Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
File: 8615f258-46a8-450c-972c-84b27581bb43.roa (raw, json)
Hash identifier: cdCeMO9tdMimZJzIG+diIO/29q3W5V4tnpt210mrEAE=
Subject key identifier: A8:58:26:D6:DB:4B:CE:D4:8A:EC:69:15:DD:4C:8E:38:2D:55:D2:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C05E7C51EE230B9B245C85330D19C9E1F8993E5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
Signing time: Mon 16 Jun 2025 21:41:39 +0000
ROA not before: Mon 16 Jun 2025 21:41:39 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:05:e7:c5:1e:e2:30:b9:b2:45:c8:53:30:d1:9c:9e:1f:89:93:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:41:39 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=802576a767ab175d17e9277c1340c561963aa54b0b944371b77ae4a55d186aff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1e:b9:e6:ac:90:03:0d:5d:e1:76:37:d5:0a:
f0:12:5b:dd:4a:b2:a5:5c:0a:5f:94:dc:40:a0:99:
03:12:5f:6e:94:9f:b1:ac:07:06:6c:b3:f3:b2:e5:
f5:16:a7:aa:3a:1f:1f:c0:92:be:78:17:e1:15:02:
a8:19:af:1e:13:bb:0e:13:c2:35:fb:10:5c:ad:da:
31:1c:6c:a9:58:3d:23:65:6a:a6:c9:fa:fa:30:bb:
98:9f:f6:2c:d9:d1:ef:e0:cd:6a:30:d3:80:25:a4:
a0:a0:b1:ce:07:7a:63:54:c9:21:4d:77:23:c7:7b:
a9:21:38:03:6f:75:8d:50:76:90:6a:e1:dd:56:f2:
ca:fd:5f:1e:bd:4c:05:ee:36:d6:ff:6f:d1:fd:50:
b5:b3:4f:57:dd:54:6c:02:4d:ad:99:cc:3a:36:10:
de:57:0d:89:03:96:55:4f:63:b4:e9:01:3e:4c:5e:
24:a5:df:ae:c4:1c:b1:43:6e:94:5a:fe:61:d7:03:
19:99:a9:dc:da:01:c3:0b:b7:a2:c9:67:d4:ca:94:
c8:33:ae:39:53:11:ab:7c:9a:56:69:df:96:24:1f:
c9:2c:80:16:8f:37:26:49:8c:16:a8:f4:a5:77:53:
a3:24:c9:26:8e:d5:7f:d9:70:b2:44:b7:1c:87:21:
26:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:58:26:D6:DB:4B:CE:D4:8A:EC:69:15:DD:4C:8E:38:2D:55:D2:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018::/36
Signature Algorithm: sha256WithRSAEncryption
35:fc:15:d3:14:37:0b:ea:80:7b:7a:17:84:b3:3b:f2:83:0a:
1c:1a:90:2f:48:77:c9:eb:0b:55:f6:eb:a9:f8:77:40:9c:f2:
b3:fc:00:63:b1:a2:32:eb:73:5c:24:ca:ec:71:9b:91:bd:31:
bc:86:3e:61:23:76:08:50:bf:3f:33:f7:c3:fb:59:1d:17:09:
fd:87:e0:d6:de:0b:f8:5e:54:1a:f0:20:88:52:5d:81:d2:4e:
e1:cc:3d:f5:0b:e2:f9:49:d2:f2:6f:a6:c7:47:22:18:5e:53:
ce:5b:59:a9:00:e0:cd:6e:7a:0e:e3:21:4f:27:22:69:48:5d:
c0:e8:ce:0b:da:7d:41:ca:b3:5d:eb:07:6c:86:10:8f:2e:2a:
8f:76:16:19:e5:f3:d9:90:68:51:69:bb:c6:cf:7e:7f:54:63:
a8:30:12:ef:16:82:a6:5a:3b:34:57:51:c1:d0:15:b9:68:1b:
0c:8a:ce:db:f0:af:46:42:e8:41:8b:1f:23:43:09:58:75:79:
d0:ae:3f:e7:6a:61:dd:31:11:21:73:6c:80:4c:30:af:e9:43:
da:da:5b:5c:0f:a0:49:72:ba:59:7d:a9:59:5d:ab:b6:3e:17:
12:a1:50:b8:ac:62:01:dc:48:e5:9b:47:7b:eb:ee:3e:99:37:
4b:4f:09:66
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPAXnxR7iMLmyRchTMNGcnh+Jk+UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQxMzlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwMjU3NmE3NjdhYjE3NWQxN2U5Mjc3YzEzNDBjNTYxOTYzYWE1NGIwYjk0
NDM3MWI3N2FlNGE1NWQxODZhZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0eueaskAMNXeF2N9UK8BJb3UqypVwKX5TcQKCZAxJfbpSfsawHBmyz87Ll
9RanqjofH8CSvngX4RUCqBmvHhO7DhPCNfsQXK3aMRxsqVg9I2Vqpsn6+jC7mJ/2
LNnR7+DNajDTgCWkoKCxzgd6Y1TJIU13I8d7qSE4A291jVB2kGrh3Vbyyv1fHr1M
Be421v9v0f1QtbNPV91UbAJNrZnMOjYQ3lcNiQOWVU9jtOkBPkxeJKXfrsQcsUNu
lFr+YdcDGZmp3NoBwwu3osln1MqUyDOuOVMRq3yaVmnfliQfySyAFo83JkmMFqj0
pXdToyTJJo7Vf9lwskS3HIchJp0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSoWCbW
20vO1IrsaRXdTI44LVXSQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODYxNWYyNTgtNDZhOC00NTBjLTk3MmMtODRiMjc1ODFiYjQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BgA
MA0GCSqGSIb3DQEBCwUAA4IBAQA1/BXTFDcL6oB7eheEszvygwocGpAvSHfJ6wtV
9uup+HdAnPKz/ABjsaIy63NcJMrscZuRvTG8hj5hI3YIUL8/M/fD+1kdFwn9h+DW
3gv4XlQa8CCIUl2B0k7hzD31C+L5SdLyb6bHRyIYXlPOW1mpAODNbnoO4yFPJyJp
SF3A6M4L2n1ByrNd6wdshhCPLiqPdhYZ5fPZkGhRabvGz35/VGOoMBLvFoKmWjs0
V1HB0BW5aBsMis7b8K9GQuhBix8jQwlYdXnQrj/namHdMREhc2yATDCv6UPa2ltc
D6BJcrpZfalZXau2PhcSoVC4rGIB3Ejlm0d76+4+mTdLTwlm
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:32:43 2025 by rpki-client