Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa
File: 9963ca7c-f411-4aae-ac61-2c650f8269e0.roa (raw, json)
Hash identifier: crzletQdYOG4gUwGawq0taoGnmpo5Z3SekDSUlwrG/I=
Subject key identifier: 81:9B:76:1B:3F:B0:58:12:7C:71:CF:1F:BA:3F:CD:16:BE:08:2C:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2EAFBEE8C2AF8461593A9556C2AB7DFA0FE314F6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa
Signing time: Mon 16 Jun 2025 21:30:24 +0000
ROA not before: Mon 16 Jun 2025 21:30:24 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:af:be:e8:c2:af:84:61:59:3a:95:56:c2:ab:7d:fa:0f:e3:14:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:30:24 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=5b5c82fb4f51bbdd9b852057b7f011d6a075eeaac3b794f60531d638af046451, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:39:19:82:25:81:10:d0:0d:59:f6:6e:4b:4e:
c9:15:87:75:45:7c:b3:8d:8c:24:cc:89:c3:97:d9:
a8:04:f9:47:2f:f4:b2:67:80:bd:a8:44:95:8d:de:
49:1e:9f:4c:e7:a6:c7:be:e6:80:db:ba:cf:c2:79:
b2:25:1f:fe:c9:35:b2:72:77:cd:d1:ae:26:d0:80:
8d:7d:7a:b0:f1:27:81:a0:ec:ad:0d:c3:c7:5f:5c:
81:34:ee:57:a5:2b:25:29:be:8a:cc:e7:44:a5:61:
65:e1:68:3d:b4:c4:5d:74:41:7b:8a:57:4d:55:24:
11:d6:43:30:e3:5d:1b:05:0f:cb:35:65:1d:c5:ee:
d6:b3:e0:79:3f:a9:ff:38:8f:36:46:fe:76:2c:82:
66:99:2e:01:fa:92:98:83:f8:e2:02:c4:04:b1:53:
9e:54:98:02:8d:ab:2c:b1:32:86:91:54:5f:37:22:
3f:51:fc:9a:0e:b2:69:ec:ff:f1:f2:12:bf:ab:2a:
f3:5a:50:4f:0d:c0:b0:ea:0d:71:3e:50:7d:14:9a:
eb:5d:cc:11:94:84:cc:f7:b5:6b:03:b2:d6:34:5a:
b0:57:19:d8:a4:0d:67:0e:a1:73:bf:0f:b9:14:fd:
4b:75:a0:ed:13:d0:bc:b1:50:af:7f:80:f4:ca:d7:
80:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:9B:76:1B:3F:B0:58:12:7C:71:CF:1F:BA:3F:CD:16:BE:08:2C:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:400::/38
Signature Algorithm: sha256WithRSAEncryption
a2:53:a3:c9:58:82:52:b9:31:0a:79:1f:9a:94:ae:30:1d:ad:
c0:d3:06:e9:bb:04:4c:02:80:41:6e:b3:25:87:fc:94:53:e8:
ea:30:7c:47:16:af:95:6f:56:9f:73:0f:09:6c:66:2d:4b:bd:
7d:2c:d8:6c:3c:93:3a:9e:f4:a4:b5:55:79:d3:f1:6a:83:c2:
95:e4:93:04:7e:06:e2:c2:f4:1e:25:21:c0:03:89:e8:2a:52:
a0:8a:0f:63:a3:e6:6c:36:e6:35:a5:35:2b:ba:a4:0c:e1:14:
22:d8:bf:bd:cb:e1:44:95:9e:54:a6:39:21:57:c3:89:c6:36:
2b:41:c4:75:fd:05:5d:a6:43:1c:0e:cd:c8:99:cc:dd:ab:f9:
71:69:32:2c:79:e7:71:45:87:53:26:d1:8b:f3:63:dc:d4:ce:
54:5d:66:60:00:d2:ed:e5:7f:e2:18:9a:80:75:4c:e4:78:84:
a7:da:50:21:dc:aa:aa:71:0a:e7:07:d4:e6:8f:6d:a4:52:ff:
3d:21:98:13:7f:7c:9e:a5:41:31:d7:11:f1:b7:02:6c:16:c9:
d6:3b:11:97:81:e5:8d:98:52:f3:d9:41:e4:69:08:a4:ce:98:
00:26:00:1b:3a:eb:8c:8b:c3:cd:50:05:b0:7f:bf:df:77:d7:
76:bb:ff:1f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULq++6MKvhGFZOpVWwqt9+g/jFPYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMwMjRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDViNWM4MmZiNGY1MWJiZGQ5Yjg1MjA1N2I3ZjAxMWQ2YTA3NWVlYWFjM2I3
OTRmNjA1MzFkNjM4YWYwNDY0NTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL05GYIlgRDQDVn2bktOyRWHdUV8s42MJMyJw5fZqAT5Ry/0smeAvahElY3e
SR6fTOemx77mgNu6z8J5siUf/sk1snJ3zdGuJtCAjX16sPEngaDsrQ3Dx19cgTTu
V6UrJSm+isznRKVhZeFoPbTEXXRBe4pXTVUkEdZDMONdGwUPyzVlHcXu1rPgeT+p
/ziPNkb+diyCZpkuAfqSmIP44gLEBLFTnlSYAo2rLLEyhpFUXzciP1H8mg6yaez/
8fISv6sq81pQTw3AsOoNcT5QfRSa613MEZSEzPe1awOy1jRasFcZ2KQNZw6hc78P
uRT9S3Wg7RPQvLFQr3+A9MrXgNcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSBm3Yb
P7BYEnxxzx+6P80WvggsbzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk2M2NhN2MtZjQxMS00YWFlLWFjNjEtMmM2NTBmODI2OWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEE
MA0GCSqGSIb3DQEBCwUAA4IBAQCiU6PJWIJSuTEKeR+alK4wHa3A0wbpuwRMAoBB
brMlh/yUU+jqMHxHFq+Vb1afcw8JbGYtS719LNhsPJM6nvSktVV50/Fqg8KV5JME
fgbiwvQeJSHAA4noKlKgig9jo+ZsNuY1pTUruqQM4RQi2L+9y+FElZ5UpjkhV8OJ
xjYrQcR1/QVdpkMcDs3Imczdq/lxaTIseedxRYdTJtGL82Pc1M5UXWZgANLt5X/i
GJqAdUzkeISn2lAh3KqqcQrnB9Tmj22kUv89IZgTf3yepUEx1xHxtwJsFsnWOxGX
geWNmFLz2UHkaQikzpgAJgAbOuuMi8PNUAWwf7/fd9d2u/8f
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:34:39 2025 by rpki-client