Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
File: 99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa (raw, json)
Hash identifier: bOSRJSNcct8M/3lWJE02s8IVFYMz08PARvzuRDf/xsY=
Subject key identifier: 04:5D:24:BD:AA:6A:A1:2D:2F:81:E9:7C:3A:7E:6D:B1:6B:69:AD:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 694F4CBBD65B912AABE18033DFE59FB3D14AC9CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
Signing time: Wed 18 Jun 2025 00:30:34 +0000
ROA not before: Wed 18 Jun 2025 00:30:34 +0000
ROA not after: Wed 23 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:4f:4c:bb:d6:5b:91:2a:ab:e1:80:33:df:e5:9f:b3:d1:4a:c9:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 18 00:30:34 2025 GMT
Not After : Jul 23 23:59:59 2025 GMT
Subject: serialNumber=b5994c39fb88a6206e4f2b2a96d48b265c853595f5c7b02b9814b5606df0e2f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:79:9f:0e:41:bb:fc:44:f0:b9:57:f4:fb:ec:
01:47:ec:05:39:46:86:bc:79:fb:ee:df:a5:b3:92:
e4:12:7b:6e:c8:fd:31:22:f5:c1:d2:2f:47:d5:bc:
5c:14:69:07:46:37:2c:8f:3d:9d:39:85:3b:91:5f:
85:bf:c8:2d:05:ef:e9:40:6f:94:e7:1a:2c:50:fb:
3f:f7:c7:66:28:63:3a:57:27:9a:ac:df:ab:c6:04:
b0:00:10:f5:c4:e5:84:92:db:d3:3e:ba:6f:7e:44:
c7:4f:24:4a:8c:1d:59:56:df:d1:43:d8:1c:ab:1a:
83:3d:58:e8:1c:ad:27:eb:11:10:0a:7e:82:db:c3:
b3:5d:25:b3:79:c4:d3:ed:74:36:fc:7c:57:e7:7e:
04:23:df:17:df:9f:49:ec:ed:1c:88:af:86:6d:2b:
d5:63:fb:bf:41:db:12:a5:fa:74:8a:e4:f8:1a:9e:
b8:e3:18:f0:9d:b4:e7:b8:5b:c5:69:50:e4:bd:74:
bb:e7:92:87:80:2f:6d:43:e6:88:e4:d2:86:e9:a4:
d6:66:d7:d4:18:b9:4c:7f:97:06:da:11:db:76:55:
18:90:d1:1e:a2:67:f0:8f:36:49:3c:51:9d:35:91:
cd:ae:66:a2:2c:62:5a:0b:6c:c6:98:80:6f:4f:4a:
fb:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:5D:24:BD:AA:6A:A1:2D:2F:81:E9:7C:3A:7E:6D:B1:6B:69:AD:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1000::/38
Signature Algorithm: sha256WithRSAEncryption
83:1c:d0:1e:ba:c0:52:a2:0b:62:02:d4:f6:b5:eb:c9:73:c1:
fb:49:33:cb:56:9c:5c:1b:98:dc:08:2b:00:cc:d1:76:94:e2:
f7:13:ce:f6:64:95:de:96:d2:92:72:6b:b8:a9:fa:03:b6:0f:
d1:91:5d:20:fd:cd:08:17:85:c2:5e:44:f4:1b:0e:31:b3:70:
6f:77:47:48:2a:1b:00:18:25:9f:ea:10:38:55:ad:46:9f:79:
51:94:55:3b:3a:36:cb:d0:b6:67:fc:96:6e:9b:a2:ae:b0:f7:
2f:bd:23:3f:73:98:0c:32:3b:7c:17:ad:5c:e2:e4:3e:b3:bc:
82:ea:f6:d4:90:5b:01:30:24:52:ba:c7:18:72:6f:9b:2c:07:
1b:1c:e9:2a:85:b0:e4:dd:6b:0d:2e:b1:2f:d3:96:73:0e:21:
ad:df:76:f8:ed:62:ba:d8:0a:04:db:01:de:0b:70:7b:e0:4e:
c9:a3:87:eb:c6:fa:1b:c9:f2:5c:4f:85:66:c3:1c:27:6f:89:
f7:0f:c2:63:be:ac:d8:07:3d:39:4b:80:aa:35:cb:ab:c4:3a:
38:ce:b4:ea:5e:0f:c8:a0:c9:d6:65:61:33:31:45:43:d7:41:
17:53:e4:8d:70:df:c3:16:ca:bf:16:62:56:4b:94:8b:d2:ea:
da:9b:5d:e8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaU9Mu9ZbkSqr4YAz3+Wfs9FKycswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTgwMDMwMzRaFw0yNTA3MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1OTk0YzM5ZmI4OGE2MjA2ZTRmMmIyYTk2ZDQ4YjI2NWM4NTM1OTVmNWM3
YjAyYjk4MTRiNTYwNmRmMGUyZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJZ5nw5Bu/xE8LlX9PvsAUfsBTlGhrx5++7fpbOS5BJ7bsj9MSL1wdIvR9W8
XBRpB0Y3LI89nTmFO5Ffhb/ILQXv6UBvlOcaLFD7P/fHZihjOlcnmqzfq8YEsAAQ
9cTlhJLb0z66b35Ex08kSowdWVbf0UPYHKsagz1Y6BytJ+sREAp+gtvDs10ls3nE
0+10Nvx8V+d+BCPfF9+fSeztHIivhm0r1WP7v0HbEqX6dIrk+BqeuOMY8J2057hb
xWlQ5L10u+eSh4AvbUPmiOTShumk1mbX1Bi5TH+XBtoR23ZVGJDRHqJn8I82STxR
nTWRza5moixiWgtsxpiAb09K+zkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQEXSS9
qmqhLS+B6Xw6fm2xa2mtjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTliYzUyZjMtYjRmNS00NGViLTlhNTMtYzc0ZGEzZTk3MTNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCDHNAeusBSogtiAtT2tevJc8H7STPLVpxcG5jc
CCsAzNF2lOL3E872ZJXeltKScmu4qfoDtg/RkV0g/c0IF4XCXkT0Gw4xs3Bvd0dI
KhsAGCWf6hA4Va1Gn3lRlFU7OjbL0LZn/JZum6KusPcvvSM/c5gMMjt8F61c4uQ+
s7yC6vbUkFsBMCRSuscYcm+bLAcbHOkqhbDk3WsNLrEv05ZzDiGt33b47WK62AoE
2wHeC3B74E7Jo4frxvobyfJcT4Vmwxwnb4n3D8JjvqzYBz05S4CqNcurxDo4zrTq
Xg/IoMnWZWEzMUVD10EXU+SNcN/DFsq/FmJWS5SL0uram13o
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:25 2025 by rpki-client