Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
File: 88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa (raw, json)
Hash identifier: dImn3dLU8mnue8+dGGsAnChpbehmEAAsV/HUabaIE+w=
Subject key identifier: F1:95:6F:A4:57:A6:28:01:91:A3:42:5A:40:BC:E2:39:3E:98:76:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21057CA1D625DD4595E511C12702FD2D6E0B07CA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
Signing time: Mon 16 Jun 2025 21:31:07 +0000
ROA not before: Mon 16 Jun 2025 21:31:07 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:05:7c:a1:d6:25:dd:45:95:e5:11:c1:27:02:fd:2d:6e:0b:07:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:07 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f576f15bc754c62e883927ce53b1fa40b5e36478bdb16f9a7447e3926510ed6b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:0f:b2:ab:fd:d0:8c:99:96:4e:9e:bf:86:f0:
64:ba:e9:58:45:84:58:32:39:56:e0:a4:b6:50:83:
eb:02:4c:9b:80:d4:88:71:d0:78:d4:f4:a3:61:68:
e4:68:72:f0:a0:45:25:26:e6:2f:c9:8f:2a:2a:89:
9b:bd:1e:e6:c9:c9:a0:cb:4d:5d:dd:52:0d:f5:8d:
58:7d:81:d0:34:05:73:22:95:7a:6c:e9:9d:dd:9f:
10:0c:16:db:d2:96:26:fa:79:52:01:ca:11:a0:c5:
d4:20:46:64:e6:83:5a:ee:56:22:69:4c:28:e8:9f:
2f:78:a7:9a:32:47:09:0e:fa:26:77:58:e1:81:26:
87:d6:69:8b:b9:64:eb:07:86:db:b0:17:6c:0a:2d:
bb:6d:8b:58:84:69:1b:38:b1:39:1f:16:9c:07:58:
93:24:de:0b:b6:03:dd:bc:8f:f9:fb:b3:c3:c3:82:
ed:f8:46:df:c1:cb:81:3f:6f:9d:af:05:7d:cf:d4:
24:ab:fb:28:01:17:c3:d7:a2:94:9d:cc:ba:ef:8e:
6c:b0:4e:3d:83:3b:93:15:4b:09:30:bb:c5:48:4d:
86:7d:88:d6:fa:13:bd:20:d4:b1:9e:11:5a:a0:6b:
61:f4:12:a9:2c:91:0b:9d:20:99:e9:f0:96:f7:61:
69:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:95:6F:A4:57:A6:28:01:91:A3:42:5A:40:BC:E2:39:3E:98:76:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:c00::/38
Signature Algorithm: sha256WithRSAEncryption
b8:ae:8e:bc:ba:e7:4b:2c:9a:f1:1c:dd:8d:f1:41:1e:64:44:
4c:5f:a4:9a:28:dc:b1:b4:a4:92:bc:de:34:a5:9e:02:5c:c5:
7b:e3:53:16:35:88:a0:f7:75:95:b9:5b:25:48:73:51:15:f0:
7b:09:63:01:a8:16:81:5d:19:7c:80:c0:ef:1b:80:50:c4:11:
3f:67:14:79:d6:1f:da:83:86:5d:66:1e:e5:98:09:86:57:88:
4a:d2:1c:0b:cc:e7:d4:d1:39:f6:f8:4c:6c:25:c0:17:3f:4c:
e5:aa:c1:35:92:ea:6d:6e:d4:72:72:68:e2:24:99:14:68:0d:
ec:51:81:6a:17:68:be:72:78:2e:55:df:1d:94:9c:5e:f5:22:
19:f8:ab:91:e7:04:ae:ff:8a:e1:d8:a4:2a:99:69:e8:e0:57:
96:56:c4:7f:36:95:ce:f9:d8:5b:ff:1c:fa:29:54:04:93:35:
82:7a:0b:37:fb:27:d5:2e:f6:c9:30:e8:9a:76:82:cf:92:40:
54:9e:18:f2:9f:ae:fc:df:a9:f4:dc:f0:bf:14:d5:e1:d2:4b:
6a:6c:61:dc:d6:f5:28:25:62:ce:af:c4:67:5c:5b:ec:b5:2c:
df:c2:eb:de:9a:5b:18:ec:8e:2a:23:c9:e7:75:38:70:04:6a:
2d:eb:09:26
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIQV8odYl3UWV5RHBJwL9LW4LB8owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxMDdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1NzZmMTViYzc1NGM2MmU4ODM5MjdjZTUzYjFmYTQwYjVlMzY0NzhiZGIx
NmY5YTc0NDdlMzkyNjUxMGVkNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJQPsqv90IyZlk6ev4bwZLrpWEWEWDI5VuCktlCD6wJMm4DUiHHQeNT0o2Fo
5Ghy8KBFJSbmL8mPKiqJm70e5snJoMtNXd1SDfWNWH2B0DQFcyKVemzpnd2fEAwW
29KWJvp5UgHKEaDF1CBGZOaDWu5WImlMKOifL3inmjJHCQ76JndY4YEmh9Zpi7lk
6weG27AXbAotu22LWIRpGzixOR8WnAdYkyTeC7YD3byP+fuzw8OC7fhG38HLgT9v
na8Ffc/UJKv7KAEXw9eilJ3Muu+ObLBOPYM7kxVLCTC7xUhNhn2I1voTvSDUsZ4R
WqBrYfQSqSyRC50gmenwlvdhaR8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTxlW+k
V6YoAZGjQlpAvOI5Pph2GzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg4MDBmOWYtNDhmZC00NDQyLWE2ZjYtN2E1MDRlMWNiM2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIM
MA0GCSqGSIb3DQEBCwUAA4IBAQC4ro68uudLLJrxHN2N8UEeZERMX6SaKNyxtKSS
vN40pZ4CXMV741MWNYig93WVuVslSHNRFfB7CWMBqBaBXRl8gMDvG4BQxBE/ZxR5
1h/ag4ZdZh7lmAmGV4hK0hwLzOfU0Tn2+ExsJcAXP0zlqsE1kuptbtRycmjiJJkU
aA3sUYFqF2i+cnguVd8dlJxe9SIZ+KuR5wSu/4rh2KQqmWno4FeWVsR/NpXO+dhb
/xz6KVQEkzWCegs3+yfVLvbJMOiadoLPkkBUnhjyn67836n03PC/FNXh0ktqbGHc
1vUoJWLOr8RnXFvstSzfwuvemlsY7I4qI8nndThwBGot6wkm
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:39 2025 by rpki-client