Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d5fdc3a-1bfd-4677-9e52-a12c872852f2.roa
File: 9d5fdc3a-1bfd-4677-9e52-a12c872852f2.roa (raw, json)
Hash identifier: NUweCQXyYx3bRAJQCVICyL1DtZ+PPUDHf48hMw9Zfls=
Subject key identifier: 4C:9D:BC:38:3A:E7:71:B8:E2:2D:98:12:BE:1F:60:D4:9B:CD:D8:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F9DE7F1B331A57567D297E0F387D45FBF6A762D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d5fdc3a-1bfd-4677-9e52-a12c872852f2.roa
Signing time: Mon 16 Jun 2025 21:41:27 +0000
ROA not before: Mon 16 Jun 2025 21:41:27 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:9d:e7:f1:b3:31:a5:75:67:d2:97:e0:f3:87:d4:5f:bf:6a:76:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:41:27 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=7b30de61e30dd24581c0af89bf87ce29e8f845eab334ec52aa8a7ca5d8e90a23, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a6:02:9c:37:b8:5c:af:e3:b4:ae:12:5a:fa:
be:12:3c:59:e2:92:ba:0a:95:41:43:64:74:8e:ed:
63:06:f8:da:e1:5b:da:35:53:96:05:f6:83:04:51:
3e:1e:f8:d7:11:c5:8b:65:8e:d3:3e:00:e0:f7:a1:
af:6e:7c:13:56:ac:60:da:f1:d4:4a:b6:64:c1:d6:
da:8e:93:1b:33:d8:95:df:c1:53:e2:7a:4e:3c:3d:
e6:5f:09:ae:28:4f:df:16:5e:b7:0e:30:07:59:d0:
ac:a7:f5:73:91:49:cf:3d:01:a9:a6:81:3a:e6:5d:
7d:3e:66:f0:10:c4:0a:13:31:77:95:39:e7:57:9f:
06:e2:cd:a4:7e:b6:92:8f:ef:4d:10:f9:08:09:4b:
bb:cf:f5:55:0d:8d:12:02:3b:a8:c8:5f:85:da:e0:
4c:60:0f:f3:d2:4b:20:fc:f8:e7:bd:d3:fa:31:27:
3b:c4:68:1b:51:54:6e:d1:19:59:39:fa:5c:81:3e:
55:99:a5:ac:e5:70:80:66:f6:72:f5:d9:2e:9a:5a:
c4:76:7f:38:5d:57:ea:65:13:cd:8f:0c:5f:4f:76:
21:ce:43:a9:77:fe:51:27:14:f6:1d:79:c0:ce:bd:
41:6e:57:c5:4a:26:6d:d3:81:99:a9:44:d6:fd:7f:
c9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:9D:BC:38:3A:E7:71:B8:E2:2D:98:12:BE:1F:60:D4:9B:CD:D8:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d5fdc3a-1bfd-4677-9e52-a12c872852f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011::/36
Signature Algorithm: sha256WithRSAEncryption
98:1a:ce:59:e0:69:d1:04:45:9c:08:61:de:27:c7:ee:aa:ab:
5e:fd:f1:91:31:2b:4d:28:7b:88:c2:f9:17:cd:fc:c8:45:66:
65:25:20:61:39:92:21:d9:e9:0c:35:3c:44:0a:cf:67:40:61:
aa:91:11:87:e6:28:8b:43:c2:a1:3a:ad:5a:d6:81:b4:89:8b:
9e:41:87:a8:55:2a:c7:9b:da:ed:3e:fa:c4:c8:c2:31:63:ee:
f0:3a:bf:37:5b:c2:8e:7d:dd:de:ae:44:3f:0d:36:04:da:07:
e6:51:f9:87:ee:84:e3:40:b9:9e:4a:df:16:2d:39:75:cd:9e:
eb:c9:19:c0:46:eb:51:cd:f2:a5:64:05:61:cc:0f:fb:1a:ce:
24:db:98:32:b2:26:4c:18:72:c4:a7:ff:90:3e:67:a6:b6:64:
39:7e:fc:02:42:0f:8e:d0:33:ad:1e:73:f1:48:86:50:89:4a:
c3:1f:93:7a:4a:cc:dd:b9:ef:2e:1a:e4:11:73:b7:04:7f:70:
f9:96:69:a6:06:10:cd:a0:4f:8a:61:ec:b0:87:bd:25:19:e5:
b5:8c:6d:40:d2:8b:ca:02:5b:63:72:fb:00:5e:25:32:62:37:
f5:8c:d1:a0:4d:99:05:46:b5:b3:04:65:73:e6:56:7f:c6:31:
bb:56:f3:7a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD53n8bMxpXVn0pfg84fUX79qdi0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQxMjdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiMzBkZTYxZTMwZGQyNDU4MWMwYWY4OWJmODdjZTI5ZThmODQ1ZWFiMzM0
ZWM1MmFhOGE3Y2E1ZDhlOTBhMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKimApw3uFyv47SuElr6vhI8WeKSugqVQUNkdI7tYwb42uFb2jVTlgX2gwRR
Ph741xHFi2WO0z4A4Pehr258E1asYNrx1Eq2ZMHW2o6TGzPYld/BU+J6Tjw95l8J
rihP3xZetw4wB1nQrKf1c5FJzz0BqaaBOuZdfT5m8BDEChMxd5U551efBuLNpH62
ko/vTRD5CAlLu8/1VQ2NEgI7qMhfhdrgTGAP89JLIPz4573T+jEnO8RoG1FUbtEZ
WTn6XIE+VZmlrOVwgGb2cvXZLppaxHZ/OF1X6mUTzY8MX092Ic5DqXf+UScU9h15
wM69QW5XxUombdOBmalE1v1/yeECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRMnbw4
OudxuOItmBK+H2DUm83YijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQ1ZmRjM2EtMWJmZC00Njc3LTllNTItYTEyYzg3Mjg1MmYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BEA
MA0GCSqGSIb3DQEBCwUAA4IBAQCYGs5Z4GnRBEWcCGHeJ8fuqqte/fGRMStNKHuI
wvkXzfzIRWZlJSBhOZIh2ekMNTxECs9nQGGqkRGH5iiLQ8KhOq1a1oG0iYueQYeo
VSrHm9rtPvrEyMIxY+7wOr83W8KOfd3erkQ/DTYE2gfmUfmH7oTjQLmeSt8WLTl1
zZ7ryRnARutRzfKlZAVhzA/7Gs4k25gysiZMGHLEp/+QPmemtmQ5fvwCQg+O0DOt
HnPxSIZQiUrDH5N6Sszdue8uGuQRc7cEf3D5lmmmBhDNoE+KYeywh70lGeW1jG1A
0ovKAltjcvsAXiUyYjf1jNGgTZkFRrWzBGVz5lZ/xjG7VvN6
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:28 2025 by rpki-client