Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b578938-3dca-4d72-8385-f8a93e508377.roa
File: 8b578938-3dca-4d72-8385-f8a93e508377.roa (raw, json)
Hash identifier: 4199jIA4zvYJ8r3FH92Wx25BmMWDJp5ZqtUf6Ff0W68=
Subject key identifier: 8D:55:EE:27:37:43:4C:12:AF:95:99:DE:7A:53:43:3D:BE:0D:0E:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A29EC8D306FC399328A073F9B4BA18FD28A97E8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b578938-3dca-4d72-8385-f8a93e508377.roa
Signing time: Mon 16 Jun 2025 21:41:35 +0000
ROA not before: Mon 16 Jun 2025 21:41:35 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:29:ec:8d:30:6f:c3:99:32:8a:07:3f:9b:4b:a1:8f:d2:8a:97:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:41:35 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=3580902e56e6f5d1185efbabaec2e2fb2cd28ce30236c28a9e50bf398021b768, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3d:31:36:45:e3:71:f3:cf:6c:6d:5d:4f:cb:
89:2a:29:8a:65:1d:ee:b6:f3:38:ad:4a:22:e9:51:
80:83:74:44:e0:da:ec:8f:bd:bf:cc:49:16:55:6d:
4b:89:ef:5a:83:ba:fc:1b:a9:c1:b4:32:b6:3d:bb:
cf:34:4d:01:2f:55:e1:b5:30:ae:c1:8a:7e:9b:8d:
e0:33:7e:20:d4:21:da:52:b5:75:d7:92:ec:c9:75:
05:c8:8b:89:45:7a:46:e7:c4:24:7d:2f:1b:47:f8:
f4:ff:54:f9:bf:3e:1c:65:75:d9:d1:45:9a:f3:c3:
44:ad:39:10:4e:b6:a8:e3:81:a7:b6:88:49:c0:6d:
be:18:86:82:f2:3c:0c:09:0d:a8:b7:66:f2:60:6e:
4f:e0:b9:31:09:10:e5:a1:52:95:e1:48:17:df:02:
6b:2d:89:e7:5f:ac:26:a0:63:b9:a7:8c:a9:2b:91:
cc:91:a5:9b:96:c1:0f:6b:76:7b:cb:af:03:41:f7:
3b:75:75:db:11:14:ae:d8:17:19:83:52:53:14:94:
20:ee:a0:9e:d6:e8:76:8b:5e:e2:a6:5a:fe:3c:fd:
4b:55:97:91:90:47:c0:77:62:ec:f4:2e:43:40:7c:
33:33:cb:23:6a:59:88:77:72:5d:d6:66:2b:90:87:
77:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:55:EE:27:37:43:4C:12:AF:95:99:DE:7A:53:43:3D:BE:0D:0E:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b578938-3dca-4d72-8385-f8a93e508377.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019:400::/38
Signature Algorithm: sha256WithRSAEncryption
06:64:40:f0:4a:ba:93:1f:75:eb:0a:dc:fc:6f:5f:db:21:e0:
b8:02:1a:86:b7:59:e4:ee:e5:c9:9a:17:62:98:fb:80:b1:25:
73:97:a5:65:46:79:55:5b:39:f1:6a:f6:be:02:94:61:25:b4:
d4:a1:56:90:85:bb:e8:20:bc:b6:cb:45:e7:88:40:db:ba:2a:
23:e0:65:ca:ee:b5:2f:b2:67:ab:15:bf:92:b0:0b:ff:bb:49:
0d:2b:76:d4:66:3e:5d:6e:5f:7d:1a:9c:94:45:f1:45:ce:2a:
2a:b1:4c:ca:d1:7b:76:32:af:60:a1:d0:a0:09:d7:d9:17:60:
0d:56:50:f7:a5:20:63:0e:4f:48:f3:9b:63:b2:aa:3b:31:db:
4e:b6:e8:c9:12:8a:46:a7:db:f1:65:99:cf:ff:d4:ef:35:ca:
eb:90:57:88:a7:bf:79:06:c1:7d:46:09:94:3c:0d:ea:21:af:
ff:e9:5d:52:5d:ba:00:07:ff:f0:81:9a:68:fb:9a:c4:0b:2c:
1a:2f:df:3e:bd:ac:2c:50:9e:1f:c3:f7:59:ac:53:54:c2:d3:
bd:65:cf:f0:ab:fb:4b:2f:eb:04:45:0a:be:54:36:4d:f4:13:
18:7a:3e:e2:8c:9c:55:f5:9f:58:64:47:0a:fd:cd:e9:02:35:
00:92:4c:22
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUainsjTBvw5kyigc/m0uhj9KKl+gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQxMzVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1ODA5MDJlNTZlNmY1ZDExODVlZmJhYmFlYzJlMmZiMmNkMjhjZTMwMjM2
YzI4YTllNTBiZjM5ODAyMWI3NjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKY9MTZF43Hzz2xtXU/LiSopimUd7rbzOK1KIulRgIN0RODa7I+9v8xJFlVt
S4nvWoO6/BupwbQytj27zzRNAS9V4bUwrsGKfpuN4DN+INQh2lK1ddeS7Ml1BciL
iUV6RufEJH0vG0f49P9U+b8+HGV12dFFmvPDRK05EE62qOOBp7aIScBtvhiGgvI8
DAkNqLdm8mBuT+C5MQkQ5aFSleFIF98Cay2J51+sJqBjuaeMqSuRzJGlm5bBD2t2
e8uvA0H3O3V12xEUrtgXGYNSUxSUIO6gntbodote4qZa/jz9S1WXkZBHwHdi7PQu
Q0B8MzPLI2pZiHdyXdZmK5CHd5ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSNVe4n
N0NMEq+Vmd56U0M9vg0OFDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGI1Nzg5MzgtM2RjYS00ZDcyLTgzODUtZjhhOTNlNTA4Mzc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkE
MA0GCSqGSIb3DQEBCwUAA4IBAQAGZEDwSrqTH3XrCtz8b1/bIeC4AhqGt1nk7uXJ
mhdimPuAsSVzl6VlRnlVWznxava+ApRhJbTUoVaQhbvoILy2y0XniEDbuioj4GXK
7rUvsmerFb+SsAv/u0kNK3bUZj5dbl99GpyURfFFzioqsUzK0Xt2Mq9godCgCdfZ
F2ANVlD3pSBjDk9I85tjsqo7MdtOtujJEopGp9vxZZnP/9TvNcrrkFeIp795BsF9
RgmUPA3qIa//6V1SXboAB//wgZpo+5rECywaL98+vawsUJ4fw/dZrFNUwtO9Zc/w
q/tLL+sERQq+VDZN9BMYej7ijJxV9Z9YZEcK/c3pAjUAkkwi
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:52:42 2025 by rpki-client