Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
File: b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa (raw, json)
Hash identifier: RhefIn6P1wyQ7xe2DzAKAxdP6sKvqMipT9JvlpoYrt8=
Subject key identifier: 95:73:FD:F0:0D:27:B7:17:FE:E2:BF:1D:CF:E6:1D:B8:92:87:2A:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72B296C0767F62FFB16E5A71117035648EE9EF38
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
Signing time: Mon 16 Jun 2025 21:31:08 +0000
ROA not before: Mon 16 Jun 2025 21:31:08 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:b2:96:c0:76:7f:62:ff:b1:6e:5a:71:11:70:35:64:8e:e9:ef:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:08 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=caf88a8fbf54b7831413e6bf50882d3b803f140595e6efa927e4f17ad3170afc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:90:f9:e5:4a:02:4e:6d:88:87:84:1b:6b:74:
32:e8:de:b1:7a:3f:e1:2e:83:f5:33:b6:84:6d:99:
cb:38:50:a9:ac:ca:8b:c2:e6:50:ce:41:57:9a:7a:
6e:6d:a0:d8:85:9a:85:2f:d1:f2:bf:fd:37:44:20:
88:46:b3:e6:3f:83:01:cd:e0:52:98:2c:6a:43:78:
28:d9:23:96:a6:45:12:6c:00:c1:2e:94:c9:7c:d0:
9e:78:84:af:f7:55:f6:5e:11:89:a1:34:86:c1:c6:
f9:49:a8:a9:b6:29:75:c7:d5:97:52:d0:dc:e0:17:
02:03:8d:13:3f:8c:8b:62:03:1b:0e:9b:1c:8c:0c:
c5:1e:3f:75:43:eb:7f:43:b0:f8:63:01:15:fa:af:
5b:20:18:b5:72:aa:ed:78:7c:68:53:85:c0:10:84:
0c:c0:03:4b:5a:b8:c8:56:c5:8f:7c:8a:51:7b:fb:
83:6b:1a:bb:c8:9b:0d:bb:97:f6:e8:29:f5:7a:72:
bb:89:49:31:4e:21:49:dc:38:1c:67:59:e3:9c:8e:
e7:3e:cc:0b:25:91:40:fc:6d:89:19:0b:16:ea:78:
df:b7:72:16:54:70:e7:f6:a2:2d:d7:20:a8:64:54:
db:41:e9:ce:75:0b:04:c8:4e:69:80:74:f9:74:96:
85:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:73:FD:F0:0D:27:B7:17:FE:E2:BF:1D:CF:E6:1D:B8:92:87:2A:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:400::/38
Signature Algorithm: sha256WithRSAEncryption
04:f6:63:06:52:ac:7f:90:4e:a0:6b:bb:0b:29:0f:ee:4d:1a:
cb:b8:0c:7b:a6:98:8c:be:78:11:3e:55:de:f3:c0:81:eb:02:
fa:ba:e6:05:95:c5:56:80:84:ea:20:7f:25:02:35:55:39:9b:
03:70:ab:80:ed:42:e1:47:e9:42:6a:13:f0:e4:5c:52:a1:8a:
5b:0f:60:32:18:04:41:be:1a:0c:7d:fc:75:82:d6:cd:27:0b:
cd:4b:0b:8f:b7:d6:4a:2f:bb:a7:f0:8d:da:d0:ae:11:1c:0d:
c3:01:77:07:c8:26:d9:2f:f2:54:a8:36:37:ba:9a:f7:ce:03:
f6:0e:2b:fd:aa:c9:37:a0:c7:9d:14:19:c5:59:55:cd:17:81:
00:45:23:2c:de:4f:dd:57:db:cb:5e:f0:dc:a6:bb:e0:fa:52:
dd:49:0e:a9:61:c4:d6:db:92:d8:1b:39:cb:0d:3c:a7:ca:b8:
3e:16:2a:74:75:9e:4e:d3:97:99:a3:36:f7:d3:dd:6b:3b:43:
23:26:59:22:e7:f6:14:99:d9:3c:4e:fe:9d:e5:4f:57:46:a8:
58:93:83:93:92:17:44:90:f7:a7:45:94:f0:4e:85:7e:50:39:
04:d0:3e:37:2f:d5:7f:04:63:fe:a5:5f:95:e2:b3:51:4b:5f:
98:1d:d1:80
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcrKWwHZ/Yv+xblpxEXA1ZI7p7zgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxMDhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhZjg4YThmYmY1NGI3ODMxNDEzZTZiZjUwODgyZDNiODAzZjE0MDU5NWU2
ZWZhOTI3ZTRmMTdhZDMxNzBhZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWQ+eVKAk5tiIeEG2t0MujesXo/4S6D9TO2hG2ZyzhQqazKi8LmUM5BV5p6
bm2g2IWahS/R8r/9N0QgiEaz5j+DAc3gUpgsakN4KNkjlqZFEmwAwS6UyXzQnniE
r/dV9l4RiaE0hsHG+UmoqbYpdcfVl1LQ3OAXAgONEz+Mi2IDGw6bHIwMxR4/dUPr
f0Ow+GMBFfqvWyAYtXKq7Xh8aFOFwBCEDMADS1q4yFbFj3yKUXv7g2sau8ibDbuX
9ugp9Xpyu4lJMU4hSdw4HGdZ45yO5z7MCyWRQPxtiRkLFup437dyFlRw5/aiLdcg
qGRU20HpznULBMhOaYB0+XSWhQ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSVc/3w
DSe3F/7ivx3P5h24kocqQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjcyYTk1NDAtNTFlZi00ZGNjLWE1ZTItMjQxNzI0OWExYWYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIE
MA0GCSqGSIb3DQEBCwUAA4IBAQAE9mMGUqx/kE6ga7sLKQ/uTRrLuAx7ppiMvngR
PlXe88CB6wL6uuYFlcVWgITqIH8lAjVVOZsDcKuA7ULhR+lCahPw5FxSoYpbD2Ay
GARBvhoMffx1gtbNJwvNSwuPt9ZKL7un8I3a0K4RHA3DAXcHyCbZL/JUqDY3upr3
zgP2Div9qsk3oMedFBnFWVXNF4EARSMs3k/dV9vLXvDcprvg+lLdSQ6pYcTW25LY
GznLDTynyrg+Fip0dZ5O05eZozb3091rO0MjJlki5/YUmdk8Tv6d5U9XRqhYk4OT
khdEkPenRZTwToV+UDkE0D43L9V/BGP+pV+V4rNRS1+YHdGA
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:43 2025 by rpki-client