Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
File: 8eb63ceb-3350-490c-9a1a-85b2563a8947.roa (raw, json)
Hash identifier: r7W+4z/9XWy3VF9aOCiY8qwNukzUJK2UFUWVSIUNLRs=
Subject key identifier: 29:63:0E:BF:0D:E5:E1:1E:FE:39:A1:D4:EF:C4:93:5F:40:DC:7E:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 482515DEDBDF02C54E3A81D8391848F69F9396E0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
Signing time: Mon 16 Jun 2025 21:20:52 +0000
ROA not before: Mon 16 Jun 2025 21:20:52 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:25:15:de:db:df:02:c5:4e:3a:81:d8:39:18:48:f6:9f:93:96:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:20:52 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=46ad3811fa4e0f0b77c41935efb0b4112415de2c6bf903e4b35712616c3a2c54, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d6:4e:49:e1:c2:db:83:d2:68:34:18:45:cf:
79:9a:72:56:5d:b0:f1:d8:13:4a:b1:97:93:60:0e:
16:3f:9c:35:d4:23:de:88:a7:e5:0a:a4:ca:1c:64:
ac:b4:c5:76:69:69:b3:d4:bb:a2:66:1c:2e:0e:5e:
59:e2:5d:9e:00:e9:d2:e9:3b:45:3f:68:fd:a6:81:
90:74:f2:38:0e:b9:76:11:05:a1:33:3a:76:48:85:
36:44:58:52:ec:25:fa:26:be:66:43:06:20:ab:bf:
21:8e:48:92:d5:c8:17:97:17:d2:c5:38:3a:f3:f6:
c2:bb:5b:8d:85:8b:70:70:6f:0f:92:b5:72:bb:c0:
42:1b:b4:4c:7d:66:56:a4:f2:3c:19:35:33:ff:6d:
2d:98:29:12:a6:23:dd:7c:1b:26:1b:5a:58:b7:a9:
9e:e3:e4:04:ae:b8:bf:25:f1:77:49:1c:69:4c:f5:
12:fb:b5:73:88:bb:c7:d6:21:6c:c0:54:ef:db:01:
f1:55:ad:4b:28:66:3d:af:b9:54:11:41:a0:7a:9a:
3e:3d:82:12:82:41:db:f5:1f:b7:46:82:83:e6:5f:
fc:1a:c3:3f:c0:13:90:b6:ce:d6:a8:0f:20:c2:1f:
1c:18:4f:1c:a7:ec:c1:9d:f7:07:c0:3a:40:49:df:
d3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:63:0E:BF:0D:E5:E1:1E:FE:39:A1:D4:EF:C4:93:5F:40:DC:7E:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:4000::/40
Signature Algorithm: sha256WithRSAEncryption
8f:ab:ec:77:5c:03:56:63:78:2b:fe:f0:01:25:6e:0b:e4:98:
db:e2:52:eb:31:57:a5:86:1a:b4:74:5d:84:84:94:16:a2:65:
a7:69:eb:2c:1d:d5:44:a6:6f:88:b2:22:54:c5:51:27:66:ad:
30:14:96:ce:9f:bc:7f:2f:b9:7a:71:ff:55:2e:20:84:12:8f:
fe:18:af:0e:6d:4a:1c:a9:c1:52:90:60:11:f6:b0:b8:d4:5e:
92:f5:3e:3d:e6:1e:09:f4:f4:c3:80:9b:80:25:df:6a:e0:2b:
7c:7a:7f:79:d2:c7:e3:be:44:a1:f3:67:54:a6:c7:4e:e8:a0:
32:92:f4:48:6d:95:fe:da:ea:35:e3:2f:d5:7b:99:5d:01:e3:
ab:07:1b:de:cb:82:82:ca:40:70:fb:b3:44:28:2c:a9:cb:34:
d1:c7:9b:3c:09:42:7c:cb:af:10:41:98:c1:48:07:7c:30:90:
35:88:46:bf:9a:e1:9f:6d:71:31:d8:49:2b:fe:59:86:a9:2f:
4a:54:4a:17:2e:e4:9c:85:b3:db:cb:6f:6d:3d:5a:05:d3:35:
94:c0:3e:81:b8:d2:f5:17:dd:1b:ac:af:da:f0:bb:03:04:8e:
2c:cb:b5:8c:5c:73:18:a4:d4:d9:73:1a:3c:fc:dd:5b:f6:30:
4f:58:fc:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSCUV3tvfAsVOOoHYORhI9p+TluAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIwNTJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2YWQzODExZmE0ZTBmMGI3N2M0MTkzNWVmYjBiNDExMjQxNWRlMmM2YmY5
MDNlNGIzNTcxMjYxNmMzYTJjNTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMfWTknhwtuD0mg0GEXPeZpyVl2w8dgTSrGXk2AOFj+cNdQj3oin5Qqkyhxk
rLTFdmlps9S7omYcLg5eWeJdngDp0uk7RT9o/aaBkHTyOA65dhEFoTM6dkiFNkRY
Uuwl+ia+ZkMGIKu/IY5IktXIF5cX0sU4OvP2wrtbjYWLcHBvD5K1crvAQhu0TH1m
VqTyPBk1M/9tLZgpEqYj3XwbJhtaWLepnuPkBK64vyXxd0kcaUz1Evu1c4i7x9Yh
bMBU79sB8VWtSyhmPa+5VBFBoHqaPj2CEoJB2/Uft0aCg+Zf/BrDP8ATkLbO1qgP
IMIfHBhPHKfswZ33B8A6QEnf05MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQpYw6/
DeXhHv45odTvxJNfQNx+DjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGViNjNjZWItMzM1MC00OTBjLTlhMWEtODViMjU2M2E4OTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFA
MA0GCSqGSIb3DQEBCwUAA4IBAQCPq+x3XANWY3gr/vABJW4L5Jjb4lLrMVelhhq0
dF2EhJQWomWnaessHdVEpm+IsiJUxVEnZq0wFJbOn7x/L7l6cf9VLiCEEo/+GK8O
bUocqcFSkGAR9rC41F6S9T495h4J9PTDgJuAJd9q4Ct8en950sfjvkSh82dUpsdO
6KAykvRIbZX+2uo14y/Ve5ldAeOrBxvey4KCykBw+7NEKCypyzTRx5s8CUJ8y68Q
QZjBSAd8MJA1iEa/muGfbXEx2Ekr/lmGqS9KVEoXLuSchbPby29tPVoF0zWUwD6B
uNL1F90brK/a8LsDBI4sy7WMXHMYpNTZcxo8/N1b9jBPWPxe
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:23:24 2025 by rpki-client