Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
File: 9902e563-fe64-4a01-9616-0424a53839fb.roa (raw, json)
Hash identifier: E5FVq/Na+Wso+1htENZj+lvkApmaxN1KUCX+ksff8N8=
Subject key identifier: 41:59:8D:85:BE:3B:86:38:EC:CB:C6:EC:59:62:D8:E2:2C:53:14:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F975EB48B82C3EC235A0F2CE52EC876216133DE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
Signing time: Mon 16 Jun 2025 20:00:55 +0000
ROA not before: Mon 16 Jun 2025 20:00:55 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:97:5e:b4:8b:82:c3:ec:23:5a:0f:2c:e5:2e:c8:76:21:61:33:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:55 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f39f39365a86905aa2e8bb05a2e2ae7944d7bba5547a3352594758290f509bd6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:98:e8:7c:85:02:66:7c:aa:82:f2:ad:b4:86:
16:e4:ae:7d:07:5f:c9:35:40:b8:d3:6d:87:97:e5:
e1:30:c5:2e:ed:25:43:5b:0c:c4:59:0e:24:1d:9a:
28:ff:91:ce:cc:4e:ad:a6:df:d0:9f:ea:03:16:ab:
dd:7a:9c:fa:0b:d6:f2:5b:ad:87:95:4b:2a:ac:ba:
9e:a1:5e:d4:fd:9c:5c:06:4a:09:18:58:5b:7b:b2:
cc:8b:6b:f7:ff:da:29:8d:2e:a4:f7:7e:90:9c:47:
ab:1f:19:81:c6:83:49:55:40:c4:7e:2a:ae:d6:1e:
bb:d4:2b:0c:69:f3:d4:4c:43:6e:28:8b:2f:ba:a5:
a5:31:55:1e:a5:bf:59:cc:19:72:d6:80:bd:bc:94:
ad:60:87:01:30:ce:d1:8b:cd:40:78:0a:04:44:f1:
ed:45:99:85:db:bd:59:76:f9:e3:d1:e5:a8:99:b8:
2c:aa:a1:af:ea:c7:8d:e9:5a:8b:91:59:ba:29:8c:
6a:a2:24:cc:b6:9c:bc:d5:66:49:56:b4:25:cd:ce:
07:55:5e:1d:fe:03:82:de:09:6d:c0:f1:68:db:46:
7b:4c:61:62:70:e1:9d:fa:09:2e:dd:0f:bc:1b:1a:
06:19:17:73:5e:89:ce:9f:60:f5:db:8c:b3:61:8c:
83:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:59:8D:85:BE:3B:86:38:EC:CB:C6:EC:59:62:D8:E2:2C:53:14:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
c2:b4:8c:33:e6:97:9f:b8:7d:cf:0e:7b:52:cd:72:51:53:d8:
47:02:75:2f:2d:2d:08:e4:f6:42:5a:59:f7:5c:2e:86:34:8a:
08:30:60:70:c1:3d:2b:d0:65:f5:2c:51:2c:c5:3a:8f:8f:c9:
86:c8:4c:3a:fa:1c:b7:8f:24:74:9f:88:3a:a7:92:2e:f4:0b:
f6:ae:91:12:25:39:ad:87:b0:c4:76:16:ba:f1:c1:9d:8f:7e:
45:34:73:dd:5f:a1:f0:f8:0c:c0:89:db:1b:1c:ff:c3:0a:e3:
92:44:6c:ee:04:6e:9c:70:ca:58:f7:1f:97:bf:68:2d:23:19:
46:30:6b:12:85:6e:85:00:39:9e:e7:0e:df:39:8d:e5:45:0c:
68:03:d8:d0:33:95:c5:77:83:0d:d5:5f:05:48:43:58:69:38:
87:12:d8:97:f2:e1:2e:f8:d4:90:97:47:83:ee:72:b0:0a:4d:
fa:2d:2a:5e:1f:bb:75:b6:c9:82:45:82:4f:dc:6c:ef:fe:6d:
fa:cb:06:f4:a8:81:8b:dd:70:f0:60:a1:7c:bc:ef:11:e9:11:
aa:9c:88:2c:17:47:b6:9e:17:f4:d0:f8:68:8e:ab:be:ab:bc:
49:8c:f2:3e:cb:d2:6b:c0:e5:1f:42:d8:90:3f:92:13:4a:51:
f1:f5:7c:7f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUf5detIuCw+wjWg8s5S7IdiFhM94wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwNTVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzOWYzOTM2NWE4NjkwNWFhMmU4YmIwNWEyZTJhZTc5NDRkN2JiYTU1NDdh
MzM1MjU5NDc1ODI5MGY1MDliZDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSY6HyFAmZ8qoLyrbSGFuSufQdfyTVAuNNth5fl4TDFLu0lQ1sMxFkOJB2a
KP+RzsxOrabf0J/qAxar3Xqc+gvW8luth5VLKqy6nqFe1P2cXAZKCRhYW3uyzItr
9//aKY0upPd+kJxHqx8ZgcaDSVVAxH4qrtYeu9QrDGnz1ExDbiiLL7qlpTFVHqW/
WcwZctaAvbyUrWCHATDO0YvNQHgKBETx7UWZhdu9WXb549HlqJm4LKqhr+rHjela
i5FZuimMaqIkzLacvNVmSVa0Jc3OB1VeHf4Dgt4JbcDxaNtGe0xhYnDhnfoJLt0P
vBsaBhkXc16Jzp9g9duMs2GMg3MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRBWY2F
vjuGOOzLxuxZYtjiLFMUXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTkwMmU1NjMtZmU2NC00YTAxLTk2MTYtMDQyNGE1MzgzOWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
wDANBgkqhkiG9w0BAQsFAAOCAQEAwrSMM+aXn7h9zw57Us1yUVPYRwJ1Ly0tCOT2
QlpZ91wuhjSKCDBgcME9K9Bl9SxRLMU6j4/JhshMOvoct48kdJ+IOqeSLvQL9q6R
EiU5rYewxHYWuvHBnY9+RTRz3V+h8PgMwInbGxz/wwrjkkRs7gRunHDKWPcfl79o
LSMZRjBrEoVuhQA5nucO3zmN5UUMaAPY0DOVxXeDDdVfBUhDWGk4hxLYl/LhLvjU
kJdHg+5ysApN+i0qXh+7dbbJgkWCT9xs7/5t+ssG9KiBi91w8GChfLzvEekRqpyI
LBdHtp4X9ND4aI6rvqu8SYzyPsvSa8DlH0LYkD+SE0pR8fV8fw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:05:42 2025 by rpki-client