Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
File: 86433272-8233-4231-82ff-92246d0a41a5.roa (raw, json)
Hash identifier: U/AHkccEur9WC8LReDNiLSg2TMQsZS+vPgSPrNU371s=
Subject key identifier: 3E:A7:6C:18:30:4D:89:CE:0A:7C:C0:52:BE:DA:11:C4:AC:6B:A5:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E62C6DEE20B131D1632B6B6404F9D8B3AF165E3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
Signing time: Mon 16 Jun 2025 20:11:38 +0000
ROA not before: Mon 16 Jun 2025 20:11:38 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:62:c6:de:e2:0b:13:1d:16:32:b6:b6:40:4f:9d:8b:3a:f1:65:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:11:38 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=ffc2daef526ab0b0f60d263ca3838c77449cf598383409b459f527aba88e6f30, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7a:41:cc:cb:90:fc:75:6a:7f:a1:1d:0f:2c:
66:17:95:fe:b2:8a:65:ea:97:ea:62:20:1b:90:89:
5a:2b:b5:45:bd:e9:dd:e0:e6:ec:af:3c:16:62:48:
56:96:be:88:d0:43:ab:2b:34:92:ba:89:be:43:df:
d6:0b:88:02:ed:1a:9a:00:48:b5:71:fd:63:7a:60:
6c:5e:b7:38:30:fa:af:2e:ca:ba:6b:ce:9d:4a:81:
99:91:78:60:60:66:66:e1:64:13:24:8e:53:25:51:
89:9e:ca:3a:1f:64:cf:75:9a:4e:42:6e:c3:60:0c:
48:4e:e3:6b:84:db:61:71:cd:48:bb:e0:3a:da:da:
71:aa:98:45:f0:9a:b5:2e:48:e3:e9:9e:c7:ba:28:
d0:1b:9f:d6:34:ec:ce:c3:d1:25:f5:d5:31:17:a9:
45:18:6a:80:71:85:e3:85:d3:ec:f1:8a:17:94:bf:
df:c1:2c:92:8c:d5:58:16:8b:e4:36:f0:81:b8:87:
57:98:10:da:55:af:9b:49:1b:12:8d:8c:5b:c3:be:
f7:be:11:e9:8d:be:bd:96:b2:5a:45:d2:18:e4:11:
46:4d:11:59:3a:3d:0c:3b:34:26:e8:af:99:5b:fe:
34:ab:65:8b:5f:1f:e6:3c:71:a1:20:b7:0c:30:60:
d2:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A7:6C:18:30:4D:89:CE:0A:7C:C0:52:BE:DA:11:C4:AC:6B:A5:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
0e:ab:87:69:76:4a:dc:fc:8e:1c:f4:60:5c:35:2e:6f:a5:50:
9c:e6:4d:60:e6:b1:34:97:df:28:d3:ef:7c:c7:d3:ec:a3:35:
a7:40:3b:80:e0:42:3b:71:48:7b:32:fd:eb:4d:59:3a:c5:6d:
48:2c:be:3e:d6:8d:95:1e:c8:02:ff:39:77:b0:62:3f:06:de:
70:b5:71:f7:7b:75:60:2d:18:12:c4:ff:ab:78:09:6b:6e:7b:
65:aa:b6:6d:dc:68:32:fd:ad:04:50:78:4e:2f:02:7e:a1:4c:
98:c7:41:7c:95:e3:c4:21:6b:b9:b7:70:7a:53:7f:d5:57:fa:
71:b8:68:4f:f6:c9:61:53:6c:b2:49:61:df:51:27:f0:aa:59:
40:e2:b6:a3:35:a0:3f:7b:e6:32:ba:34:f7:75:25:cc:1b:27:
a7:e9:e8:59:c7:ca:32:2f:f6:10:ff:89:4c:d4:0f:a7:7d:e9:
8a:0e:5d:ca:cc:1a:5d:5c:45:2f:fb:e5:5e:9d:6f:96:55:99:
c0:ca:b3:d7:5e:71:92:49:b9:97:d2:44:ee:bc:b9:07:07:6f:
3b:67:2b:1e:b6:ed:86:34:23:81:88:76:92:a8:99:de:c2:33:
06:41:5b:50:68:6c:fd:3c:cc:02:5c:86:2d:b4:77:83:30:c7:
af:1a:27:6a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHmLG3uILEx0WMra2QE+dizrxZeMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDExMzhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmYzJkYWVmNTI2YWIwYjBmNjBkMjYzY2EzODM4Yzc3NDQ5Y2Y1OTgzODM0
MDliNDU5ZjUyN2FiYTg4ZTZmMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJB6QczLkPx1an+hHQ8sZheV/rKKZeqX6mIgG5CJWiu1Rb3p3eDm7K88FmJI
Vpa+iNBDqys0krqJvkPf1guIAu0amgBItXH9Y3pgbF63ODD6ry7KumvOnUqBmZF4
YGBmZuFkEySOUyVRiZ7KOh9kz3WaTkJuw2AMSE7ja4TbYXHNSLvgOtracaqYRfCa
tS5I4+mex7oo0Buf1jTszsPRJfXVMRepRRhqgHGF44XT7PGKF5S/38EskozVWBaL
5DbwgbiHV5gQ2lWvm0kbEo2MW8O+974R6Y2+vZayWkXSGOQRRk0RWTo9DDs0Juiv
mVv+NKtli18f5jxxoSC3DDBg0v8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ+p2wY
ME2Jzgp8wFK+2hHErGulPzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODY0MzMyNzItODIzMy00MjMxLTgyZmYtOTIyNDZkMGE0MWE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
wDANBgkqhkiG9w0BAQsFAAOCAQEADquHaXZK3PyOHPRgXDUub6VQnOZNYOaxNJff
KNPvfMfT7KM1p0A7gOBCO3FIezL9601ZOsVtSCy+PtaNlR7IAv85d7BiPwbecLVx
93t1YC0YEsT/q3gJa257Zaq2bdxoMv2tBFB4Ti8CfqFMmMdBfJXjxCFrubdwelN/
1Vf6cbhoT/bJYVNssklh31En8KpZQOK2ozWgP3vmMro093UlzBsnp+noWcfKMi/2
EP+JTNQPp33pig5dyswaXVxFL/vlXp1vllWZwMqz115xkkm5l9JE7ry5BwdvO2cr
HrbthjQjgYh2kqiZ3sIzBkFbUGhs/TzMAlyGLbR3gzDHrxonag==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:19:41 2025 by rpki-client