEtY2Q5MC00NzcyLTllNmMtMzIzN2E5MjI1MTA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVA
MA0GCSqGSIb3DQEBCwUAA4IBAQAx+FRvMer3Qm3aXKv4hjiN0nBKRCIbM7RvhwJp
l7uz8aCplY2G96lC8HOwpB2gP/cBJyEJAPUqM5bsvIGm2PM1rdOtw8oO6uxjMHnP
UdMMpxNn0OWPtq0akE7S/bk70YdEQQFfc2vaF46G9H6vfikbIIbuwPuQ0rkLvQCR
PUmdBt5gXVK3mROXXdlOTRpA0RSAUek4fDlVtPYEJcCyT44LS8l2G+qPTWvK2uMt
ykeeD5TaDIt47YfNpXOi9v3660+RFyYdWNoPKIVCnoiCr7StiW6Uqs27cuykPvfd
+R0coB1plbAclkCcP/a1XIbTOq5rc3N2+aFa04VM+xHfuyMD
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:33:13 2025 by rpki-client