Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
File: 9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa (raw, json)
Hash identifier: VjrVMUg1+a+cpW0n2aV6uv3o1RBLfqtOplfMSfsc4+Q=
Subject key identifier: 7D:D1:F4:54:84:2A:2F:78:09:E3:6F:DB:FB:D9:C9:5D:C8:A6:F3:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 408AB4DF971E248ABD2155AE8DF699FA88FD9ECF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
Signing time: Mon 16 Jun 2025 21:11:19 +0000
ROA not before: Mon 16 Jun 2025 21:11:19 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:8a:b4:df:97:1e:24:8a:bd:21:55:ae:8d:f6:99:fa:88:fd:9e:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:11:19 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=b59f99ff5187f7751ab29a05a5e3d575c0f1353491d8a9bf03598099b2c0c7f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f5:2e:be:a9:1a:16:d6:33:29:9a:7c:d3:80:
96:0f:60:3c:5b:69:37:98:ba:47:f6:b7:2c:68:14:
88:e0:89:20:a7:ef:be:d7:da:1a:b8:8a:62:9e:d8:
3c:81:db:44:84:ec:4a:01:6b:7f:ca:3e:3c:b1:1e:
72:13:18:d6:ae:34:d2:aa:aa:01:51:b7:37:20:3f:
90:16:52:18:98:f9:50:28:0e:55:f1:e6:c0:0b:6c:
6a:f2:c8:ca:b4:63:d6:8b:ac:56:dd:07:6d:7d:92:
8a:88:8c:35:a4:47:42:4f:2b:43:3c:9f:39:5c:00:
c8:31:da:c3:7b:65:52:a9:1e:ab:07:f7:84:c9:27:
88:74:56:17:e5:9b:76:b1:13:1a:ec:53:e9:45:97:
0c:da:9f:21:31:a1:0c:8c:fa:35:1d:47:f7:df:65:
74:97:13:9b:ac:b4:f5:7c:0b:6b:c3:82:aa:f3:51:
52:7b:8d:01:80:92:66:a0:dc:21:31:af:59:36:62:
0d:aa:f0:e5:77:bc:0a:e1:74:6a:97:f2:e0:74:08:
1e:64:3d:65:60:cf:a1:15:7b:a9:86:8c:9b:bb:31:
f5:03:78:33:5c:6b:83:34:f0:ab:e4:2f:b8:40:9b:
0f:2a:44:80:48:2d:b7:d0:34:89:5b:6f:cd:a4:90:
52:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D1:F4:54:84:2A:2F:78:09:E3:6F:DB:FB:D9:C9:5D:C8:A6:F3:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:a000::/40
Signature Algorithm: sha256WithRSAEncryption
01:64:72:7e:95:bf:e0:9a:58:97:d2:9b:89:59:8b:c8:bd:a5:
d4:ea:ae:ee:5a:9d:87:b9:b9:32:d4:3d:c2:9d:14:66:ec:f6:
63:e4:ff:dd:a8:58:0f:5a:01:86:3a:a2:ef:72:e1:dd:10:fb:
55:5b:71:4d:7b:4b:54:7e:f7:bf:1a:30:c8:dc:63:c7:c0:4c:
58:7c:c8:f5:50:e1:18:cc:e7:8e:4d:f9:92:9f:a0:63:fa:c6:
20:43:ed:4c:9d:c1:83:b4:6b:65:4c:c4:e7:d3:f3:05:93:47:
db:89:1c:2f:ac:e8:f1:58:d4:f8:f7:32:7f:e8:b0:52:a0:f3:
79:8e:7a:81:f6:fa:b5:b9:bd:b7:fa:af:1c:2f:05:c3:a6:47:
69:19:f1:9f:6b:47:4e:05:5c:bf:9e:fb:c1:a1:46:27:00:bf:
e6:59:a2:70:cd:58:7a:6d:4d:4f:ad:a6:70:5b:75:7e:f3:dd:
e1:5e:b0:12:f6:c8:de:50:65:3f:96:9c:4c:e2:ee:4d:d8:ed:
c7:bd:f2:dc:f4:83:4f:fe:e7:89:f1:91:ea:d0:50:f7:4a:55:
d8:69:1b:0a:75:eb:a4:81:c5:4f:ce:36:79:79:05:bd:29:a8:
35:1e:bf:87:25:d8:94:fd:2f:74:58:2b:99:8c:ca:00:39:5b:
8d:39:c8:f1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQIq035ceJIq9IVWujfaZ+oj9ns8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTExMTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1OWY5OWZmNTE4N2Y3NzUxYWIyOWEwNWE1ZTNkNTc1YzBmMTM1MzQ5MWQ4
YTliZjAzNTk4MDk5YjJjMGM3ZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJv1Lr6pGhbWMymafNOAlg9gPFtpN5i6R/a3LGgUiOCJIKfvvtfaGriKYp7Y
PIHbRITsSgFrf8o+PLEechMY1q400qqqAVG3NyA/kBZSGJj5UCgOVfHmwAtsavLI
yrRj1ousVt0HbX2SioiMNaRHQk8rQzyfOVwAyDHaw3tlUqkeqwf3hMkniHRWF+Wb
drETGuxT6UWXDNqfITGhDIz6NR1H999ldJcTm6y09XwLa8OCqvNRUnuNAYCSZqDc
ITGvWTZiDarw5Xe8CuF0apfy4HQIHmQ9ZWDPoRV7qYaMm7sx9QN4M1xrgzTwq+Qv
uECbDypEgEgtt9A0iVtvzaSQUjECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR90fRU
hCoveAnjb9v72cldyKbzezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQyZWEyYWEtZDQwYS00OWE3LWFiMDAtNDRmZjVkYmY3MjliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGg
MA0GCSqGSIb3DQEBCwUAA4IBAQABZHJ+lb/gmliX0puJWYvIvaXU6q7uWp2Hubky
1D3CnRRm7PZj5P/dqFgPWgGGOqLvcuHdEPtVW3FNe0tUfve/GjDI3GPHwExYfMj1
UOEYzOeOTfmSn6Bj+sYgQ+1MncGDtGtlTMTn0/MFk0fbiRwvrOjxWNT49zJ/6LBS
oPN5jnqB9vq1ub23+q8cLwXDpkdpGfGfa0dOBVy/nvvBoUYnAL/mWaJwzVh6bU1P
raZwW3V+893hXrAS9sjeUGU/lpxM4u5N2O3HvfLc9INP/ueJ8ZHq0FD3SlXYaRsK
deukgcVPzjZ5eQW9Kag1Hr+HJdiU/S90WCuZjMoAOVuNOcjx
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:58 2025 by rpki-client