Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
File: a37b3e49-cec5-4def-b3ef-5356277d82ab.roa (raw, json)
Hash identifier: 7Yy0WIMpikVTitO1WpIYl7+dKaS9ze82nIaylG+Y3EM=
Subject key identifier: 9C:80:0E:7F:55:8A:B9:5D:22:6A:65:71:B7:3C:2B:D3:4C:AE:AD:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0447C0E361DB199B46523993DD66331A4BBECCE5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
Signing time: Tue 17 Jun 2025 00:41:26 +0000
ROA not before: Tue 17 Jun 2025 00:41:26 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:47:c0:e3:61:db:19:9b:46:52:39:93:dd:66:33:1a:4b:be:cc:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:41:26 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=0cfb52431b9f94eab7ee3c506c1bfb177665f7bd6cbf6392c5f758529a3a6368, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d0:88:a3:e3:55:55:93:95:cf:36:8e:6b:d2:
17:7f:1f:53:44:86:75:41:4b:3b:4e:3c:05:ee:87:
95:89:be:51:2d:a9:f2:c2:4a:18:f0:cf:22:ca:4b:
ab:8a:43:22:f3:47:da:c4:12:d1:ce:2f:3d:f8:14:
a9:ef:2b:da:e4:94:f1:2a:29:3d:95:23:b3:99:f1:
56:da:75:e9:30:37:6f:b9:92:62:65:53:40:f8:d9:
f1:e2:c4:fd:da:40:d0:70:59:fa:51:ef:ee:92:46:
47:27:1b:3b:71:86:a1:b5:86:79:56:a6:4f:8f:4b:
47:d1:81:bf:47:79:28:36:53:78:88:5f:80:92:5f:
32:2a:1c:38:e7:04:1d:8c:ea:13:67:a9:52:62:39:
6d:65:99:65:3c:db:23:c1:23:0d:99:ad:32:56:5d:
a4:e5:6c:2d:95:cb:a6:16:73:88:38:e0:ec:94:89:
a4:ac:fc:6c:5a:83:44:85:e6:fc:8c:a9:b0:6a:6f:
a2:9d:53:d5:37:bd:35:d5:d4:9b:b0:92:77:16:97:
de:7b:e8:dd:4d:74:08:2e:f2:8a:c2:6b:88:6e:58:
80:3c:c5:1c:cc:b0:e2:4a:4e:47:52:ec:95:23:01:
cc:ef:d4:37:cc:92:5f:86:f2:2f:54:ab:25:5e:51:
c9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:80:0E:7F:55:8A:B9:5D:22:6A:65:71:B7:3C:2B:D3:4C:AE:AD:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:1000::/40
Signature Algorithm: sha256WithRSAEncryption
86:59:98:71:c4:bd:9c:ab:4b:41:1d:0e:fa:6a:99:cb:d4:3c:
e2:3a:97:0b:d4:50:2b:40:59:10:27:02:8f:4b:fb:ef:bc:c4:
5b:ba:f2:3c:e7:42:18:71:4c:9a:63:4e:df:0a:db:f9:b9:75:
cb:66:fd:e8:75:bd:5d:fa:7e:19:a9:59:30:a4:82:2f:8e:a0:
8d:1f:c4:f2:76:7b:96:a4:62:bd:b8:1e:68:fb:36:44:7a:a4:
e2:cb:f0:71:9f:10:43:1d:86:b3:74:32:e4:eb:41:c7:d7:cd:
9e:d6:96:1b:df:f7:ad:3d:e5:38:de:f0:7a:39:ca:7b:f8:a3:
40:46:93:5a:a6:ad:40:df:af:39:51:80:3a:42:57:0f:cf:a4:
8c:04:5b:5a:e5:56:3a:d0:28:36:16:aa:d6:4c:cc:cd:86:fc:
2f:bd:91:9d:ad:5f:3c:20:62:02:7e:2f:23:63:1b:ed:ec:6d:
ac:92:97:d9:dc:6a:6b:e6:7d:86:24:88:d3:c3:b1:00:a9:f7:
7d:4f:bc:a0:07:07:87:0f:2d:7a:30:29:e6:48:aa:b8:01:67:
c9:41:4b:1d:4c:81:05:14:03:1b:25:52:b0:e0:60:9a:88:d6:
07:c1:14:44:79:cf:94:8a:75:77:c3:c7:41:c1:ce:d3:34:31:
ac:b8:56:2c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBEfA42HbGZtGUjmT3WYzGku+zOUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQxMjZaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjZmI1MjQzMWI5Zjk0ZWFiN2VlM2M1MDZjMWJmYjE3NzY2NWY3YmQ2Y2Jm
NjM5MmM1Zjc1ODUyOWEzYTYzNjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3QiKPjVVWTlc82jmvSF38fU0SGdUFLO048Be6HlYm+US2p8sJKGPDPIspL
q4pDIvNH2sQS0c4vPfgUqe8r2uSU8SopPZUjs5nxVtp16TA3b7mSYmVTQPjZ8eLE
/dpA0HBZ+lHv7pJGRycbO3GGobWGeVamT49LR9GBv0d5KDZTeIhfgJJfMiocOOcE
HYzqE2epUmI5bWWZZTzbI8EjDZmtMlZdpOVsLZXLphZziDjg7JSJpKz8bFqDRIXm
/IypsGpvop1T1Te9NdXUm7CSdxaX3nvo3U10CC7yisJriG5YgDzFHMyw4kpOR1Ls
lSMBzO/UN8ySX4byL1SrJV5RyQ0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBScgA5/
VYq5XSJqZXG3PCvTTK6tnjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTM3YjNlNDktY2VjNS00ZGVmLWIzZWYtNTM1NjI3N2Q4MmFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCGWZhxxL2cq0tBHQ76apnL1DziOpcL1FArQFkQ
JwKPS/vvvMRbuvI850IYcUyaY07fCtv5uXXLZv3odb1d+n4ZqVkwpIIvjqCNH8Ty
dnuWpGK9uB5o+zZEeqTiy/BxnxBDHYazdDLk60HH182e1pYb3/etPeU43vB6Ocp7
+KNARpNapq1A3685UYA6QlcPz6SMBFta5VY60Cg2FqrWTMzNhvwvvZGdrV88IGIC
fi8jYxvt7G2skpfZ3Gpr5n2GJIjTw7EAqfd9T7ygBweHDy16MCnmSKq4AWfJQUsd
TIEFFAMbJVKw4GCaiNYHwRREec+UinV3w8dBwc7TNDGsuFYs
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:24 2025 by rpki-client