Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa
File: ad017d4e-10ed-4706-a728-1b3d3feae80f.roa (raw, json)
Hash identifier: q81fzJ1WNT24ZBYvix2zTmN7leufMY5p3eOVxUOuDPI=
Subject key identifier: CF:4C:31:D0:E8:88:AD:EA:3B:9D:A2:6A:98:9A:1D:2F:C5:7D:32:F6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 179258DEC712E9E73FE7FAC50CF5C0293C4E2BAC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa
Signing time: Tue 17 Jun 2025 00:40:54 +0000
ROA not before: Tue 17 Jun 2025 00:40:54 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:92:58:de:c7:12:e9:e7:3f:e7:fa:c5:0c:f5:c0:29:3c:4e:2b:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:54 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=2d2ff68a28a143afdd44dac4a951a4096b0698236566502a5c71b82bacfb6b1c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6b:8e:2c:64:64:71:fb:7d:2a:c6:3e:cc:12:
49:64:ea:58:e6:23:43:09:a7:68:32:1b:83:26:01:
8b:a8:60:fd:ec:23:e6:e7:a0:76:a9:37:58:26:b9:
09:f1:d7:33:fa:7f:f6:69:d2:2e:bb:25:d0:ca:70:
73:b7:8a:77:d1:a2:c8:18:f2:7e:d7:61:ea:ad:5f:
83:b5:14:28:37:41:7f:ff:b4:27:53:40:07:c7:7b:
59:c4:2e:65:86:85:e9:60:e0:fc:80:4f:32:d5:0b:
6c:26:6f:b0:bf:63:62:3f:33:c2:6d:46:8c:f6:4f:
b7:10:b6:95:1c:20:2c:08:b1:56:9d:e5:2a:22:26:
85:56:5c:99:fa:68:75:d7:14:85:1f:a9:29:a1:8e:
2a:08:8c:67:c9:36:28:a4:28:a9:99:9e:ef:20:ca:
bc:28:b9:0f:f1:ed:cd:ad:eb:ab:dd:af:8e:33:e1:
13:4a:65:f7:93:7f:73:d0:28:4e:f2:88:a1:0e:23:
e3:c8:b2:42:c4:00:d3:e4:b9:a4:e9:c0:52:59:bc:
04:be:d9:ed:9a:25:4b:2e:02:41:75:76:8e:83:ff:
a8:97:f9:ab:07:8f:f5:15:aa:d9:19:a3:54:88:24:
f4:a3:28:5e:82:93:7d:1d:94:18:47:5c:2f:6b:cf:
d4:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4C:31:D0:E8:88:AD:EA:3B:9D:A2:6A:98:9A:1D:2F:C5:7D:32:F6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
bd:47:41:6c:3b:00:23:bc:43:77:dd:45:a3:12:aa:ec:f3:a8:
16:bc:e3:36:13:65:23:f4:b0:a9:95:3a:f9:00:43:e9:e5:04:
d1:97:c9:77:49:0b:b1:06:bd:d5:31:38:3f:2b:30:9c:53:e2:
7f:4d:cf:c2:da:da:da:ca:70:9f:0e:a4:99:9d:19:c0:df:88:
a9:fe:b0:9d:73:49:56:a3:9f:fb:93:90:be:88:4b:2f:1e:a4:
08:5d:64:d7:ed:8c:cc:26:7b:b7:ab:70:d5:4d:f8:cd:9f:24:
4e:f1:31:1d:47:d6:89:f7:fe:0b:6e:0c:38:6c:ab:80:b3:6f:
70:15:aa:a6:f1:72:51:67:a5:d8:dd:c0:01:03:b1:12:28:2d:
cd:60:90:e0:9d:fd:db:76:99:a9:f7:c4:92:1a:ce:d8:b8:f3:
59:7a:c5:85:f3:d7:86:d5:60:1d:b0:1d:3a:28:cf:fc:01:37:
16:d6:09:2b:4a:34:c7:71:f2:ed:4a:1b:cb:ab:2c:b7:2b:95:
a9:77:be:da:2a:ae:39:9f:88:39:fb:0d:fa:df:5d:8c:6f:01:
e6:72:43:c0:d7:cf:1d:ca:61:bc:64:f9:e5:c0:76:f9:41:65:
9c:0d:16:15:8e:54:00:4e:f5:08:b7:a8:e7:2d:f2:c3:dc:89:
d3:41:3c:81
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF5JY3scS6ec/5/rFDPXAKTxOK6wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQwNTRaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkMmZmNjhhMjhhMTQzYWZkZDQ0ZGFjNGE5NTFhNDA5NmIwNjk4MjM2NTY2
NTAyYTVjNzFiODJiYWNmYjZiMWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKprjixkZHH7fSrGPswSSWTqWOYjQwmnaDIbgyYBi6hg/ewj5uegdqk3WCa5
CfHXM/p/9mnSLrsl0Mpwc7eKd9GiyBjyftdh6q1fg7UUKDdBf/+0J1NAB8d7WcQu
ZYaF6WDg/IBPMtULbCZvsL9jYj8zwm1GjPZPtxC2lRwgLAixVp3lKiImhVZcmfpo
ddcUhR+pKaGOKgiMZ8k2KKQoqZme7yDKvCi5D/Htza3rq92vjjPhE0pl95N/c9Ao
TvKIoQ4j48iyQsQA0+S5pOnAUlm8BL7Z7ZolSy4CQXV2joP/qJf5qweP9RWq2Rmj
VIgk9KMoXoKTfR2UGEdcL2vP1OsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTPTDHQ
6Iit6judomqYmh0vxX0y9jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWQwMTdkNGUtMTBlZC00NzA2LWE3MjgtMWIzZDNmZWFlODBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9A
MA0GCSqGSIb3DQEBCwUAA4IBAQC9R0FsOwAjvEN33UWjEqrs86gWvOM2E2Uj9LCp
lTr5AEPp5QTRl8l3SQuxBr3VMTg/KzCcU+J/Tc/C2traynCfDqSZnRnA34ip/rCd
c0lWo5/7k5C+iEsvHqQIXWTX7YzMJnu3q3DVTfjNnyRO8TEdR9aJ9/4Lbgw4bKuA
s29wFaqm8XJRZ6XY3cABA7ESKC3NYJDgnf3bdpmp98SSGs7YuPNZesWF89eG1WAd
sB06KM/8ATcW1gkrSjTHcfLtShvLqyy3K5Wpd77aKq45n4g5+w36312MbwHmckPA
188dymG8ZPnlwHb5QWWcDRYVjlQATvUIt6jnLfLD3InTQTyB
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:25 2025 by rpki-client