Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa
File: 88e98e26-39c9-4a1c-82e8-cc63267ca942.roa (raw, json)
Hash identifier: 2dphtsORPchRtu0fZXOnkuHjQV0g6w0+K08r20oUBQo=
Subject key identifier: 9A:40:F0:D7:A3:6A:21:30:91:AC:F8:7B:A5:6D:4A:96:E9:A0:12:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6AB8D80E501363E76C1D00D1D928AC6EFE0E298B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa
Signing time: Thu 26 Jun 2025 19:37:18 +0000
ROA not before: Thu 26 Jun 2025 19:37:18 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:8020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:b8:d8:0e:50:13:63:e7:6c:1d:00:d1:d9:28:ac:6e:fe:0e:29:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:37:18 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=69e75de37ebc5816eafb6d3016e687b68655a438531d714b231696686f413646, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:07:17:aa:49:d0:87:98:8b:6b:2f:0c:c6:17:
2e:b8:90:e9:29:3e:b6:dc:7d:a2:10:6f:4b:49:55:
94:8a:ce:36:01:39:3e:14:54:da:ec:15:b2:60:41:
3b:03:7b:36:22:b8:ac:f5:81:a8:b9:64:6e:17:bb:
06:73:18:57:61:56:13:ba:11:86:a5:1b:62:d8:a2:
0a:eb:c4:39:ef:cc:7d:a7:57:ad:23:2d:83:02:be:
73:57:73:f6:0e:0a:ba:3c:e3:2e:7e:94:b6:9f:b8:
09:c4:9e:26:82:6b:a8:71:49:7d:67:19:31:29:d8:
93:e5:bf:c2:67:19:e7:bd:05:88:e0:d2:7b:d0:23:
14:23:b1:7a:81:b0:70:b7:37:c5:8a:34:4f:c9:40:
ad:af:e9:f6:28:43:ee:87:8b:0c:00:ea:f4:c3:67:
c4:92:51:22:40:90:61:03:54:3f:d6:45:38:87:e3:
5a:6c:78:ba:1a:46:77:f5:83:46:c4:0b:6c:f2:b6:
e8:f6:94:03:ce:a1:16:98:35:21:4d:90:70:59:49:
84:f8:bb:6e:be:af:9d:91:fa:29:2a:ea:6f:cf:0f:
cc:c4:cc:e9:2f:48:42:40:90:1c:88:c4:3b:b3:43:
6b:78:be:f9:2c:e5:d7:23:62:9b:af:ab:ad:8d:5c:
b4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:40:F0:D7:A3:6A:21:30:91:AC:F8:7B:A5:6D:4A:96:E9:A0:12:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:8020::/46
Signature Algorithm: sha256WithRSAEncryption
9e:fb:43:58:51:18:5e:78:05:a8:ce:5c:a1:cc:5c:50:fb:0f:
21:bf:36:f1:41:32:cf:aa:0c:7f:5a:6c:cf:aa:ad:90:99:4a:
cd:7b:da:83:86:ce:80:12:9f:5c:5d:82:0c:2b:c1:d1:a5:89:
df:be:55:94:6d:2d:57:6c:d2:30:b6:e9:9c:2c:d1:65:f0:09:
24:f3:4b:04:40:e6:4c:93:06:3c:d8:43:f4:3e:4f:e1:85:00:
ac:98:ad:04:90:94:db:7f:0a:bb:13:7b:12:97:d9:16:c4:6b:
8f:cd:c5:dd:bd:38:b0:61:bb:5f:96:cb:4b:2e:62:42:93:14:
9a:8d:84:76:7a:8d:13:17:36:7c:8b:ab:ac:e8:a2:ab:13:56:
fa:c8:8e:ed:5a:1c:93:5a:d3:64:28:28:8e:ac:da:a6:b6:29:
dc:7b:dc:b4:af:81:04:71:29:78:77:f7:01:bd:99:22:cf:d0:
c8:4d:ab:4c:18:f8:12:ef:b8:c7:aa:47:c3:84:71:05:d0:93:
fc:e3:bc:68:b2:e3:f5:b3:94:a6:69:72:39:b8:21:94:49:17:
42:f0:41:e4:58:35:67:a2:d4:1c:05:ca:50:91:4e:8c:8c:20:
f6:ef:91:4c:1d:19:d0:f9:5e:79:34:7f:44:0f:7f:a7:0c:3e:
06:5b:8c:69
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUarjYDlATY+dsHQDR2Sisbv4OKYswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM3MThaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5ZTc1ZGUzN2ViYzU4MTZlYWZiNmQzMDE2ZTY4N2I2ODY1NWE0Mzg1MzFk
NzE0YjIzMTY5NjY4NmY0MTM2NDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANsHF6pJ0IeYi2svDMYXLriQ6Sk+ttx9ohBvS0lVlIrONgE5PhRU2uwVsmBB
OwN7NiK4rPWBqLlkbhe7BnMYV2FWE7oRhqUbYtiiCuvEOe/MfadXrSMtgwK+c1dz
9g4KujzjLn6Utp+4CcSeJoJrqHFJfWcZMSnYk+W/wmcZ570FiODSe9AjFCOxeoGw
cLc3xYo0T8lAra/p9ihD7oeLDADq9MNnxJJRIkCQYQNUP9ZFOIfjWmx4uhpGd/WD
RsQLbPK26PaUA86hFpg1IU2QcFlJhPi7br6vnZH6KSrqb88PzMTM6S9IQkCQHIjE
O7NDa3i++Szl1yNim6+rrY1ctIsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSaQPDX
o2ohMJGs+HulbUqW6aASITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODhlOThlMjYtMzljOS00YTFjLTgyZTgtY2M2MzI2N2NhOTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOA
IDANBgkqhkiG9w0BAQsFAAOCAQEAnvtDWFEYXngFqM5cocxcUPsPIb828UEyz6oM
f1psz6qtkJlKzXvag4bOgBKfXF2CDCvB0aWJ375VlG0tV2zSMLbpnCzRZfAJJPNL
BEDmTJMGPNhD9D5P4YUArJitBJCU238KuxN7EpfZFsRrj83F3b04sGG7X5bLSy5i
QpMUmo2EdnqNExc2fIurrOiiqxNW+siO7Vock1rTZCgojqzaprYp3HvctK+BBHEp
eHf3Ab2ZIs/QyE2rTBj4Eu+4x6pHw4RxBdCT/OO8aLLj9bOUpmlyObghlEkXQvBB
5Fg1Z6LUHAXKUJFOjIwg9u+RTB0Z0PleeTR/RA9/pww+BluMaQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:05 2025 by rpki-client