Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
File: b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa (raw, json)
Hash identifier: 28X6OFmRpgmlx9+Hg2chbvfY4afGCGhxGtbJ7OqTcpU=
Subject key identifier: 9C:C6:07:68:E6:CC:49:50:FB:1D:39:10:CA:D6:69:58:82:5F:48:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C00819222479E94D48265A453AE436424329B28
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
Signing time: Mon 16 Jun 2025 20:30:17 +0000
ROA not before: Mon 16 Jun 2025 20:30:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:00:81:92:22:47:9e:94:d4:82:65:a4:53:ae:43:64:24:32:9b:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:30:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=03b9fbb47224833c8e8c11c11f988cd7b2775945439b6dea8fe2b5bc3f85cbb0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ac:a2:11:b4:fc:40:5f:37:da:ed:08:12:e6:
7e:23:52:86:31:9d:2c:76:0f:e5:ed:20:a3:9c:fd:
b7:12:05:18:63:fb:03:a9:8d:b0:1a:41:33:41:73:
d0:6e:d8:17:45:8f:08:cb:5c:1b:b5:44:e6:39:27:
c1:e8:35:1e:fc:f4:f5:10:dd:bd:2f:ac:6f:00:fa:
3f:b9:0c:bc:07:90:13:10:96:44:83:c5:41:9f:2a:
92:1d:61:52:da:98:f5:dc:d3:4a:bb:6d:ba:e1:cf:
00:b5:3a:82:04:3c:74:01:7a:47:8b:99:70:fe:e0:
1e:88:8f:b5:08:61:f1:af:0e:7f:ad:6a:c4:ca:dd:
2c:52:35:a6:44:90:dc:e2:2a:a8:41:77:52:ff:0b:
93:a1:69:fa:c5:79:c8:e6:a9:84:7d:5b:1b:24:7d:
86:a6:97:ff:dc:5d:33:a3:11:01:b0:c8:8c:08:85:
ee:88:53:87:6b:3f:fe:79:3b:f7:74:be:5d:bb:63:
b3:f5:0b:5e:5d:3d:0b:1c:67:5e:a6:51:fa:20:e2:
e2:71:3c:6c:73:09:ea:d7:61:0d:77:23:75:1e:c0:
1e:66:8e:eb:54:bf:35:eb:2a:3b:6e:19:2f:d1:8c:
c6:a7:fc:52:ca:a0:00:6d:b6:7a:8e:fb:d1:be:97:
7f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C6:07:68:E6:CC:49:50:FB:1D:39:10:CA:D6:69:58:82:5F:48:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
bc:56:16:7c:d8:9e:31:f3:78:8a:a1:ba:9d:5e:80:92:7f:51:
b2:cd:dd:05:4f:b7:bb:1a:5e:6d:9f:4c:07:7e:ca:b4:17:c5:
a7:33:02:e4:70:f1:bb:db:2d:0d:5a:0c:0b:fe:2c:23:ee:38:
e9:76:89:9b:60:a6:29:4b:b4:28:29:10:b2:9e:4a:50:f7:b2:
ca:be:11:9d:21:e9:14:42:bc:e7:64:ea:f8:9f:e4:4e:ae:67:
2a:78:db:07:93:23:0d:65:5f:cb:68:93:d2:7e:0d:41:b6:3f:
ee:86:d6:45:67:23:d0:48:0d:76:35:9e:a8:b8:8b:d9:92:59:
c2:53:e6:1d:bc:92:3d:bc:63:c4:86:09:0b:84:c5:de:d0:8f:
d8:55:3e:10:6f:fb:ea:6f:66:f4:c1:49:97:a0:65:f3:7b:10:
c7:cb:fc:ff:24:85:18:d0:f9:79:bb:3e:a9:07:2a:47:4e:b7:
65:36:72:ba:98:bd:11:10:58:1f:df:80:f0:89:40:05:d8:4b:
e6:3d:25:a0:d0:89:98:9b:f4:89:64:0d:e3:b1:6c:d9:76:f5:
a6:3d:50:1c:4f:ea:98:f7:48:35:b1:88:ea:f9:df:14:5d:a8:
58:b3:5c:82:a2:2d:03:ac:10:0b:34:25:ef:c3:bf:d6:73:73:
e4:a7:b2:a1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPACBkiJHnpTUgmWkU65DZCQymygwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDMwMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzYjlmYmI0NzIyNDgzM2M4ZThjMTFjMTFmOTg4Y2Q3YjI3NzU5NDU0Mzli
NmRlYThmZTJiNWJjM2Y4NWNiYjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMusohG0/EBfN9rtCBLmfiNShjGdLHYP5e0go5z9txIFGGP7A6mNsBpBM0Fz
0G7YF0WPCMtcG7VE5jknweg1Hvz09RDdvS+sbwD6P7kMvAeQExCWRIPFQZ8qkh1h
UtqY9dzTSrttuuHPALU6ggQ8dAF6R4uZcP7gHoiPtQhh8a8Of61qxMrdLFI1pkSQ
3OIqqEF3Uv8Lk6Fp+sV5yOaphH1bGyR9hqaX/9xdM6MRAbDIjAiF7ohTh2s//nk7
93S+Xbtjs/ULXl09CxxnXqZR+iDi4nE8bHMJ6tdhDXcjdR7AHmaO61S/NesqO24Z
L9GMxqf8UsqgAG22eo770b6Xf4cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBScxgdo
5sxJUPsdORDK1mlYgl9IgDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjYxZjg1OGEtMzFiMS00ODVhLThjZWQtMGMzMjhjZTljNGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9A
MA0GCSqGSIb3DQEBCwUAA4IBAQC8VhZ82J4x83iKobqdXoCSf1Gyzd0FT7e7Gl5t
n0wHfsq0F8WnMwLkcPG72y0NWgwL/iwj7jjpdombYKYpS7QoKRCynkpQ97LKvhGd
IekUQrznZOr4n+ROrmcqeNsHkyMNZV/LaJPSfg1Btj/uhtZFZyPQSA12NZ6ouIvZ
klnCU+YdvJI9vGPEhgkLhMXe0I/YVT4Qb/vqb2b0wUmXoGXzexDHy/z/JIUY0Pl5
uz6pBypHTrdlNnK6mL0REFgf34DwiUAF2EvmPSWg0ImYm/SJZA3jsWzZdvWmPVAc
T+qY90g1sYjq+d8UXahYs1yCoi0DrBALNCXvw7/Wc3Pkp7Kh
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:41 2025 by rpki-client