Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa
File: b9f26696-5522-477d-b8bf-72de7350b09a.roa (raw, json)
Hash identifier: 4SDynpxqqMl6FQgnjszmW4dA5XZ4Eg6ReYyZLBG4SPQ=
Subject key identifier: A3:E6:37:9F:06:BA:78:E4:94:B0:AC:B3:16:D8:6B:F9:B9:67:39:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B850CB1BF93B5D8FFD8BEF7A5F78B4E0E13B446
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa
Signing time: Mon 16 Jun 2025 20:00:10 +0000
ROA not before: Mon 16 Jun 2025 20:00:10 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:85:0c:b1:bf:93:b5:d8:ff:d8:be:f7:a5:f7:8b:4e:0e:13:b4:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:10 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=18470aa14842472fdf520ef5f53e3af0ead34332e8b138986bcc42429ab560d4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ff:d6:32:1e:b1:e8:08:0a:ae:b8:a2:13:79:
72:80:da:35:aa:69:c2:3a:3c:12:fd:0f:35:37:bb:
f6:74:56:72:61:02:a1:09:8c:c2:93:c5:40:eb:60:
81:d3:12:1e:c4:d6:c1:4d:07:ab:bd:a3:6a:8d:56:
00:b2:63:63:49:31:19:78:ee:33:16:be:4e:64:a6:
bf:14:2d:a8:4f:09:ef:09:d8:98:ab:81:b2:4c:64:
0c:18:af:ab:15:31:58:b5:48:0a:7b:bb:84:ee:14:
3f:0d:10:e7:35:14:e3:ca:f0:fd:b0:c0:e9:21:a3:
3c:10:85:3a:c9:32:8a:de:d5:14:e1:97:8b:58:c4:
8f:69:86:21:8a:05:d6:d2:fb:04:5a:89:40:31:b1:
09:e2:93:ef:58:42:83:6f:e0:82:63:52:fa:6f:43:
da:86:9f:05:b5:51:eb:57:bc:51:d9:8d:57:d0:63:
69:90:16:38:27:93:0b:cd:e7:52:37:07:e7:ad:58:
43:09:b0:6d:ba:aa:35:68:cd:2c:2a:63:3b:17:a6:
8b:46:4b:59:c4:ba:7c:cf:3c:1b:b0:e3:7e:74:54:
0c:59:41:cd:39:70:3c:48:cf:7c:87:e3:71:a0:b9:
55:34:3a:4e:b1:90:a7:d6:ca:66:59:25:f9:1d:98:
fc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E6:37:9F:06:BA:78:E4:94:B0:AC:B3:16:D8:6B:F9:B9:67:39:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:5000::/40
Signature Algorithm: sha256WithRSAEncryption
05:69:f5:7d:57:8b:fb:c2:8e:32:1d:2f:d0:3a:56:be:35:d3:
3d:c9:65:f9:ca:91:57:9a:5c:dc:1d:b4:66:9f:c3:c7:32:c0:
ae:89:41:78:89:dd:e8:6b:44:28:c2:7c:c6:1c:e8:78:0f:93:
52:01:6d:87:1b:5f:62:94:26:10:aa:94:08:e9:30:ac:20:dc:
d7:fb:09:7e:05:5b:09:a7:1a:74:7b:87:75:d8:30:e5:7f:01:
0b:d5:b8:9d:a2:30:97:b1:06:30:05:f6:70:fa:e2:a7:26:d8:
5d:76:8c:55:a1:69:4a:e4:b3:9f:8e:10:91:26:60:f3:33:11:
f4:d5:0d:e3:2c:f0:6c:73:b7:f6:c3:1c:10:2d:81:1c:3f:07:
d3:05:be:0b:01:9f:dc:17:c5:0f:13:1e:94:c4:c8:29:c1:06:
6b:10:19:e4:3f:e2:19:9a:18:47:f4:aa:f7:88:97:c6:9c:be:
92:1a:fb:40:44:04:80:4c:29:fc:44:49:6c:da:5f:5a:2f:19:
90:7e:b5:30:60:a6:f5:17:7a:18:a8:72:8e:f9:61:b5:fd:89:
4a:33:87:df:7e:23:42:3d:d3:23:a1:f7:67:40:25:1e:63:f2:
00:ad:0e:7c:f5:41:37:1a:20:a9:02:59:ee:9e:5d:41:53:54:
d0:84:d2:a1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUK4UMsb+Ttdj/2L73pfeLTg4TtEYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwMTBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4NDcwYWExNDg0MjQ3MmZkZjUyMGVmNWY1M2UzYWYwZWFkMzQzMzJlOGIx
Mzg5ODZiY2M0MjQyOWFiNTYwZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKv/1jIesegICq64ohN5coDaNappwjo8Ev0PNTe79nRWcmECoQmMwpPFQOtg
gdMSHsTWwU0Hq72jao1WALJjY0kxGXjuMxa+TmSmvxQtqE8J7wnYmKuBskxkDBiv
qxUxWLVICnu7hO4UPw0Q5zUU48rw/bDA6SGjPBCFOskyit7VFOGXi1jEj2mGIYoF
1tL7BFqJQDGxCeKT71hCg2/ggmNS+m9D2oafBbVR61e8UdmNV9BjaZAWOCeTC83n
UjcH561YQwmwbbqqNWjNLCpjOxemi0ZLWcS6fM88G7DjfnRUDFlBzTlwPEjPfIfj
caC5VTQ6TrGQp9bKZlkl+R2Y/IkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSj5jef
Brp45JSwrLMW2Gv5uWc5fDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjlmMjY2OTYtNTUyMi00NzdkLWI4YmYtNzJkZTczNTBiMDlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAFafV9V4v7wo4yHS/QOla+NdM9yWX5ypFXmlzc
HbRmn8PHMsCuiUF4id3oa0QownzGHOh4D5NSAW2HG19ilCYQqpQI6TCsINzX+wl+
BVsJpxp0e4d12DDlfwEL1bidojCXsQYwBfZw+uKnJthddoxVoWlK5LOfjhCRJmDz
MxH01Q3jLPBsc7f2wxwQLYEcPwfTBb4LAZ/cF8UPEx6UxMgpwQZrEBnkP+IZmhhH
9Kr3iJfGnL6SGvtARASATCn8REls2l9aLxmQfrUwYKb1F3oYqHKO+WG1/YlKM4ff
fiNCPdMjofdnQCUeY/IArQ589UE3GiCpAlnunl1BU1TQhNKh
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:02:44 2025 by rpki-client