Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa
File: 84b89066-b432-45c3-befb-ffa2b4be3b71.roa (raw, json)
Hash identifier: h8Ul8a+Q52CYRxMR/2mN8VMy60nYDHxLYJiWFye5X6A=
Subject key identifier: DF:45:1D:BD:FA:91:CA:AC:92:AD:0B:F9:E8:59:47:1E:AA:B9:55:D7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 523FAC916CB85E8F63633C8EBC6E9D153728E8DC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa
Signing time: Mon 16 Jun 2025 21:20:09 +0000
ROA not before: Mon 16 Jun 2025 21:20:09 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:3f:ac:91:6c:b8:5e:8f:63:63:3c:8e:bc:6e:9d:15:37:28:e8:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:20:09 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8dda9c689909dd062f8cc409d2a209a5b90aa8e74c775f2e4168610550135228, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:75:d5:5e:8b:1e:26:07:dd:d4:41:fd:c0:64:
01:10:e5:1e:25:a0:9b:f1:2f:27:b0:cc:06:3e:3c:
c1:87:7c:b3:8e:d6:6c:bc:8b:12:a9:4c:6b:f2:24:
3d:6c:7d:fc:5e:79:8d:ed:a3:4b:dc:ad:a9:bb:9b:
b8:f7:80:65:71:af:07:15:fc:42:51:86:86:1c:7b:
ce:5d:f4:91:c6:26:ec:3b:03:74:a4:20:28:5d:10:
4e:60:f1:64:10:2b:17:3c:46:55:16:2b:cc:f2:a0:
af:b9:cb:59:e0:08:b6:19:15:f5:e7:33:ea:8f:a8:
4a:2c:41:fc:67:9b:79:a8:49:b7:20:72:c3:fc:69:
48:1a:fc:27:3d:6e:76:44:a1:09:fd:8e:ce:b9:08:
6b:bb:2d:ef:54:a9:65:29:65:1f:ad:ad:cf:68:b4:
0b:b4:5b:e3:3c:b0:e9:3d:60:c6:f4:4e:c4:5a:44:
09:7d:3a:03:20:c1:65:6f:4a:d2:6f:c9:da:fb:41:
e1:ed:13:ff:5e:4a:33:5f:e3:62:f2:58:01:d3:7a:
9d:2d:6d:89:4e:e3:1e:b8:87:42:62:e8:0b:a5:4e:
16:d6:63:b4:4f:1b:01:66:7b:f5:08:d0:16:96:aa:
43:44:44:4c:79:d5:07:b4:2d:3f:bb:24:f1:28:5e:
1f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:45:1D:BD:FA:91:CA:AC:92:AD:0B:F9:E8:59:47:1E:AA:B9:55:D7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:4000::/40
Signature Algorithm: sha256WithRSAEncryption
9f:99:a2:b7:79:8c:a5:78:ca:31:e4:7c:53:2f:56:e6:1b:78:
f2:56:62:d9:5b:77:6d:11:06:23:f3:4d:60:d9:98:73:3a:cd:
5d:8f:85:5a:7e:aa:e1:13:a2:0e:d7:5b:87:dd:d5:c7:3d:65:
0a:e5:36:89:17:1f:9c:61:46:27:28:7d:c4:c0:bb:2b:9d:3c:
78:8e:74:36:73:11:f1:d3:b1:35:e5:b3:c1:6b:26:1d:76:d7:
47:23:2c:db:64:71:2d:26:57:66:c5:34:de:1f:a6:c9:30:9b:
79:a7:f8:74:cb:57:eb:04:86:ab:ef:fe:2c:dd:b7:70:d7:dd:
96:25:88:0c:1f:3e:19:10:f5:9c:5f:cd:3c:5d:46:64:c4:69:
a7:9a:c8:3e:0a:13:63:80:06:bf:a6:0d:4d:10:56:eb:be:f1:
ee:ca:08:3f:66:a2:d9:c5:ed:d8:b2:b0:94:4d:bf:c1:6d:88:
8b:b5:73:01:93:df:9c:06:1b:18:40:b7:35:17:a0:7c:b3:ba:
68:51:3b:51:d4:ea:b6:e8:ef:d1:0f:bd:c9:38:81:f4:0d:88:
7f:1d:63:4b:24:7c:85:94:7f:a8:d9:80:e7:9d:88:76:2c:de:
2f:25:86:7d:7d:6a:76:21:37:dd:0e:d4:91:cc:c1:5b:1b:90:
55:32:d3:99
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUj+skWy4Xo9jYzyOvG6dFTco6NwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIwMDlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkZGE5YzY4OTkwOWRkMDYyZjhjYzQwOWQyYTIwOWE1YjkwYWE4ZTc0Yzc3
NWYyZTQxNjg2MTA1NTAxMzUyMjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMx11V6LHiYH3dRB/cBkARDlHiWgm/EvJ7DMBj48wYd8s47WbLyLEqlMa/Ik
PWx9/F55je2jS9ytqbubuPeAZXGvBxX8QlGGhhx7zl30kcYm7DsDdKQgKF0QTmDx
ZBArFzxGVRYrzPKgr7nLWeAIthkV9ecz6o+oSixB/GebeahJtyByw/xpSBr8Jz1u
dkShCf2OzrkIa7st71SpZSllH62tz2i0C7Rb4zyw6T1gxvROxFpECX06AyDBZW9K
0m/J2vtB4e0T/15KM1/jYvJYAdN6nS1tiU7jHriHQmLoC6VOFtZjtE8bAWZ79QjQ
FpaqQ0RETHnVB7QtP7sk8SheHwMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTfRR29
+pHKrJKtC/noWUceqrlV1zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODRiODkwNjYtYjQzMi00NWMzLWJlZmItZmZhMmI0YmUzYjcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HhA
MA0GCSqGSIb3DQEBCwUAA4IBAQCfmaK3eYyleMox5HxTL1bmG3jyVmLZW3dtEQYj
801g2ZhzOs1dj4VafqrhE6IO11uH3dXHPWUK5TaJFx+cYUYnKH3EwLsrnTx4jnQ2
cxHx07E15bPBayYddtdHIyzbZHEtJldmxTTeH6bJMJt5p/h0y1frBIar7/4s3bdw
192WJYgMHz4ZEPWcX808XUZkxGmnmsg+ChNjgAa/pg1NEFbrvvHuygg/ZqLZxe3Y
srCUTb/BbYiLtXMBk9+cBhsYQLc1F6B8s7poUTtR1Oq26O/RD73JOIH0DYh/HWNL
JHyFlH+o2YDnnYh2LN4vJYZ9fWp2ITfdDtSRzMFbG5BVMtOZ
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:39 2025 by rpki-client