Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/950e9d37-a9b5-4c78-b65e-c7b45ca851c6.roa
File: 950e9d37-a9b5-4c78-b65e-c7b45ca851c6.roa (raw, json)
Hash identifier: 7vmF/Yc6mjY2dKPSc7U9T/qZg56TevopJyAJzXo07b8=
Subject key identifier: 80:8B:CE:04:1E:BD:37:52:52:55:EA:00:66:2D:B7:4B:97:5C:6E:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17FBB59C97FD714A694B9838D8985E29D26009FF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/950e9d37-a9b5-4c78-b65e-c7b45ca851c6.roa
Signing time: Thu 26 Jun 2025 19:38:53 +0000
ROA not before: Thu 26 Jun 2025 19:38:53 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:a0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:fb:b5:9c:97:fd:71:4a:69:4b:98:38:d8:98:5e:29:d2:60:09:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:38:53 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=f561b81974b4244528880e6961a5e39d6b93c129784e11aea2caf071cc6bbeb2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a3:6d:f5:fa:e9:30:c0:49:50:34:2c:95:b5:
b0:20:01:76:2a:ac:57:a3:80:e6:52:45:01:fe:aa:
a4:8c:d6:de:f8:4c:9c:60:d6:7e:96:cb:c0:1b:76:
4f:d3:2f:b7:8e:85:27:f8:0e:61:1f:d8:83:a7:e6:
2e:b2:ad:63:25:a9:da:05:49:7a:f4:b8:a4:64:00:
1c:bd:ff:e2:57:f2:2a:ef:1e:88:e4:2b:63:d3:a4:
4c:48:40:e1:5a:19:3c:03:2c:b9:87:ec:f5:0d:d3:
33:1f:59:31:2b:1e:4c:72:d2:d2:56:09:7a:2c:f2:
b9:9b:89:e6:33:82:b9:be:d6:bc:0d:d1:e5:f9:49:
8a:91:62:e3:29:44:87:62:74:eb:cb:26:96:4e:10:
cf:e2:50:df:71:4b:d2:b3:5f:79:cf:cf:86:d6:18:
0f:ec:6b:de:6f:a3:d4:b5:83:f7:16:38:7b:f5:9e:
08:8c:08:ef:5b:74:23:0c:3b:f9:30:e2:2f:0f:a0:
09:b6:3c:8f:f4:38:1e:7e:ef:97:d2:77:09:0d:81:
bc:72:c3:d8:ec:c2:74:81:df:e7:b2:f8:02:15:72:
d6:4a:80:93:f0:7d:19:bb:50:ca:07:4a:07:e6:78:
ad:34:85:a0:a7:4a:cd:3b:06:e5:b9:1a:f8:6f:ff:
6d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:8B:CE:04:1E:BD:37:52:52:55:EA:00:66:2D:B7:4B:97:5C:6E:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/950e9d37-a9b5-4c78-b65e-c7b45ca851c6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:a0c0::/46
Signature Algorithm: sha256WithRSAEncryption
4a:0e:2c:8a:57:e1:9d:bc:f0:67:b1:d9:2b:45:69:90:f9:03:
06:16:c1:87:8c:c8:41:6d:39:6b:9b:9a:c6:d2:25:81:9a:d0:
3b:26:05:f8:57:e6:f6:7d:30:cb:4f:cf:d5:73:c8:40:ec:71:
39:63:cb:ec:01:61:6b:b8:06:4d:40:cd:4b:5e:05:a6:86:be:
56:13:86:41:1a:62:28:d8:ac:ab:3b:ef:73:57:78:df:8e:6f:
97:8a:d1:a8:26:2a:02:0f:73:c6:8f:e1:03:e3:a3:1e:63:69:
37:61:a4:1c:43:9a:eb:ea:82:fd:aa:84:ac:92:22:31:66:7e:
cc:f1:f2:f2:22:02:bc:93:1e:a1:ba:04:76:02:3f:63:2e:4e:
77:23:92:dd:58:6d:5d:c7:4d:d3:bc:9f:b9:a2:33:ee:4b:4e:
33:f2:3c:49:36:3d:b2:fa:8b:27:06:6e:e3:02:1b:79:45:17:
bd:ae:ff:01:d7:f3:f3:c3:6a:f8:54:4b:ef:e8:2e:8e:5b:05:
6a:3c:5a:1c:cb:73:8e:2f:93:1b:50:4f:20:05:04:d6:17:61:
df:38:9f:bd:04:a1:60:ea:02:1d:b1:29:f6:84:e7:06:55:81:
6d:f1:24:8a:ff:7c:aa:e1:0d:7f:c2:e4:54:5e:f8:8d:60:c1:
4b:1e:41:b6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUF/u1nJf9cUppS5g42JheKdJgCf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM4NTNaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1NjFiODE5NzRiNDI0NDUyODg4MGU2OTYxYTVlMzlkNmI5M2MxMjk3ODRl
MTFhZWEyY2FmMDcxY2M2YmJlYjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmjbfX66TDASVA0LJW1sCABdiqsV6OA5lJFAf6qpIzW3vhMnGDWfpbLwBt2
T9Mvt46FJ/gOYR/Yg6fmLrKtYyWp2gVJevS4pGQAHL3/4lfyKu8eiOQrY9OkTEhA
4VoZPAMsuYfs9Q3TMx9ZMSseTHLS0lYJeizyuZuJ5jOCub7WvA3R5flJipFi4ylE
h2J068smlk4Qz+JQ33FL0rNfec/PhtYYD+xr3m+j1LWD9xY4e/WeCIwI71t0Iww7
+TDiLw+gCbY8j/Q4Hn7vl9J3CQ2BvHLD2OzCdIHf57L4AhVy1kqAk/B9GbtQygdK
B+Z4rTSFoKdKzTsG5bka+G//bZ0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSAi84E
Hr03UlJV6gBmLbdLl1xujzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTUwZTlkMzctYTliNS00Yzc4LWI2NWUtYzdiNDVjYTg1MWM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOg
wDANBgkqhkiG9w0BAQsFAAOCAQEASg4silfhnbzwZ7HZK0VpkPkDBhbBh4zIQW05
a5uaxtIlgZrQOyYF+Ffm9n0wy0/P1XPIQOxxOWPL7AFha7gGTUDNS14Fpoa+VhOG
QRpiKNisqzvvc1d4345vl4rRqCYqAg9zxo/hA+OjHmNpN2GkHEOa6+qC/aqErJIi
MWZ+zPHy8iICvJMeoboEdgI/Yy5OdyOS3VhtXcdN07yfuaIz7ktOM/I8STY9svqL
JwZu4wIbeUUXva7/Adfz88Nq+FRL7+gujlsFajxaHMtzji+TG1BPIAUE1hdh3zif
vQShYOoCHbEp9oTnBlWBbfEkiv98quENf8LkVF74jWDBSx5Btg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:11 2025 by rpki-client