Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
File: 8cfa3133-8fd4-4816-ad14-c49146075f82.roa (raw, json)
Hash identifier: Pj5DMmGM5HR9DMyNfOUP3pPbcKtHUqbY3uznAlEhYyQ=
Subject key identifier: E2:9A:36:F1:5E:2B:D7:98:45:13:B6:4C:2A:83:DA:0B:FF:41:93:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F347106E83BB2231FACB87F6AFD1E5F67D69D56
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
Signing time: Mon 16 Jun 2025 20:11:00 +0000
ROA not before: Mon 16 Jun 2025 20:11:00 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:34:71:06:e8:3b:b2:23:1f:ac:b8:7f:6a:fd:1e:5f:67:d6:9d:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:11:00 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=ce7e2585f05b4d55ba04f929cc5b7676fa06de9cd607265d3380b45635996bf8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f7:d5:31:21:e9:69:a6:07:8c:2a:d9:4a:72:
45:3c:61:49:a8:fb:f1:9b:ae:55:2b:64:d2:c2:f4:
ab:0f:be:ca:d5:df:d2:6a:4f:1b:d1:db:c0:7e:ec:
e6:1d:65:19:ae:f8:4e:85:38:e0:09:76:28:c6:ae:
d1:af:0c:4d:ed:6a:71:0f:48:99:f7:fe:4e:f9:c4:
fa:8a:7a:2b:5d:ff:21:fe:be:62:7f:76:3b:dd:4c:
03:da:a8:c8:5b:2e:ac:9b:b5:41:07:a1:91:61:d3:
ef:29:1a:bc:ed:8c:d0:1e:8f:cd:d0:b4:0d:28:b2:
12:2f:bc:9f:81:b2:ef:8c:5b:05:2e:2b:46:6b:64:
f5:7a:5d:85:7a:f4:49:72:29:5e:3e:8c:44:24:b8:
c4:58:00:9c:03:bb:76:da:f4:72:be:d5:c8:e2:c4:
ea:4a:a1:cf:7f:4e:78:d1:15:bd:e9:67:75:dc:5b:
be:bc:03:b8:7a:29:85:7e:de:fe:c3:e6:41:14:3c:
2a:46:e4:22:69:74:76:45:35:cc:e3:e6:fd:4e:c1:
fa:b3:eb:7b:c2:79:e1:9c:45:a4:7f:bb:58:f5:4c:
24:5f:f1:4c:ba:bd:df:86:fc:20:24:30:a8:7f:be:
da:f0:b5:68:87:83:2d:d3:6f:bc:6f:f8:d6:fc:9c:
fd:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:9A:36:F1:5E:2B:D7:98:45:13:B6:4C:2A:83:DA:0B:FF:41:93:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6000::/40
Signature Algorithm: sha256WithRSAEncryption
c9:cd:c1:21:68:73:57:64:7d:a6:45:8d:ca:97:39:3d:f3:b0:
96:15:d6:91:0d:84:44:fa:0f:6b:dd:4a:ed:14:a9:32:02:24:
cc:10:b0:d6:bd:1e:0d:54:20:a4:47:d8:01:b9:5e:2e:cc:01:
f6:32:30:bb:41:22:f9:fa:46:9c:97:03:e3:bd:5d:72:d8:41:
54:e2:82:a9:8b:df:b7:2c:fa:8a:3b:31:f6:72:2d:50:25:c1:
9d:8d:3d:d7:56:c9:b2:45:a8:41:7c:64:9b:b7:76:33:7d:00:
b4:4e:8f:eb:9c:b1:dc:7c:c0:cf:4e:4c:3b:7f:9d:78:0a:f1:
ab:0b:da:20:a5:a4:24:75:8c:6d:e4:1c:34:07:4d:b2:79:1a:
c3:9b:02:36:5c:03:32:48:f0:b5:9a:10:63:32:ef:dc:1a:e6:
5b:72:b5:a4:f6:96:38:b2:2d:68:de:c5:32:fc:19:d3:90:92:
8f:49:5a:13:12:ff:4a:58:95:e1:99:9c:5a:a6:9c:ac:a6:ef:
93:8c:2b:31:d3:c7:06:c6:b5:7e:bf:61:bf:5c:4c:b3:23:3d:
f0:ef:18:ae:f5:96:0a:f3:13:07:75:ce:dc:3b:36:17:4e:c5:
7f:93:42:b4:57:c9:99:00:e6:06:2c:03:a2:8c:fe:e2:28:5b:
eb:2d:43:e5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPzRxBug7siMfrLh/av0eX2fWnVYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDExMDBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlN2UyNTg1ZjA1YjRkNTViYTA0ZjkyOWNjNWI3Njc2ZmEwNmRlOWNkNjA3
MjY1ZDMzODBiNDU2MzU5OTZiZjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMj31TEh6WmmB4wq2UpyRTxhSaj78ZuuVStk0sL0qw++ytXf0mpPG9HbwH7s
5h1lGa74ToU44Al2KMau0a8MTe1qcQ9Imff+TvnE+op6K13/If6+Yn92O91MA9qo
yFsurJu1QQehkWHT7ykavO2M0B6PzdC0DSiyEi+8n4Gy74xbBS4rRmtk9XpdhXr0
SXIpXj6MRCS4xFgAnAO7dtr0cr7VyOLE6kqhz39OeNEVvelnddxbvrwDuHophX7e
/sPmQRQ8KkbkIml0dkU1zOPm/U7B+rPre8J54ZxFpH+7WPVMJF/xTLq934b8ICQw
qH++2vC1aIeDLdNvvG/41vyc/XcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTimjbx
XivXmEUTtkwqg9oL/0GTaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNmYTMxMzMtOGZkNC00ODE2LWFkMTQtYzQ5MTQ2MDc1ZjgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJg
MA0GCSqGSIb3DQEBCwUAA4IBAQDJzcEhaHNXZH2mRY3Klzk987CWFdaRDYRE+g9r
3UrtFKkyAiTMELDWvR4NVCCkR9gBuV4uzAH2MjC7QSL5+kaclwPjvV1y2EFU4oKp
i9+3LPqKOzH2ci1QJcGdjT3XVsmyRahBfGSbt3YzfQC0To/rnLHcfMDPTkw7f514
CvGrC9ogpaQkdYxt5Bw0B02yeRrDmwI2XAMySPC1mhBjMu/cGuZbcrWk9pY4si1o
3sUy/BnTkJKPSVoTEv9KWJXhmZxappyspu+TjCsx08cGxrV+v2G/XEyzIz3w7xiu
9ZYK8xMHdc7cOzYXTsV/k0K0V8mZAOYGLAOijP7iKFvrLUPl
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:59:19 2025 by rpki-client