Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa
File: 87ec9982-c725-40e5-b829-ff0f06d939c8.roa (raw, json)
Hash identifier: mH1UJ4DJ78V80vLjuq/cXTWH5+8CwS95CP91m8qOvVA=
Subject key identifier: 91:AE:C3:AA:39:52:B3:C6:8A:B4:7D:A2:04:BC:64:35:23:E1:10:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03CA6ECA06AA083813BA6B6A9A97B0F3086F9295
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa
Signing time: Mon 16 Jun 2025 21:00:05 +0000
ROA not before: Mon 16 Jun 2025 21:00:05 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:ca:6e:ca:06:aa:08:38:13:ba:6b:6a:9a:97:b0:f3:08:6f:92:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:00:05 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f1173bf3a440b0f6791577ec3e234f3ecedeadd47641b134c6f2146fbc464d15, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bb:e6:bf:76:e6:2e:69:05:d3:b6:1d:2e:95:
b8:47:a2:bc:e3:da:1e:05:ac:44:e6:32:2d:d2:d5:
29:f9:c5:8c:dd:2a:59:31:ef:8b:71:75:68:e2:9c:
7d:d2:c1:27:9b:97:e9:d8:f6:32:26:db:d9:a8:bd:
5c:2f:1b:5e:40:09:7b:28:29:83:c4:6a:0a:58:0c:
38:7d:1e:1a:28:50:66:4c:2e:26:2b:c6:00:e1:37:
db:f1:f6:f2:66:8d:58:ab:98:29:07:1e:81:37:ec:
f9:a6:45:a8:68:f6:c2:3a:4f:14:ed:8e:0a:97:a5:
9f:a7:bb:44:ad:92:31:7a:b5:6a:da:7a:ef:46:03:
f1:97:a8:de:73:a9:2b:34:d7:97:c5:e6:53:2d:90:
a7:5d:c4:f5:6e:16:0d:f0:65:44:5d:64:b5:2c:95:
b3:a1:22:7b:eb:e8:de:be:ec:aa:20:d9:23:5c:24:
02:82:9b:2a:68:c5:62:48:1e:91:d8:6d:11:7a:dd:
07:8c:d3:ae:98:71:59:dd:b9:eb:23:96:89:46:4e:
4b:0c:84:11:66:5e:46:56:59:f0:49:6e:1b:86:e5:
b6:b6:31:e1:fc:4e:fd:ce:c9:78:71:ce:d2:ce:41:
17:0d:23:09:da:37:54:7d:1f:87:70:dc:71:59:23:
9c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:AE:C3:AA:39:52:B3:C6:8A:B4:7D:A2:04:BC:64:35:23:E1:10:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:9000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:f5:b5:8b:04:0b:29:2d:05:aa:08:f6:aa:33:46:67:64:16:
0d:68:c2:95:76:2f:07:f2:d4:f6:b8:ff:82:10:06:76:96:e1:
e2:d8:21:e5:5d:69:c6:db:54:5e:56:47:76:48:59:8e:82:e0:
31:32:63:16:9e:1a:34:ca:ed:69:5f:9b:2c:8f:30:80:ea:26:
25:f5:b3:44:30:27:46:18:b7:0a:99:6a:e6:f3:28:39:54:e1:
d2:09:f2:4b:11:e7:d6:20:82:57:19:d2:10:aa:7e:9a:46:a4:
30:22:2e:d6:7d:06:4e:2c:cc:ff:f1:ce:37:ce:b2:98:11:cc:
da:35:c4:8f:a3:06:e6:6f:29:88:0a:50:ad:22:b2:32:f4:6d:
9f:6f:9b:f6:00:7c:a6:16:91:49:7c:1c:08:cc:4d:f1:a6:ff:
3b:cf:9a:ba:d2:a1:96:d5:09:03:f1:3e:9e:c3:b8:08:80:3d:
5e:9b:d3:90:63:9f:67:98:be:12:b4:cc:ab:7b:20:5b:56:2c:
b0:d0:dc:57:47:1c:22:49:b9:c3:c7:2f:8a:c7:df:66:39:ab:
89:69:0d:38:27:de:93:41:18:d0:06:06:7c:48:40:81:84:67:
db:9d:a8:06:03:db:66:61:52:3c:1a:f3:bf:b5:d7:fb:18:60:
15:d7:42:3b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUA8puygaqCDgTumtqmpew8whvkpUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTAwMDVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxMTczYmYzYTQ0MGIwZjY3OTE1NzdlYzNlMjM0ZjNlY2VkZWFkZDQ3NjQx
YjEzNGM2ZjIxNDZmYmM0NjRkMTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+75r925i5pBdO2HS6VuEeivOPaHgWsROYyLdLVKfnFjN0qWTHvi3F1aOKc
fdLBJ5uX6dj2Mibb2ai9XC8bXkAJeygpg8RqClgMOH0eGihQZkwuJivGAOE32/H2
8maNWKuYKQcegTfs+aZFqGj2wjpPFO2OCpeln6e7RK2SMXq1atp670YD8Zeo3nOp
KzTXl8XmUy2Qp13E9W4WDfBlRF1ktSyVs6Eie+vo3r7sqiDZI1wkAoKbKmjFYkge
kdhtEXrdB4zTrphxWd256yOWiUZOSwyEEWZeRlZZ8EluG4bltrYx4fxO/c7JeHHO
0s5BFw0jCdo3VH0fh3DccVkjnGkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSRrsOq
OVKzxoq0faIEvGQ1I+EQPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODdlYzk5ODItYzcyNS00MGU1LWI4MjktZmYwZjA2ZDkzOWM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FiQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA89bWLBAspLQWqCPaqM0ZnZBYNaMKVdi8H8tT2
uP+CEAZ2luHi2CHlXWnG21ReVkd2SFmOguAxMmMWnho0yu1pX5ssjzCA6iYl9bNE
MCdGGLcKmWrm8yg5VOHSCfJLEefWIIJXGdIQqn6aRqQwIi7WfQZOLMz/8c43zrKY
EczaNcSPowbmbymIClCtIrIy9G2fb5v2AHymFpFJfBwIzE3xpv87z5q60qGW1QkD
8T6ew7gIgD1em9OQY59nmL4StMyreyBbViyw0NxXRxwiSbnDxy+Kx99mOauJaQ04
J96TQRjQBgZ8SECBhGfbnagGA9tmYVI8GvO/tdf7GGAV10I7
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:43 2025 by rpki-client