Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
File: 8e492412-994d-4c48-a29e-9082ebce3349.roa (raw, json)
Hash identifier: cLxGjRFzmqMUvWOSBKOGHwURTpnFZ77k7QAKCSQMHh8=
Subject key identifier: 5C:B2:A4:56:A4:98:25:3C:90:AD:21:33:7F:43:95:5B:9E:1D:52:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3255351604915E7D33CA4D0D6BDE1F9F86EE0241
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
Signing time: Mon 16 Jun 2025 21:01:29 +0000
ROA not before: Mon 16 Jun 2025 21:01:29 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:55:35:16:04:91:5e:7d:33:ca:4d:0d:6b:de:1f:9f:86:ee:02:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:01:29 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=1c0748aa6d749a3ccbff2b8db51808a96eb39f8db655551226c380c6e50165c8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:93:dc:39:a3:65:00:27:12:c9:b1:c5:b0:da:
8d:1b:27:00:56:5b:3b:d5:df:c1:91:a3:3f:23:7e:
8e:1e:9f:58:08:c6:8b:d7:c0:26:1a:b1:1b:8f:55:
f7:f6:ac:dc:20:ff:00:34:d5:a5:40:3b:d4:55:cb:
54:bd:a7:37:2a:a3:28:ef:12:75:89:89:05:23:6a:
03:92:f9:d1:c9:5c:ab:88:da:19:5b:ba:a1:7b:92:
85:e9:d2:ac:23:49:9e:e3:01:19:82:ec:e5:1a:ff:
4a:5b:65:1a:34:e1:2d:a5:65:b0:df:cd:c5:5b:94:
26:59:28:62:ed:7b:d8:38:c3:85:66:92:7d:4f:06:
35:40:00:6f:fd:13:4f:f3:41:f7:63:f8:3a:f1:f2:
51:48:55:bf:84:3d:cb:0a:01:6d:a3:c1:02:33:bd:
76:ff:5d:3c:a9:f2:d0:09:fd:df:8f:3d:89:bc:fb:
35:9c:e2:46:61:d6:4b:a2:5c:53:bc:09:8d:50:d5:
0d:43:bc:86:20:bd:33:dd:94:e3:68:5a:32:49:7a:
c6:75:0e:9f:b3:85:20:f4:43:8d:50:1f:8b:0d:1a:
e2:e4:0d:7a:ac:f9:35:d5:bc:e1:cf:4a:76:54:e2:
15:76:89:d5:cb:4d:23:fa:a2:07:57:15:f0:01:a5:
6f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:B2:A4:56:A4:98:25:3C:90:AD:21:33:7F:43:95:5B:9E:1D:52:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
1e:c9:c1:04:af:8d:c7:d1:0a:49:e3:64:8e:e7:9b:ac:6d:92:
b4:7b:02:fb:a5:14:18:0f:f8:9a:13:bf:95:a2:31:21:9e:10:
a8:c2:98:b8:49:a1:8e:70:af:99:29:b2:d0:01:e9:6c:72:22:
df:c1:5b:d6:cd:29:32:f1:c0:9b:31:4f:c5:39:2d:37:d7:83:
9c:97:eb:ad:18:53:8a:83:8b:6f:56:8c:bf:bc:bd:3d:a5:b6:
da:e3:5b:a4:59:da:d1:3b:e8:63:25:1b:8b:69:95:18:4f:97:
45:b9:0b:89:3c:34:d4:b5:0d:64:6b:6b:40:22:af:77:57:35:
20:91:81:26:ea:ea:66:83:05:96:a9:4d:4b:cb:78:57:60:ef:
b1:99:12:31:ce:c6:91:26:ac:32:67:ff:d9:4d:fa:e9:69:5f:
f6:ee:22:07:dd:ef:9c:b4:00:fd:1c:91:07:82:30:64:77:b8:
ea:64:67:ef:f9:7d:64:2b:5b:99:6f:1e:70:19:7b:e5:89:67:
cc:17:39:30:a1:04:2d:1b:cc:4d:a3:38:81:63:a5:d2:7a:51:
cd:20:9f:9e:31:2f:00:0d:d8:aa:c9:27:06:94:c0:e7:dc:26:
35:7f:15:fa:f0:b8:1e:55:df:93:7f:24:79:9c:14:58:4c:ce:
58:9e:14:43
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMlU1FgSRXn0zyk0Na94fn4buAkEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTAxMjlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjMDc0OGFhNmQ3NDlhM2NjYmZmMmI4ZGI1MTgwOGE5NmViMzlmOGRiNjU1
NTUxMjI2YzM4MGM2ZTUwMTY1YzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJCT3DmjZQAnEsmxxbDajRsnAFZbO9XfwZGjPyN+jh6fWAjGi9fAJhqxG49V
9/as3CD/ADTVpUA71FXLVL2nNyqjKO8SdYmJBSNqA5L50clcq4jaGVu6oXuShenS
rCNJnuMBGYLs5Rr/SltlGjThLaVlsN/NxVuUJlkoYu172DjDhWaSfU8GNUAAb/0T
T/NB92P4OvHyUUhVv4Q9ywoBbaPBAjO9dv9dPKny0An93489ibz7NZziRmHWS6Jc
U7wJjVDVDUO8hiC9M92U42haMkl6xnUOn7OFIPRDjVAfiw0a4uQNeqz5NdW84c9K
dlTiFXaJ1ctNI/qiB1cV8AGlb/UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRcsqRW
pJglPJCtITN/Q5Vbnh1SKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGU0OTI0MTItOTk0ZC00YzQ4LWEyOWUtOTA4MmViY2UzMzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HqA
MA0GCSqGSIb3DQEBCwUAA4IBAQAeycEEr43H0QpJ42SO55usbZK0ewL7pRQYD/ia
E7+VojEhnhCowpi4SaGOcK+ZKbLQAelsciLfwVvWzSky8cCbMU/FOS0314Ocl+ut
GFOKg4tvVoy/vL09pbba41ukWdrRO+hjJRuLaZUYT5dFuQuJPDTUtQ1ka2tAIq93
VzUgkYEm6upmgwWWqU1Ly3hXYO+xmRIxzsaRJqwyZ//ZTfrpaV/27iIH3e+ctAD9
HJEHgjBkd7jqZGfv+X1kK1uZbx5wGXvliWfMFzkwoQQtG8xNoziBY6XSelHNIJ+e
MS8ADdiqyScGlMDn3CY1fxX68LgeVd+TfyR5nBRYTM5YnhRD
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:12:34 2025 by rpki-client