Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a507fd37-f907-46ea-8c80-857b97a67610.roa
File: a507fd37-f907-46ea-8c80-857b97a67610.roa (raw, json)
Hash identifier: v2XqeJWPVBSRm6A68ggeQsfZOdkvwsex/iouwRf+6H0=
Subject key identifier: F2:F5:2E:D2:2B:F9:4C:A5:40:9F:CB:C4:42:4C:A9:0B:41:D7:10:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4553240BBAAEC13AE56472CD996BA5B60066A7BC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a507fd37-f907-46ea-8c80-857b97a67610.roa
Signing time: Mon 16 Jun 2025 20:30:16 +0000
ROA not before: Mon 16 Jun 2025 20:30:16 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:53:24:0b:ba:ae:c1:3a:e5:64:72:cd:99:6b:a5:b6:00:66:a7:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:30:16 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=981d161f271a3098b96a8c5238ab9b7db3054504fd0ab6235a675d6ec415cb92, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a7:4a:fd:9e:5c:89:4d:15:cb:12:0b:e4:81:
ed:6d:97:be:e9:2a:3d:ee:1e:33:23:7f:5d:2b:90:
ff:0d:6a:81:53:d0:10:cb:d7:9b:4f:ff:37:a0:fa:
60:9e:e2:7b:d8:50:71:e3:b0:91:46:f6:e2:fe:45:
35:2f:4b:36:29:7b:71:3b:b9:e2:52:1b:db:ee:1b:
d5:1e:ab:d8:63:56:4e:b1:ba:39:e8:39:8f:05:13:
1a:6c:9c:69:f2:8f:78:84:ab:ba:0c:e3:72:47:80:
c4:d3:27:cb:18:89:93:c6:57:58:04:3d:34:3a:18:
91:c1:1d:9b:27:07:15:64:38:e2:16:6c:0d:03:dd:
20:47:dd:41:91:aa:db:d8:b1:49:61:00:70:ef:53:
d1:ba:fc:61:24:3d:83:9b:54:57:16:1f:f9:42:a6:
11:41:65:d4:30:62:99:ed:75:93:c3:d9:c9:02:ca:
32:a3:8d:54:ea:de:bd:f1:b2:45:d3:e9:a8:d6:b7:
0d:2c:9b:bf:7a:77:77:da:3e:1d:b3:5a:48:57:85:
49:a7:28:72:af:41:31:c7:d3:28:b2:02:6c:f3:b0:
fc:65:f0:89:8c:7d:ef:d9:aa:00:73:d6:d7:d1:ab:
af:8d:31:f0:05:8c:fc:0a:3f:e9:7f:4d:2e:49:d9:
6a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:F5:2E:D2:2B:F9:4C:A5:40:9F:CB:C4:42:4C:A9:0B:41:D7:10:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a507fd37-f907-46ea-8c80-857b97a67610.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e000::/40
Signature Algorithm: sha256WithRSAEncryption
b2:d1:ca:0b:f2:e3:bc:1f:d6:4c:50:a5:5b:78:00:0e:28:c3:
bc:92:3b:8d:32:9a:0f:b7:ee:ab:f0:d8:8d:9c:92:56:e5:b3:
94:72:6d:47:ec:13:23:26:e0:5f:9c:1c:65:ab:67:0f:e1:38:
19:10:3b:46:53:b3:37:48:cf:f7:63:8d:5d:20:ed:c7:74:2a:
dc:a2:09:e4:2a:ea:40:7f:b7:4f:b0:f4:45:bc:23:6c:e2:93:
67:aa:69:09:e1:16:a4:61:4e:80:a6:e4:07:4a:e1:95:b4:77:
16:d3:5d:89:dc:fd:61:25:e1:b9:8b:bf:d2:24:50:ff:f7:23:
6b:d2:e4:41:53:e1:57:24:b4:b5:ab:4e:56:70:de:3e:d9:0b:
f6:d6:3e:a1:5c:3b:51:c3:8a:c0:5d:a8:cb:b3:58:1d:97:9f:
8d:d9:5f:37:48:eb:3d:09:01:00:2a:a4:ec:5b:4a:30:5d:9b:
a8:94:20:54:6d:cd:ad:ef:b5:27:50:ea:28:80:cc:79:4f:09:
15:dc:39:32:c8:22:f7:42:de:53:ca:6c:33:e3:bd:f6:d2:e1:
b0:c6:af:16:49:e1:d6:4f:e4:58:20:a6:fc:86:ad:bf:50:bc:
f9:cd:f1:7c:05:bc:87:43:fc:26:3e:40:37:13:0c:f0:32:ed:
b4:ca:2b:82
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURVMkC7quwTrlZHLNmWultgBmp7wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDMwMTZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4MWQxNjFmMjcxYTMwOThiOTZhOGM1MjM4YWI5YjdkYjMwNTQ1MDRmZDBh
YjYyMzVhNjc1ZDZlYzQxNWNiOTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSnSv2eXIlNFcsSC+SB7W2XvukqPe4eMyN/XSuQ/w1qgVPQEMvXm0//N6D6
YJ7ie9hQceOwkUb24v5FNS9LNil7cTu54lIb2+4b1R6r2GNWTrG6Oeg5jwUTGmyc
afKPeISrugzjckeAxNMnyxiJk8ZXWAQ9NDoYkcEdmycHFWQ44hZsDQPdIEfdQZGq
29ixSWEAcO9T0br8YSQ9g5tUVxYf+UKmEUFl1DBime11k8PZyQLKMqONVOrevfGy
RdPpqNa3DSybv3p3d9o+HbNaSFeFSacocq9BMcfTKLICbPOw/GXwiYx979mqAHPW
19Grr40x8AWM/Ao/6X9NLknZanUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTy9S7S
K/lMpUCfy8RCTKkLQdcQZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTUwN2ZkMzctZjkwNy00NmVhLThjODAtODU3Yjk3YTY3NjEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HLg
MA0GCSqGSIb3DQEBCwUAA4IBAQCy0coL8uO8H9ZMUKVbeAAOKMO8kjuNMpoPt+6r
8NiNnJJW5bOUcm1H7BMjJuBfnBxlq2cP4TgZEDtGU7M3SM/3Y41dIO3HdCrcognk
KupAf7dPsPRFvCNs4pNnqmkJ4RakYU6ApuQHSuGVtHcW012J3P1hJeG5i7/SJFD/
9yNr0uRBU+FXJLS1q05WcN4+2Qv21j6hXDtRw4rAXajLs1gdl5+N2V83SOs9CQEA
KqTsW0owXZuolCBUbc2t77UnUOoogMx5TwkV3DkyyCL3Qt5Tymwz47320uGwxq8W
SeHWT+RYIKb8hq2/ULz5zfF8BbyHQ/wmPkA3EwzwMu20yiuC
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:44 2025 by rpki-client