Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
File: ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa (raw, json)
Hash identifier: YZX7XJvpoOJ6rg1aGDSZHVHwJ8cudG2lZfhTsvTmcCA=
Subject key identifier: 35:75:65:78:5B:9C:87:6B:B6:17:E0:01:A2:33:6D:83:AB:3A:8D:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 02307C3409780C1E9055DB00410E3C4B7FA22142
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
Signing time: Wed 25 Jun 2025 00:50:11 +0000
ROA not before: Wed 25 Jun 2025 00:50:11 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 87.238.80.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:30:7c:34:09:78:0c:1e:90:55:db:00:41:0e:3c:4b:7f:a2:21:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 25 00:50:11 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=855c1d00bcc6c34301e2928f621550010232e5980d306a78abe4f095da84d608, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2b:8d:89:81:42:ab:fd:3f:ef:0f:6f:d0:b3:
4b:1a:e0:ae:c5:e8:dc:59:96:46:f6:f5:a8:00:35:
f9:f8:3d:3f:03:17:d8:e0:3a:c2:ba:52:d8:aa:1a:
03:06:dc:5e:b6:02:1e:93:ad:c1:c7:0e:ba:f1:c6:
c0:3f:92:be:d9:cf:4a:01:ad:4e:02:a9:3e:0d:44:
5f:da:f0:1c:a1:00:ee:f2:3f:70:37:76:b4:64:00:
bd:d7:b3:f7:d7:08:09:48:6a:30:0d:2e:70:43:f3:
4e:31:0e:27:4e:8f:e0:c2:2c:48:46:57:60:1e:32:
47:b8:f2:cd:59:55:f3:86:98:80:1e:b4:d6:17:88:
b3:25:c9:72:ff:92:d1:6f:25:c8:86:6b:d5:bd:6f:
d2:e6:aa:fb:77:99:1f:d5:07:e7:65:d1:6a:2c:b6:
6d:e8:ea:93:35:81:56:13:5f:10:90:ff:e9:fd:9e:
f2:83:38:b7:d4:4b:e3:7e:ee:42:56:ea:ff:38:32:
07:c1:69:cd:1a:eb:d7:67:40:e9:e3:4c:e1:ed:6d:
24:61:9f:8d:da:5f:33:7c:5d:d2:e3:06:1e:74:28:
95:de:28:80:c6:90:74:fc:18:ac:50:e1:83:e6:38:
be:bd:78:79:e9:83:f2:e1:3b:7b:98:dc:17:b6:62:
f4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:75:65:78:5B:9C:87:6B:B6:17:E0:01:A2:33:6D:83:AB:3A:8D:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.80.0/21
Signature Algorithm: sha256WithRSAEncryption
a6:41:b0:4b:94:6a:3f:a4:0b:30:3a:30:46:ee:49:8c:0b:94:
79:48:a1:27:f8:88:fe:74:59:de:f1:12:b7:7d:e8:14:90:17:
8a:d3:e9:07:b8:87:cc:c7:a0:24:c3:ac:09:14:45:b4:24:19:
e7:ed:fe:54:e4:33:c7:0f:ed:2f:80:36:f6:73:19:8a:dc:f9:
51:40:77:e2:b7:aa:a9:d7:5e:a6:fd:8d:89:20:a5:4e:b0:b2:
e6:9e:f1:1e:93:c1:77:5a:55:2d:90:dc:cd:81:91:ef:ae:dd:
df:49:63:35:1f:eb:a6:7b:9c:64:5d:d6:61:74:e9:ae:f8:a6:
49:fa:8b:15:df:60:31:c1:79:e6:f4:65:31:d0:71:40:4f:a1:
9d:9e:4e:e5:dc:fb:ea:09:f7:22:89:93:7b:66:aa:14:4f:a1:
ea:15:a7:65:e0:7a:76:6b:cb:b8:84:43:d6:00:94:99:91:63:
1e:19:97:6b:6e:c3:d9:00:95:a6:d9:a7:50:c3:bf:4f:44:38:
34:9a:28:47:ba:24:28:a1:99:6e:e9:a7:66:61:b5:4b:54:d8:
b8:3c:49:32:23:d3:c3:9a:12:d4:ac:7c:01:a7:e5:74:a7:6e:
7e:6d:38:a6:44:dc:85:e6:bc:b8:23:01:fd:c8:77:cf:a6:e6:
6c:2e:7c:b3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAjB8NAl4DB6QVdsAQQ48S3+iIUIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjUwMDUwMTFaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1NWMxZDAwYmNjNmMzNDMwMWUyOTI4ZjYyMTU1MDAxMDIzMmU1OTgwZDMw
NmE3OGFiZTRmMDk1ZGE4NGQ2MDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIrjYmBQqv9P+8Pb9CzSxrgrsXo3FmWRvb1qAA1+fg9PwMX2OA6wrpS2Koa
AwbcXrYCHpOtwccOuvHGwD+SvtnPSgGtTgKpPg1EX9rwHKEA7vI/cDd2tGQAvdez
99cICUhqMA0ucEPzTjEOJ06P4MIsSEZXYB4yR7jyzVlV84aYgB601heIsyXJcv+S
0W8lyIZr1b1v0uaq+3eZH9UH52XRaiy2bejqkzWBVhNfEJD/6f2e8oM4t9RL437u
Qlbq/zgyB8FpzRrr12dA6eNM4e1tJGGfjdpfM3xd0uMGHnQold4ogMaQdPwYrFDh
g+Y4vr14eemD8uE7e5jcF7Zi9I0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ1dWV4
W5yHa7YX4AGiM22DqzqNRDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmE3MGE4OWMtNWU2Yy00MGFjLTlhNzMtZjkyYmVlMDA1ZDViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1fuUDAN
BgkqhkiG9w0BAQsFAAOCAQEApkGwS5RqP6QLMDowRu5JjAuUeUihJ/iI/nRZ3vES
t33oFJAXitPpB7iHzMegJMOsCRRFtCQZ5+3+VOQzxw/tL4A29nMZitz5UUB34req
qddepv2NiSClTrCy5p7xHpPBd1pVLZDczYGR767d30ljNR/rpnucZF3WYXTprvim
SfqLFd9gMcF55vRlMdBxQE+hnZ5O5dz76gn3IomTe2aqFE+h6hWnZeB6dmvLuIRD
1gCUmZFjHhmXa27D2QCVptmnUMO/T0Q4NJooR7okKKGZbumnZmG1S1TYuDxJMiPT
w5oS1Kx8AafldKdufm04pkTchea8uCMB/ch3z6bmbC58sw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:17 2025 by rpki-client