Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
File: 94b69c02-a117-42df-89a0-b463fa809f2d.roa (raw, json)
Hash identifier: gxioDwxcqBm5+Gyb1WUa3iJDrkAr2TgxQdPgH3mvM38=
Subject key identifier: C1:F1:0F:75:75:E1:19:20:AF:7D:AC:CD:74:6F:02:86:05:5F:85:72
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61DB4968CF1C10384A8A72E23D684A491055BF6C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
Signing time: Mon 16 Jun 2025 21:21:29 +0000
ROA not before: Mon 16 Jun 2025 21:21:29 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:db:49:68:cf:1c:10:38:4a:8a:72:e2:3d:68:4a:49:10:55:bf:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:21:29 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=50a3d1332ab52ba0c74c0d81b7ea7da8e55152ac6f2cad5660e2efb4aae48b2c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:97:12:95:61:2b:15:2d:a0:6b:52:b6:3e:c0:
b1:f1:58:dd:0a:14:74:5f:8d:67:9a:69:4a:43:de:
ed:61:a9:da:57:ed:e2:67:f6:ab:ce:ca:3a:b9:62:
e4:db:8c:ba:ba:6f:79:56:87:09:ac:4b:08:64:da:
01:1f:ee:90:19:7f:72:b0:03:c1:e2:6e:1d:b7:6f:
65:b6:ce:bc:d8:a2:32:78:10:61:4f:93:06:fe:da:
48:26:db:56:d4:ed:9b:b4:c5:c7:9c:da:b8:c4:6a:
4a:2e:26:1f:7a:f8:38:26:50:2d:1b:54:ab:e0:4b:
97:8d:45:77:b2:f5:17:a5:8e:f5:4e:81:32:94:74:
32:13:98:f0:70:e9:e8:39:4e:07:d9:1c:f1:e0:26:
56:4f:ba:ce:ea:e9:60:ba:f9:0a:16:ff:79:81:2d:
70:0f:88:c6:c1:1b:b3:19:5e:7a:0a:88:29:da:29:
42:c7:12:e6:c5:fd:14:8f:ff:5a:29:e6:b1:0b:fb:
ec:b8:e0:c7:60:c9:af:88:d0:34:9a:ad:82:c4:64:
a3:6d:d5:8b:df:ad:83:fd:ee:eb:d4:5f:41:94:7b:
77:c3:ab:f8:cf:65:b5:4a:1f:b5:8e:5c:7d:45:93:
e0:72:3d:ea:ee:8c:ab:fa:8b:97:1a:a6:4e:bf:4d:
c2:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F1:0F:75:75:E1:19:20:AF:7D:AC:CD:74:6F:02:86:05:5F:85:72
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:2000::/40
Signature Algorithm: sha256WithRSAEncryption
ca:93:24:60:f7:4d:10:5c:95:9e:ca:93:d5:63:e8:99:c5:f6:
ff:a3:d7:77:b8:20:11:df:a4:32:c2:a2:e4:83:97:0f:00:b3:
af:33:3d:2d:13:20:41:b2:27:18:d7:ab:bb:f9:09:bf:f2:c1:
b4:2c:d6:a8:ac:2c:0c:e1:3f:54:e6:b0:0d:34:db:fb:9c:4c:
47:13:1c:c4:03:e9:ee:2b:71:cb:72:44:7b:76:44:44:9b:69:
45:15:6a:10:a3:b7:df:11:e1:c0:73:ff:e3:41:17:45:fa:0d:
28:e3:ee:4c:56:98:f5:88:b8:d8:17:7f:d6:85:dd:77:52:0e:
5d:68:b0:ac:0b:cb:24:ad:cb:66:23:c5:15:43:cd:0a:cd:f3:
94:14:9d:18:69:01:da:b1:90:14:6c:7f:ae:c0:32:b7:97:0d:
26:51:ca:6a:a1:12:a0:14:4c:44:9a:ad:41:72:85:34:84:98:
42:e0:ba:9b:b3:8c:fe:4c:c3:eb:32:e2:75:d2:a1:04:fc:c6:
ff:53:d9:ae:80:e1:52:07:ba:bb:06:f9:95:f3:5a:71:71:3a:
7b:88:70:2b:44:8f:66:af:a8:eb:10:9b:91:6d:64:83:65:dc:
ff:80:ea:97:e2:e1:9a:84:14:19:fa:f8:c3:3f:98:68:eb:33:
80:85:a3:a2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYdtJaM8cEDhKinLiPWhKSRBVv2wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIxMjlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwYTNkMTMzMmFiNTJiYTBjNzRjMGQ4MWI3ZWE3ZGE4ZTU1MTUyYWM2ZjJj
YWQ1NjYwZTJlZmI0YWFlNDhiMmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSXEpVhKxUtoGtStj7AsfFY3QoUdF+NZ5ppSkPe7WGp2lft4mf2q87KOrli
5NuMurpveVaHCaxLCGTaAR/ukBl/crADweJuHbdvZbbOvNiiMngQYU+TBv7aSCbb
VtTtm7TFx5zauMRqSi4mH3r4OCZQLRtUq+BLl41Fd7L1F6WO9U6BMpR0MhOY8HDp
6DlOB9kc8eAmVk+6zurpYLr5Chb/eYEtcA+IxsEbsxleegqIKdopQscS5sX9FI//
WinmsQv77Ljgx2DJr4jQNJqtgsRko23Vi9+tg/3u69RfQZR7d8Or+M9ltUoftY5c
fUWT4HI96u6Mq/qLlxqmTr9NwrMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTB8Q91
deEZIK99rM10bwKGBV+FcjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRiNjljMDItYTExNy00MmRmLTg5YTAtYjQ2M2ZhODA5ZjJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYg
MA0GCSqGSIb3DQEBCwUAA4IBAQDKkyRg900QXJWeypPVY+iZxfb/o9d3uCAR36Qy
wqLkg5cPALOvMz0tEyBBsicY16u7+Qm/8sG0LNaorCwM4T9U5rANNNv7nExHExzE
A+nuK3HLckR7dkREm2lFFWoQo7ffEeHAc//jQRdF+g0o4+5MVpj1iLjYF3/Whd13
Ug5daLCsC8skrctmI8UVQ80KzfOUFJ0YaQHasZAUbH+uwDK3lw0mUcpqoRKgFExE
mq1BcoU0hJhC4Lqbs4z+TMPrMuJ10qEE/Mb/U9mugOFSB7q7BvmV81pxcTp7iHAr
RI9mr6jrEJuRbWSDZdz/gOqX4uGahBQZ+vjDP5ho6zOAhaOi
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:22:52 2025 by rpki-client