Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
File: 8a06e909-5227-47d9-a58c-be623a2a4cad.roa (raw, json)
Hash identifier: VkRDUoO9xpQwpjigx9b28jBkEkDV9nstA9IaBWqSbpw=
Subject key identifier: 47:4B:79:46:13:E6:72:7E:3C:95:71:C1:A9:4E:E7:77:35:FC:89:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61306415A3B36804931ACAAC0E5084624DDD7A23
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
Signing time: Mon 16 Jun 2025 21:21:27 +0000
ROA not before: Mon 16 Jun 2025 21:21:27 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:30:64:15:a3:b3:68:04:93:1a:ca:ac:0e:50:84:62:4d:dd:7a:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:21:27 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=d0733410c5f5bb0b0fdea4795b662f1cae6a750a84bb9a52f4cfc84b253110fe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a8:90:ef:f5:45:b7:37:d1:06:70:c0:6b:5b:
73:a4:bf:7d:c8:30:4a:ae:3d:23:a8:fc:3d:ea:7f:
e0:12:60:ef:40:8f:76:9e:15:7c:39:ec:b7:fd:50:
bd:72:96:ef:af:b7:28:e6:75:90:14:c0:17:30:1e:
f7:4d:50:00:8f:a0:af:79:96:a8:d3:55:23:b0:21:
38:a5:2e:8e:d0:e8:27:a6:aa:21:fd:c3:40:39:3d:
3b:08:36:cc:7b:4e:8e:40:0c:bd:9f:cb:3f:a8:b2:
8f:5d:b8:02:5a:ed:00:a8:97:cd:e4:33:16:ec:4c:
d2:b6:fc:4f:0c:26:d4:30:26:43:19:e4:e7:27:8c:
55:a3:87:43:71:ba:32:e9:f2:b1:e3:5c:34:1f:31:
b2:57:03:2d:f3:ee:0f:6c:0b:f7:77:65:5d:a8:c4:
75:6c:aa:68:e3:9a:a8:d4:cc:92:98:58:bb:97:7e:
ae:70:c9:cb:65:71:53:07:0c:86:b2:4b:6d:be:10:
a5:7f:d7:fb:30:13:91:77:56:aa:97:40:da:c6:a1:
5f:a8:11:fd:31:cd:e0:5a:b4:34:42:81:9e:e9:2b:
c8:5e:4a:ec:13:6b:9a:f9:ec:5e:1e:23:85:32:fe:
d4:de:4e:26:4e:c9:0e:a7:b5:14:53:e5:f1:09:0d:
a8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:4B:79:46:13:E6:72:7E:3C:95:71:C1:A9:4E:E7:77:35:FC:89:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:4000::/40
Signature Algorithm: sha256WithRSAEncryption
8d:64:72:3b:8e:39:a7:62:79:fa:1c:f6:2e:6d:25:79:ee:97:
5f:b8:7c:6d:13:0a:6e:a1:b9:d5:f1:ef:39:64:05:d1:af:48:
48:55:5f:c8:86:00:a9:5b:b9:c8:73:1b:ba:ba:a0:18:9f:07:
71:3c:ea:d9:3f:c3:5f:18:9f:82:49:2c:a8:fa:68:e2:37:cf:
0e:97:8c:d2:00:27:a9:d2:ce:3f:13:3d:40:16:9b:e5:d3:43:
88:89:0f:59:e3:ca:12:04:a2:99:5e:13:08:13:94:70:3d:5e:
e0:ee:c8:ba:fb:4b:6e:f5:f5:2c:33:64:92:8e:49:1a:73:74:
db:4b:f5:fc:d7:34:c7:a1:df:13:a8:17:ef:d5:38:e0:05:49:
55:71:f9:24:5d:ef:60:15:2b:21:fe:e0:69:c8:42:29:45:61:
ab:d6:0f:03:2d:9f:89:96:92:a3:57:8e:73:f8:57:6c:ab:1d:
20:54:67:01:3c:ae:84:0f:33:f0:c4:4a:60:ae:78:0a:1c:b7:
9a:65:ca:d5:a0:1a:51:33:0d:d7:7a:4d:5a:8b:56:60:c7:66:
52:37:0c:f5:eb:69:18:4d:ea:ea:08:72:9e:e3:ad:43:10:2f:
ad:86:06:74:ab:8e:3d:16:6f:d5:98:33:78:30:e8:49:aa:bb:
1d:bb:a3:24
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYTBkFaOzaASTGsqsDlCEYk3deiMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIxMjdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwNzMzNDEwYzVmNWJiMGIwZmRlYTQ3OTViNjYyZjFjYWU2YTc1MGE4NGJi
OWE1MmY0Y2ZjODRiMjUzMTEwZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+okO/1Rbc30QZwwGtbc6S/fcgwSq49I6j8Pep/4BJg70CPdp4VfDnst/1Q
vXKW76+3KOZ1kBTAFzAe901QAI+gr3mWqNNVI7AhOKUujtDoJ6aqIf3DQDk9Owg2
zHtOjkAMvZ/LP6iyj124AlrtAKiXzeQzFuxM0rb8Twwm1DAmQxnk5yeMVaOHQ3G6
MunyseNcNB8xslcDLfPuD2wL93dlXajEdWyqaOOaqNTMkphYu5d+rnDJy2VxUwcM
hrJLbb4QpX/X+zATkXdWqpdA2sahX6gR/THN4Fq0NEKBnukryF5K7BNrmvnsXh4j
hTL+1N5OJk7JDqe1FFPl8QkNqAkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRHS3lG
E+ZyfjyVccGpTud3NfyJMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGEwNmU5MDktNTIyNy00N2Q5LWE1OGMtYmU2MjNhMmE0Y2FkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FhA
MA0GCSqGSIb3DQEBCwUAA4IBAQCNZHI7jjmnYnn6HPYubSV57pdfuHxtEwpuobnV
8e85ZAXRr0hIVV/IhgCpW7nIcxu6uqAYnwdxPOrZP8NfGJ+CSSyo+mjiN88Ol4zS
ACep0s4/Ez1AFpvl00OIiQ9Z48oSBKKZXhMIE5RwPV7g7si6+0tu9fUsM2SSjkka
c3TbS/X81zTHod8TqBfv1TjgBUlVcfkkXe9gFSsh/uBpyEIpRWGr1g8DLZ+JlpKj
V45z+Fdsqx0gVGcBPK6EDzPwxEpgrngKHLeaZcrVoBpRMw3Xek1ai1Zgx2ZSNwz1
62kYTerqCHKe461DEC+thgZ0q449Fm/VmDN4MOhJqrsdu6Mk
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:02 2025 by rpki-client