Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa
File: 915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa (raw, json)
Hash identifier: HWeZ4CGqV3wDjkpLWBtdOBV512U2Z18rglhZm8LAsII=
Subject key identifier: B4:99:FB:45:CC:70:53:88:ED:85:A3:5B:DB:C2:14:93:E7:84:59:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F64C30D0BC55F9EE62264FA16E3C3F4CFF10B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa
Signing time: Tue 17 Jun 2025 00:40:09 +0000
ROA not before: Tue 17 Jun 2025 00:40:09 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:64:c3:0d:0b:c5:5f:9e:e6:22:64:fa:16:e3:c3:f4:cf:f1:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:09 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=12754abf9d5eee3fd9505c516dfb16657818501946066e46d6bd2e47790e9174, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:32:e9:9f:02:da:11:2e:2b:5e:59:9c:a9:14:
2e:a6:a7:4e:07:ae:c1:b9:12:6d:49:f0:42:c1:10:
c1:cf:93:f8:50:76:c8:63:c7:c1:13:06:b3:70:c4:
ea:ce:e9:43:d7:7e:69:cf:86:4a:01:59:90:2f:6a:
27:2a:35:f6:92:e9:e7:5c:f6:7c:d6:bc:73:c5:61:
b2:7a:64:a0:cd:af:78:01:5a:6d:f0:39:da:df:50:
50:4e:75:e8:f9:0e:a2:26:c2:57:74:ff:c2:a5:3b:
37:04:68:dc:09:37:cf:79:7f:34:bb:a2:34:7c:bb:
33:ad:b9:5e:71:24:2b:50:d4:7c:06:b7:61:71:6d:
e5:86:c2:80:3b:d7:df:94:7f:be:91:13:bd:6d:d6:
2c:c4:58:d5:76:f6:6d:9b:3e:ce:36:52:38:6b:66:
f1:45:0f:9d:48:83:35:a5:a7:f7:06:92:9d:ea:78:
87:e0:87:cf:41:58:8e:23:09:48:e4:3f:3f:88:e3:
2c:e9:7f:a2:c8:21:5d:65:00:4e:73:d8:a5:1b:57:
5a:47:d1:78:27:93:48:c8:b8:68:6e:8c:51:af:74:
9c:93:26:fa:41:31:63:29:91:11:a4:4f:ad:16:48:
be:4f:80:dd:c5:33:e0:4e:9d:5b:cf:e0:bd:61:e6:
f7:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:99:FB:45:CC:70:53:88:ED:85:A3:5B:DB:C2:14:93:E7:84:59:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8000::/36
Signature Algorithm: sha256WithRSAEncryption
67:46:db:db:ae:94:da:a9:25:93:65:57:51:d5:ac:e9:12:2f:
78:a9:6b:2e:76:9e:44:1b:e2:61:49:af:c3:e9:64:db:a5:19:
9f:ad:3e:cd:71:82:73:91:18:58:57:29:2c:b2:b6:2c:e8:30:
7e:98:ac:dc:21:2b:4e:57:0a:1a:a3:ed:bf:05:99:0e:c1:6b:
c0:62:a5:c7:fe:76:06:0a:8d:20:0e:88:00:44:50:9e:5c:26:
91:05:ac:e6:b8:a7:c6:39:b5:89:25:6c:08:69:48:12:1f:b0:
68:48:44:42:bb:38:2e:0d:be:07:4a:5d:12:2a:e8:b2:a7:33:
2e:20:4a:fa:e6:00:35:e8:c0:2e:ec:60:82:c8:06:d8:0f:ec:
f5:e4:37:c3:87:b3:25:b0:f6:aa:39:1b:98:aa:e0:35:42:ac:
06:24:c2:71:30:fc:77:ba:fb:8e:c1:f5:9c:22:e6:85:ee:20:
f2:41:e8:17:e3:6f:b0:0a:52:b2:7e:8a:d3:a9:4f:22:15:33:
c4:bf:d4:e5:7d:da:a5:79:48:41:76:33:7e:cb:6f:5d:c0:eb:
6d:43:e4:e3:d7:d1:de:e1:89:70:dc:6e:72:db:3f:ae:26:b0:
ea:59:6d:59:63:bd:3e:ea:06:ee:e1:ea:67:4a:16:fd:96:43:
23:9d:c6:49
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgITL2TDDQvFX57mImT6FuPD9M/xCzANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDYxNzAwNDAwOVoXDTI1MDcyMjIzNTk1OVowejFJMEcGA1UE
BRNAMTI3NTRhYmY5ZDVlZWUzZmQ5NTA1YzUxNmRmYjE2NjU3ODE4NTAxOTQ2MDY2
ZTQ2ZDZiZDJlNDc3OTBlOTE3NDEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzzLpnwLaES4rXlmcqRQupqdOB67BuRJtSfBCwRDBz5P4UHbIY8fBEwazcMTq
zulD135pz4ZKAVmQL2onKjX2kunnXPZ81rxzxWGyemSgza94AVpt8Dna31BQTnXo
+Q6iJsJXdP/CpTs3BGjcCTfPeX80u6I0fLszrblecSQrUNR8BrdhcW3lhsKAO9ff
lH++kRO9bdYsxFjVdvZtmz7ONlI4a2bxRQ+dSIM1paf3BpKd6niH4IfPQViOIwlI
5D8/iOMs6X+iyCFdZQBOc9ilG1daR9F4J5NIyLhoboxRr3Sckyb6QTFjKZERpE+t
Fki+T4DdxTPgTp1bz+C9Yeb3yQIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFLSZ+0XM
cFOI7YWjW9vCFJPnhFm0MB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC85
MTVjY2VmNi1iMDZmLTRlMTEtYmU5YS04YjlhMjI5ZmY1MmIucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgXQEIAw
DQYJKoZIhvcNAQELBQADggEBAGdG29uulNqpJZNlV1HVrOkSL3ipay52nkQb4mFJ
r8PpZNulGZ+tPs1xgnORGFhXKSyytizoMH6YrNwhK05XChqj7b8FmQ7Ba8Bipcf+
dgYKjSAOiABEUJ5cJpEFrOa4p8Y5tYklbAhpSBIfsGhIREK7OC4NvgdKXRIq6LKn
My4gSvrmADXowC7sYILIBtgP7PXkN8OHsyWw9qo5G5iq4DVCrAYkwnEw/He6+47B
9Zwi5oXuIPJB6Bfjb7AKUrJ+itOpTyIVM8S/1OV92qV5SEF2M37Lb13A621D5OPX
0d7hiXDcbnLbP64msOpZbVljvT7qBu7h6mdKFv2WQyOdxkk=
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:38 2025 by rpki-client