Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa
File: 868cbba8-4804-4fbd-b9b8-7e9402c44956.roa (raw, json)
Hash identifier: lLSoEpVpmgYkZeil/jFHaRoau4RGKnm9QifxKUF6Rjk=
Subject key identifier: D0:97:41:6C:36:D9:1E:34:7C:A4:28:66:4B:F1:25:98:A7:19:93:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1382BC5F42A314242FABE8F161D38D008E42C238
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa
Signing time: Tue 17 Jun 2025 00:41:14 +0000
ROA not before: Tue 17 Jun 2025 00:41:14 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:82:bc:5f:42:a3:14:24:2f:ab:e8:f1:61:d3:8d:00:8e:42:c2:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:41:14 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=523c9d935b392da2c3d1dabcbf8e7fb78fadf299bb81b8db9802cda770d18273, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:41:bf:df:b3:41:c4:da:59:01:06:a4:d9:a8:
2c:c8:2a:09:43:91:85:75:c3:eb:b7:8c:82:17:9f:
91:22:73:ed:b2:89:43:e7:f1:5b:09:48:d2:79:13:
14:5d:11:6a:c5:5e:5e:0f:f4:d4:45:71:d8:96:1c:
f8:00:eb:83:01:49:0f:ba:0b:51:95:8b:1a:5c:fa:
84:23:36:76:3e:b5:ce:55:29:85:d1:9d:b0:97:9a:
39:7d:85:46:79:fc:13:9a:33:8e:cc:ab:b1:04:f1:
ee:6b:40:96:a1:cc:31:ad:db:5b:d8:8f:f9:9a:51:
95:a9:8e:a9:93:13:0b:c6:1f:68:06:a6:27:ce:8d:
7d:25:f1:78:b0:63:3b:0a:bd:b7:cf:17:64:77:7e:
6a:7a:ab:5b:fe:5d:70:ed:88:5e:07:97:9a:25:20:
dc:f6:a3:f3:f7:6d:0d:43:f0:ef:6e:00:87:20:0a:
0b:0f:87:b4:b5:da:f7:63:65:1a:a3:c7:fc:34:74:
ee:bd:67:19:f8:8f:bf:f7:6c:58:b0:2b:aa:05:f1:
a3:f5:b0:a4:fa:9a:45:b7:c6:7e:40:3e:2c:39:e9:
9a:32:50:e4:6e:ef:f4:b8:30:b2:23:af:1b:dc:52:
95:ee:39:8b:6c:96:f9:3b:30:92:57:07:eb:70:79:
26:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:97:41:6C:36:D9:1E:34:7C:A4:28:66:4B:F1:25:98:A7:19:93:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:9000::/40
Signature Algorithm: sha256WithRSAEncryption
21:6c:a3:64:e5:7f:b9:3e:84:f5:21:51:1b:8a:5e:f8:52:a9:
7e:79:70:00:a7:d0:a6:80:27:e6:46:88:8c:8f:5d:35:75:87:
1f:11:bc:24:75:57:e4:7d:11:28:24:54:10:61:20:60:d1:18:
cc:8a:f5:1f:0e:31:77:8b:e7:07:55:3b:fb:53:04:a2:e3:d2:
6c:2e:c5:ab:cc:aa:8e:b5:39:5a:d0:a7:e2:51:39:b6:af:4a:
2b:05:a7:a9:06:33:46:c0:f2:4a:0b:eb:81:7b:f4:76:cb:10:
f9:e7:a7:73:c2:73:49:8c:5d:3c:63:fe:ef:b9:e1:27:e2:a5:
5c:f2:1e:d1:47:8a:15:07:f7:51:a5:66:fc:bc:bf:83:80:ce:
a8:51:f6:5d:23:19:eb:0b:ad:4d:ed:b4:16:8c:11:90:2f:75:
6c:ca:6d:25:f6:a7:40:62:c0:57:81:6c:ff:ac:dd:73:59:76:
23:f2:b3:b3:7e:b2:13:8f:51:e4:2b:19:51:ab:52:c6:f0:6a:
c2:10:30:44:97:ec:bd:58:b2:30:e2:d6:0d:ad:55:e5:c4:5a:
d5:1e:e5:c2:7f:b3:b6:c7:e6:ed:2a:7a:31:bb:05:36:f7:25:
30:62:db:62:23:ff:92:69:7f:9b:8f:1d:07:b5:bd:0f:4a:d4:
15:c0:e4:e1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE4K8X0KjFCQvq+jxYdONAI5CwjgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQxMTRaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyM2M5ZDkzNWIzOTJkYTJjM2QxZGFiY2JmOGU3ZmI3OGZhZGYyOTliYjgx
YjhkYjk4MDJjZGE3NzBkMTgyNzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5Bv9+zQcTaWQEGpNmoLMgqCUORhXXD67eMghefkSJz7bKJQ+fxWwlI0nkT
FF0RasVeXg/01EVx2JYc+ADrgwFJD7oLUZWLGlz6hCM2dj61zlUphdGdsJeaOX2F
Rnn8E5ozjsyrsQTx7mtAlqHMMa3bW9iP+ZpRlamOqZMTC8YfaAamJ86NfSXxeLBj
Owq9t88XZHd+anqrW/5dcO2IXgeXmiUg3Paj8/dtDUPw724AhyAKCw+HtLXa92Nl
GqPH/DR07r1nGfiPv/dsWLArqgXxo/WwpPqaRbfGfkA+LDnpmjJQ5G7v9LgwsiOv
G9xSle45i2yW+TswklcH63B5Jn8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTQl0Fs
NtkeNHykKGZL8SWYpxmTKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODY4Y2JiYTgtNDgwNC00ZmJkLWI5YjgtN2U5NDAyYzQ0OTU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAhbKNk5X+5PoT1IVEbil74Uql+eXAAp9CmgCfm
RoiMj101dYcfEbwkdVfkfREoJFQQYSBg0RjMivUfDjF3i+cHVTv7UwSi49JsLsWr
zKqOtTla0KfiUTm2r0orBaepBjNGwPJKC+uBe/R2yxD556dzwnNJjF08Y/7vueEn
4qVc8h7RR4oVB/dRpWb8vL+DgM6oUfZdIxnrC61N7bQWjBGQL3Vsym0l9qdAYsBX
gWz/rN1zWXYj8rOzfrITj1HkKxlRq1LG8GrCEDBEl+y9WLIw4tYNrVXlxFrVHuXC
f7O2x+btKnoxuwU29yUwYttiI/+SaX+bjx0Htb0PStQVwOTh
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:56:41 2025 by rpki-client