Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/880d0334-daaa-445a-9c06-7402ba023a86.roa
File: 880d0334-daaa-445a-9c06-7402ba023a86.roa (raw, json)
Hash identifier: XMtpZZSTqKGmUz0SL6WddYgGvdLR6r01suQqifjMq3w=
Subject key identifier: 60:FC:51:50:8B:4A:7B:03:91:48:A5:27:B2:78:44:28:8A:ED:BD:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F3E958AB39A6EFC02E450BD26F14582866A3988
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/880d0334-daaa-445a-9c06-7402ba023a86.roa
Signing time: Thu 26 Jun 2025 19:37:15 +0000
ROA not before: Thu 26 Jun 2025 19:37:15 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:6040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:3e:95:8a:b3:9a:6e:fc:02:e4:50:bd:26:f1:45:82:86:6a:39:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:37:15 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=363786cbb3f1d92592a6f31374ebf4194b55309510c5131c4562abd809230449, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ce:06:7f:d8:84:42:a9:b2:5a:55:5d:c2:41:
2c:b1:d0:25:92:3b:da:5d:14:55:b5:7e:d6:b6:62:
45:30:15:b4:6c:73:d2:ee:6c:00:0a:22:65:1a:dd:
ac:ef:ef:7c:2c:a9:d5:0c:ac:aa:35:9b:c9:72:0f:
21:48:55:77:7d:28:c0:56:34:8d:93:ff:3a:1d:54:
2e:a9:37:cc:8f:27:8d:a3:7c:67:1b:66:5d:ce:ee:
50:77:7c:39:89:b3:25:6b:ca:14:18:81:8d:d3:90:
12:3d:07:26:b6:bd:41:5c:f6:9f:2b:2e:85:a2:ab:
ef:f8:2b:29:9e:7d:c1:2d:4a:6d:53:1e:19:56:bd:
98:4b:95:bd:fa:82:c9:00:44:37:2d:d4:14:1b:3b:
3c:ba:19:03:a0:cf:3f:10:e9:4f:a9:df:1b:c1:c1:
36:79:28:47:2b:07:d4:3d:65:06:ee:48:c2:69:82:
99:53:6c:9a:3a:94:05:a6:a8:aa:9e:ce:9a:85:99:
9c:06:d2:46:27:a5:be:14:fa:bb:18:11:69:e5:02:
f3:87:8e:5a:30:e6:b7:30:d6:c2:10:db:73:42:cd:
8b:7a:3a:8c:fc:0b:b9:77:19:2e:52:16:66:c3:b1:
1f:e6:23:b5:5a:93:bb:b1:df:e5:65:59:bf:ca:e2:
7d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:FC:51:50:8B:4A:7B:03:91:48:A5:27:B2:78:44:28:8A:ED:BD:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/880d0334-daaa-445a-9c06-7402ba023a86.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:6040::/46
Signature Algorithm: sha256WithRSAEncryption
ca:35:32:2d:cb:b8:b7:c4:5e:29:4f:5a:6e:a5:65:08:62:13:
9a:10:d5:77:e0:ba:be:8b:48:4c:09:a3:cf:41:2e:46:48:94:
fa:6e:9d:82:ca:ba:07:b3:44:c9:15:7b:aa:11:5b:b2:0a:b9:
66:b9:5e:5e:fd:1a:c5:92:d2:38:1e:cd:ff:c4:4f:da:84:ef:
26:61:63:72:43:34:75:19:01:e8:6a:25:05:c0:40:9a:af:36:
76:9f:c1:18:34:d6:01:9c:b9:59:ef:2d:f6:bc:97:a0:61:84:
3b:6e:db:e5:d6:39:f6:13:af:30:88:76:5d:31:d7:a5:58:5e:
fd:21:4c:8a:eb:fb:1c:a6:06:34:05:d1:fb:83:e2:c4:6c:0c:
0c:4e:1f:45:61:1f:17:ec:78:62:c4:e0:f7:c3:3a:12:75:9f:
52:93:9e:29:56:a6:d6:6c:c2:51:1d:d7:69:23:d2:cf:56:6e:
93:87:a9:e4:91:7a:5f:61:fa:86:2b:bd:d7:c4:08:32:47:0a:
97:dc:66:59:45:72:85:a1:2d:29:cd:d7:92:7a:97:8c:93:7a:
e6:93:c1:e0:52:da:b2:3a:35:61:56:50:4f:30:07:48:49:64:
ef:fd:a5:08:25:2d:37:11:a5:de:99:06:c6:a0:1a:ab:5b:40:
5e:0e:73:44
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDz6VirOabvwC5FC9JvFFgoZqOYgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM3MTVaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2Mzc4NmNiYjNmMWQ5MjU5MmE2ZjMxMzc0ZWJmNDE5NGI1NTMwOTUxMGM1
MTMxYzQ1NjJhYmQ4MDkyMzA0NDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbOBn/YhEKpslpVXcJBLLHQJZI72l0UVbV+1rZiRTAVtGxz0u5sAAoiZRrd
rO/vfCyp1QysqjWbyXIPIUhVd30owFY0jZP/Oh1ULqk3zI8njaN8ZxtmXc7uUHd8
OYmzJWvKFBiBjdOQEj0HJra9QVz2nysuhaKr7/grKZ59wS1KbVMeGVa9mEuVvfqC
yQBENy3UFBs7PLoZA6DPPxDpT6nfG8HBNnkoRysH1D1lBu5IwmmCmVNsmjqUBaao
qp7OmoWZnAbSRielvhT6uxgRaeUC84eOWjDmtzDWwhDbc0LNi3o6jPwLuXcZLlIW
ZsOxH+YjtVqTu7Hf5WVZv8rifScCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRg/FFQ
i0p7A5FIpSeyeEQoiu294DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODgwZDAzMzQtZGFhYS00NDVhLTljMDYtNzQwMmJhMDIzYTg2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNg
QDANBgkqhkiG9w0BAQsFAAOCAQEAyjUyLcu4t8ReKU9abqVlCGITmhDVd+C6votI
TAmjz0EuRkiU+m6dgsq6B7NEyRV7qhFbsgq5ZrleXv0axZLSOB7N/8RP2oTvJmFj
ckM0dRkB6GolBcBAmq82dp/BGDTWAZy5We8t9ryXoGGEO27b5dY59hOvMIh2XTHX
pVhe/SFMiuv7HKYGNAXR+4PixGwMDE4fRWEfF+x4YsTg98M6EnWfUpOeKVam1mzC
UR3XaSPSz1Zuk4ep5JF6X2H6hiu918QIMkcKl9xmWUVyhaEtKc3XknqXjJN65pPB
4FLasjo1YVZQTzAHSElk7/2lCCUtNxGl3pkGxqAaq1tAXg5zRA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:10:08 2025 by rpki-client