Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
File: 99ffa238-9133-4fa5-ad84-49e67d34854a.roa (raw, json)
Hash identifier: 00fRmBfVPWSEd+DJUQaf4uPBmvzvYDiBeXRlMi0+6Ng=
Subject key identifier: 97:35:41:9C:42:D9:B7:6D:DC:37:EA:F0:3A:57:70:16:B8:34:81:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06B5B7BD643441306859B9626B5467984E8BCD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
Signing time: Mon 16 Jun 2025 21:41:00 +0000
ROA not before: Mon 16 Jun 2025 21:41:00 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02a::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:b5:b7:bd:64:34:41:30:68:59:b9:62:6b:54:67:98:4e:8b:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:41:00 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=33cf5facfb98de9b7d7de0e5feafdf501dd3ec3e1e0036b3a3a97b3aea00e777, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b8:cc:1d:58:2e:0d:5f:bc:a5:00:1d:18:42:
93:54:1f:57:ad:cf:8e:f8:5d:c5:48:61:66:1a:03:
cf:a7:3f:99:c0:1c:9c:db:4a:c1:8c:10:98:40:13:
7d:34:38:90:8b:c9:69:78:c5:2a:e1:b8:e3:f1:17:
1f:ec:a2:88:bc:1f:6d:6a:d8:cd:d9:91:3f:f3:2b:
c8:71:bf:a1:31:93:6a:0a:86:37:75:45:92:1f:b1:
3b:9b:b2:8b:8e:fa:33:22:fb:e6:fb:d2:86:11:09:
c3:3d:73:f2:85:a9:54:b3:16:2d:77:47:cd:09:8a:
3b:b0:a1:2b:18:77:1f:a6:b4:6f:92:ce:4e:7b:d5:
32:90:96:a3:ea:86:ef:c9:5c:84:db:e3:aa:b7:4a:
71:28:f3:00:ff:5f:4f:50:73:ef:b2:72:6c:42:1d:
fe:de:de:99:a9:b0:d7:8f:ea:bc:d3:86:77:78:57:
80:b1:04:da:b4:35:42:b4:84:4e:98:d3:4e:3b:88:
b5:76:27:52:1a:ce:b5:37:4a:93:20:61:69:78:1a:
b8:84:5e:fb:fa:d7:33:d0:78:1c:f9:c6:c7:33:ae:
87:2c:47:8f:ba:cb:69:67:62:e6:eb:4e:8c:7b:18:
94:22:56:85:44:2c:70:3a:7d:c8:56:66:d7:51:02:
cf:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:35:41:9C:42:D9:B7:6D:DC:37:EA:F0:3A:57:70:16:B8:34:81:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02a::/36
Signature Algorithm: sha256WithRSAEncryption
77:3f:c3:d7:81:79:07:3e:1f:36:ec:b3:44:49:71:0c:2f:72:
7d:7c:ae:bf:56:5d:be:f9:06:c0:3b:84:e7:2d:7e:89:f7:fd:
f5:4d:1d:fd:87:41:d2:9b:77:48:13:2a:2f:6d:d6:0d:15:c7:
81:b8:e7:73:9f:e2:20:3a:9e:41:94:a7:a3:51:82:42:f7:0c:
1a:fb:b7:b7:0c:8b:03:a7:18:e8:9a:7b:8b:a1:35:f9:03:8f:
31:d8:48:32:ed:69:c3:51:f3:f5:7b:e7:ab:b6:85:df:93:bc:
14:17:80:aa:5f:c9:c6:66:c4:3f:e9:23:c8:fc:e3:15:18:e6:
33:aa:63:3c:bf:ee:01:44:e5:9f:fc:ec:ba:f7:ba:1c:da:fd:
6a:f1:8e:58:e5:a7:b8:63:cf:7a:21:4f:77:97:40:16:ca:13:
a0:ab:37:50:89:47:d9:7c:cf:20:10:a8:0b:79:49:25:3e:6b:
5a:b8:e8:2a:ae:f7:2d:1c:fd:90:50:62:b7:9e:d0:d5:1d:4c:
0a:68:04:02:65:ae:b2:a5:39:0f:3d:41:8b:5b:b8:07:53:3a:
68:c3:75:8b:74:06:dc:55:06:a7:0b:15:99:61:44:0b:61:96:
b5:fb:8f:d3:91:9a:f6:a8:33:cb:b0:6b:33:67:ee:6f:4c:09:
32:88:85:5a
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgITBrW3vWQ0QTBoWblia1RnmE6LzTANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDYxNjIxNDEwMFoXDTI1MDcyMTIzNTk1OVowejFJMEcGA1UE
BRNAMzNjZjVmYWNmYjk4ZGU5YjdkN2RlMGU1ZmVhZmRmNTAxZGQzZWMzZTFlMDAz
NmIzYTNhOTdiM2FlYTAwZTc3NzEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwrjMHVguDV+8pQAdGEKTVB9Xrc+O+F3FSGFmGgPPpz+ZwByc20rBjBCYQBN9
NDiQi8lpeMUq4bjj8Rcf7KKIvB9tatjN2ZE/8yvIcb+hMZNqCoY3dUWSH7E7m7KL
jvozIvvm+9KGEQnDPXPyhalUsxYtd0fNCYo7sKErGHcfprRvks5Oe9UykJaj6obv
yVyE2+Oqt0pxKPMA/19PUHPvsnJsQh3+3t6ZqbDXj+q804Z3eFeAsQTatDVCtIRO
mNNOO4i1didSGs61N0qTIGFpeBq4hF77+tcz0Hgc+cbHM66HLEePustpZ2Lm606M
exiUIlaFRCxwOn3IVmbXUQLPIQIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFJc1QZxC
2bdt3Dfq8DpXcBa4NIEKMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC85
OWZmYTIzOC05MTMzLTRmYTUtYWQ4NC00OWU2N2QzNDg1NGEucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgXQKgAw
DQYJKoZIhvcNAQELBQADggEBAHc/w9eBeQc+Hzbss0RJcQwvcn18rr9WXb75BsA7
hOctfon3/fVNHf2HQdKbd0gTKi9t1g0Vx4G453Of4iA6nkGUp6NRgkL3DBr7t7cM
iwOnGOiae4uhNfkDjzHYSDLtacNR8/V756u2hd+TvBQXgKpfycZmxD/pI8j84xUY
5jOqYzy/7gFE5Z/87Lr3uhza/Wrxjljlp7hjz3ohT3eXQBbKE6CrN1CJR9l8zyAQ
qAt5SSU+a1q46Cqu9y0c/ZBQYree0NUdTApoBAJlrrKlOQ89QYtbuAdTOmjDdYt0
BtxVBqcLFZlhRAthlrX7j9ORmvaoM8uwazNn7m9MCTKIhVo=
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:38 2025 by rpki-client