Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
File: 9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa (raw, json)
Hash identifier: VfotoXb9eoKnOsPLrbkTBex/59aGujiFaZzeqw6qJNM=
Subject key identifier: 77:14:3D:7F:E9:2A:F6:98:B8:18:FC:35:B5:9E:80:47:B3:37:33:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1753C7D7D283C010EC61F6FFD1E5FB74AE937690
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
Signing time: Mon 16 Jun 2025 21:00:13 +0000
ROA not before: Mon 16 Jun 2025 21:00:13 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:53:c7:d7:d2:83:c0:10:ec:61:f6:ff:d1:e5:fb:74:ae:93:76:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:00:13 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=1b739abb44097445e7ce40a7cc1bcfc2fac3635d1cc163553eb98e2c5a859308, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2b:12:93:c4:fb:9c:f5:d2:cd:86:e0:3c:00:
fe:9e:b4:98:a5:db:1e:51:b7:50:ea:a0:c3:3a:47:
12:cd:ce:48:a9:a4:19:6a:ce:00:62:9c:9f:8b:23:
70:5f:70:4b:ff:70:e4:aa:62:65:e1:65:bb:0e:91:
e7:95:4b:1f:bd:09:4b:90:e5:5d:35:45:41:9f:d4:
0f:cc:c6:f8:83:c7:e6:1e:98:ad:43:83:a3:24:ab:
ec:d0:bb:0f:cc:99:14:53:dc:dd:98:ea:6a:6c:44:
17:2f:9e:57:1c:62:1e:3c:3f:a5:6f:86:08:8c:34:
0b:d3:2f:8f:52:bc:fe:94:18:4a:50:92:e5:bd:59:
51:8e:64:56:56:99:91:ac:e5:3f:9f:ad:6f:6b:c1:
9c:6f:74:4c:34:65:c6:27:e5:8c:c9:bf:74:6e:5e:
4c:61:28:58:66:b6:fc:13:62:9d:2b:3a:15:02:21:
a4:81:60:7f:2a:25:f8:ec:ec:b8:12:e8:23:2b:1d:
fb:92:49:d5:1d:cb:7f:a4:78:9e:4a:a6:f9:92:dd:
ed:71:d7:7e:41:b0:b4:92:8f:06:f2:b4:a4:52:f8:
15:7c:74:dc:f1:84:44:a3:60:ad:2d:69:c8:3e:83:
cd:9a:1b:fa:ec:d9:33:c1:60:f4:24:71:d0:be:ab:
d4:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:14:3D:7F:E9:2A:F6:98:B8:18:FC:35:B5:9E:80:47:B3:37:33:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:6000::/40
Signature Algorithm: sha256WithRSAEncryption
4e:c4:83:20:0b:56:b8:d5:7e:6e:a8:51:e5:9a:b7:89:cd:3c:
ad:31:2a:11:52:6e:2b:10:b6:82:2c:84:48:cd:7c:42:f2:05:
3e:45:e1:65:64:ac:b5:4c:94:f9:21:b3:43:aa:fd:3c:23:d6:
2f:83:43:3c:a2:23:92:28:ac:f2:21:9e:29:f3:a6:e7:81:65:
21:04:8a:56:25:e9:31:bb:65:6a:6b:2e:4a:aa:4b:c8:ad:16:
c9:e5:7a:98:72:76:0c:9b:f0:36:ba:df:90:4e:73:33:ef:c2:
b9:7a:59:40:bc:55:67:32:56:4a:84:98:62:ba:1c:8e:e7:8d:
b3:ee:ba:f8:e9:4f:60:91:8a:5b:c4:37:37:e9:b4:ab:e9:d0:
43:8a:c0:6b:09:05:8d:59:26:bb:06:7a:d0:1c:db:19:d1:b0:
21:20:46:ed:59:2d:a9:30:f2:12:17:0d:7d:85:4d:41:92:7a:
84:86:c2:45:ff:d4:0b:3c:16:c5:19:38:b8:8e:75:b6:e2:7f:
5c:ce:c5:89:dd:1a:4f:2c:bb:5d:88:0f:a6:02:fe:07:23:f0:
6d:82:2b:70:d3:e3:2d:06:6b:46:89:b7:b1:44:a3:9e:b7:4e:
c6:a8:cf:26:f2:94:2c:6a:5a:07:be:48:bb:20:95:76:fd:48:
ff:9b:d0:2c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF1PH19KDwBDsYfb/0eX7dK6TdpAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTAwMTNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiNzM5YWJiNDQwOTc0NDVlN2NlNDBhN2NjMWJjZmMyZmFjMzYzNWQxY2Mx
NjM1NTNlYjk4ZTJjNWE4NTkzMDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQrEpPE+5z10s2G4DwA/p60mKXbHlG3UOqgwzpHEs3OSKmkGWrOAGKcn4sj
cF9wS/9w5KpiZeFluw6R55VLH70JS5DlXTVFQZ/UD8zG+IPH5h6YrUODoySr7NC7
D8yZFFPc3ZjqamxEFy+eVxxiHjw/pW+GCIw0C9Mvj1K8/pQYSlCS5b1ZUY5kVlaZ
kazlP5+tb2vBnG90TDRlxifljMm/dG5eTGEoWGa2/BNinSs6FQIhpIFgfyol+Ozs
uBLoIysd+5JJ1R3Lf6R4nkqm+ZLd7XHXfkGwtJKPBvK0pFL4FXx03PGERKNgrS1p
yD6DzZob+uzZM8Fg9CRx0L6r1BcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR3FD1/
6Sr2mLgY/DW1noBHszczVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWRjYzcwZGUtNjJiMC00MTBhLThjNDAtZDUxMDJjOWNjZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJg
MA0GCSqGSIb3DQEBCwUAA4IBAQBOxIMgC1a41X5uqFHlmreJzTytMSoRUm4rELaC
LIRIzXxC8gU+ReFlZKy1TJT5IbNDqv08I9Yvg0M8oiOSKKzyIZ4p86bngWUhBIpW
Jekxu2Vqay5KqkvIrRbJ5XqYcnYMm/A2ut+QTnMz78K5ellAvFVnMlZKhJhiuhyO
542z7rr46U9gkYpbxDc36bSr6dBDisBrCQWNWSa7BnrQHNsZ0bAhIEbtWS2pMPIS
Fw19hU1BknqEhsJF/9QLPBbFGTi4jnW24n9czsWJ3RpPLLtdiA+mAv4HI/Btgitw
0+MtBmtGibexRKOet07GqM8m8pQsaloHvki7IJV2/Uj/m9As
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:04:35 2025 by rpki-client