Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
File: a72cbea9-100c-4974-8211-87debb0f6fbd.roa (raw, json)
Hash identifier: WXvUyWCVVBIo6DkQ3qRAs4FHs0Tdlq0BzZ/C/wMfSCw=
Subject key identifier: 37:22:25:CF:62:6D:3C:C1:06:B7:AA:F2:F4:CF:BD:E3:76:99:A2:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BC4FE8172F55C62B50EFC0019D081B9FDD52C30
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
Signing time: Tue 17 Jun 2025 00:40:50 +0000
ROA not before: Tue 17 Jun 2025 00:40:50 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:c4:fe:81:72:f5:5c:62:b5:0e:fc:00:19:d0:81:b9:fd:d5:2c:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:50 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=afd776ec22fd8d89c24bad2577d1ba067045b7ddec01555071559038611efa5f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2b:93:7b:29:27:f2:08:3c:c1:cc:77:02:02:
04:16:82:11:5e:a2:69:93:8f:a8:e9:4a:0f:a1:56:
46:53:ba:96:d5:a6:68:00:7c:08:8f:02:45:7d:c0:
00:25:25:b8:63:65:8f:57:e3:07:71:0c:18:63:fe:
e9:92:e0:3f:3c:b3:b9:d3:55:8f:4c:bb:6e:3a:10:
01:b0:11:47:b7:3e:8d:fb:d8:a5:1a:87:bd:cc:cd:
6d:cf:51:72:2a:d6:83:cd:fa:2f:17:d1:cd:8e:2e:
b8:15:f7:0a:56:0d:52:e5:95:7e:8d:14:74:30:21:
04:53:99:bc:62:6d:7a:18:19:26:9d:e1:7f:bd:66:
7b:d3:3c:2f:7d:e5:25:de:51:00:88:f3:1c:07:9c:
b5:f5:4b:23:dd:d3:10:96:61:26:2a:f6:a9:d0:40:
93:e7:dc:8a:d2:36:5b:66:6c:f8:22:b4:ff:e8:70:
04:0f:7a:e7:aa:06:d5:03:32:e7:ae:81:30:d0:22:
ef:d5:13:e1:30:3b:57:f8:c9:1e:00:72:de:86:e5:
64:cd:84:6f:1b:2f:63:1d:14:0e:d6:9d:94:9f:ac:
3e:46:34:a8:e1:46:f4:e5:56:c1:a7:c1:48:2d:47:
6d:8f:df:a5:b7:f7:69:06:da:15:24:4f:7c:4a:42:
40:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:22:25:CF:62:6D:3C:C1:06:B7:AA:F2:F4:CF:BD:E3:76:99:A2:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a72cbea9-100c-4974-8211-87debb0f6fbd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:8000::/40
Signature Algorithm: sha256WithRSAEncryption
55:a4:e0:4d:0c:5b:63:9c:f6:1f:3f:5f:89:b8:ee:aa:2c:14:
43:0c:77:6a:5c:c4:98:66:dd:57:4c:97:30:92:e3:e0:26:6f:
0f:57:db:f6:ae:ae:35:e6:08:9b:72:57:72:cc:f5:67:03:cf:
ec:3e:87:e3:4b:0e:ae:4e:0b:0f:61:bd:b7:e9:24:09:3c:c4:
f3:95:84:ff:c8:78:b3:13:20:5e:c0:ed:3a:f4:93:c5:28:36:
2f:35:64:55:a6:2c:7a:ee:89:5d:a6:d8:20:0e:09:df:0c:02:
4a:a6:dc:d2:9c:c7:a2:00:fe:91:b4:f3:fd:a2:a6:50:8a:a7:
12:7e:68:39:9c:85:0a:d7:62:e4:ad:1d:26:8b:fe:d0:82:bf:
5b:ba:fb:7d:a4:87:38:9a:4a:82:88:3f:5d:a7:74:0e:ad:0e:
96:39:b8:0e:83:c9:c7:e1:98:a0:b2:21:45:64:99:c2:d0:47:
fe:19:93:fe:c7:9d:5f:d4:a6:f3:15:d6:a9:ce:87:2d:7e:39:
08:29:3f:23:3c:e3:8c:17:99:77:26:12:1a:2a:c9:fd:13:0d:
de:db:96:bb:32:dc:38:89:ce:1b:de:c3:0c:6a:2f:d9:64:ed:
fe:7a:45:b4:36:0a:c7:b6:b1:01:39:2a:e1:d3:5a:d6:10:59:
33:8e:b5:14
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUa8T+gXL1XGK1DvwAGdCBuf3VLDAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQwNTBaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmZDc3NmVjMjJmZDhkODljMjRiYWQyNTc3ZDFiYTA2NzA0NWI3ZGRlYzAx
NTU1MDcxNTU5MDM4NjExZWZhNWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUrk3spJ/IIPMHMdwICBBaCEV6iaZOPqOlKD6FWRlO6ltWmaAB8CI8CRX3A
ACUluGNlj1fjB3EMGGP+6ZLgPzyzudNVj0y7bjoQAbARR7c+jfvYpRqHvczNbc9R
cirWg836LxfRzY4uuBX3ClYNUuWVfo0UdDAhBFOZvGJtehgZJp3hf71me9M8L33l
Jd5RAIjzHAectfVLI93TEJZhJir2qdBAk+fcitI2W2Zs+CK0/+hwBA9656oG1QMy
566BMNAi79UT4TA7V/jJHgBy3oblZM2EbxsvYx0UDtadlJ+sPkY0qOFG9OVWwafB
SC1HbY/fpbf3aQbaFSRPfEpCQMcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3IiXP
Ym08wQa3qvL0z73jdpmiATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTcyY2JlYTktMTAwYy00OTc0LTgyMTEtODdkZWJiMGY2ZmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmA
MA0GCSqGSIb3DQEBCwUAA4IBAQBVpOBNDFtjnPYfP1+JuO6qLBRDDHdqXMSYZt1X
TJcwkuPgJm8PV9v2rq415gibcldyzPVnA8/sPofjSw6uTgsPYb236SQJPMTzlYT/
yHizEyBewO069JPFKDYvNWRVpix67oldptggDgnfDAJKptzSnMeiAP6RtPP9oqZQ
iqcSfmg5nIUK12LkrR0mi/7Qgr9buvt9pIc4mkqCiD9dp3QOrQ6WObgOg8nH4Zig
siFFZJnC0Ef+GZP+x51f1KbzFdapzoctfjkIKT8jPOOMF5l3JhIaKsn9Ew3e25a7
Mtw4ic4b3sMMai/ZZO3+ekW0NgrHtrEBOSrh01rWEFkzjrUU
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:39 2025 by rpki-client