Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c65e11fa-ec6d-4214-88c5-464a024d8957.roa
File: c65e11fa-ec6d-4214-88c5-464a024d8957.roa (raw, json)
Hash identifier: CztIh3DdcyZPHpKAwyq/Lf/vagSZQaOfLq4TH63kzh4=
Subject key identifier: 5B:64:AD:5A:37:9F:A5:E9:75:A0:E5:B7:D4:B5:58:0D:CC:8F:5A:D1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: AC88C321A3766FB9F2D7987B8EB3D630C1968E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c65e11fa-ec6d-4214-88c5-464a024d8957.roa
Signing time: Mon 16 Jun 2025 20:11:39 +0000
ROA not before: Mon 16 Jun 2025 20:11:39 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
ac:88:c3:21:a3:76:6f:b9:f2:d7:98:7b:8e:b3:d6:30:c1:96:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:11:39 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=d5a47b68d138b136168665644b119ef44d8e3c357292f128b963e0f69fe0fa84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ce:f7:62:06:ae:be:3c:cf:f6:eb:b7:5a:b6:
71:d6:24:64:ee:ef:f8:11:0b:1d:3e:95:61:71:2a:
59:a3:f2:ae:b8:39:eb:55:4b:1e:10:41:4f:64:40:
c1:34:67:36:4e:dd:13:a1:6d:d9:c9:91:d1:c5:76:
41:88:2a:54:8d:ff:0f:6d:7c:c2:7d:df:4f:93:9c:
39:de:8d:98:99:05:50:b4:5f:8f:80:43:9b:1c:37:
08:8e:2a:6f:6b:6c:17:51:fc:98:0f:ee:53:6d:b3:
df:0e:9d:13:e4:ad:ad:15:b3:19:28:56:ec:ab:6a:
ca:9b:c9:8a:5e:bd:17:86:03:fa:e8:b6:87:0c:bd:
8c:e1:64:8c:a2:c9:af:1c:6d:f7:fa:b5:f4:1a:9a:
2f:84:b6:60:88:58:69:d4:21:32:67:e8:49:be:9e:
88:05:5c:47:7c:e2:06:92:16:a6:e9:a2:16:43:09:
3f:f6:86:2f:da:0b:9c:e2:2c:ae:7c:e4:f7:c4:17:
34:11:e5:6d:13:84:65:f8:86:f6:c9:26:6a:f9:cc:
9c:89:2d:17:8d:9e:49:a8:ad:c2:f9:9d:5d:f3:00:
80:83:97:a8:0f:27:9e:91:77:06:18:a9:61:5c:3e:
5b:2d:67:17:35:f8:33:69:e9:23:65:3a:a4:0d:63:
ea:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:64:AD:5A:37:9F:A5:E9:75:A0:E5:B7:D4:B5:58:0D:CC:8F:5A:D1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c65e11fa-ec6d-4214-88c5-464a024d8957.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4000::/40
Signature Algorithm: sha256WithRSAEncryption
9e:07:4d:47:f7:f1:87:f9:a2:a1:5f:fa:ad:ff:4b:e4:c0:61:
51:65:c1:6a:45:33:8a:0a:0d:eb:75:e5:c1:34:31:f8:32:24:
ed:a1:bb:a5:7b:d2:0a:05:37:0f:17:5d:e3:1f:af:98:dd:34:
4e:06:c1:20:b9:4c:bf:52:99:3b:ef:4b:3d:5f:da:04:2d:f9:
f2:29:0f:f0:25:eb:19:dc:48:fa:b6:2c:b6:b3:c0:ce:b3:fd:
d9:f9:d1:30:74:b2:67:2b:34:cb:b6:e1:be:d1:be:48:0c:b2:
14:37:e1:00:8f:89:7e:40:5c:f2:99:76:62:0e:18:34:00:a9:
63:6c:d9:f2:dd:94:45:af:49:11:da:86:76:bc:4a:1e:6d:1a:
74:69:b9:4c:92:3f:da:ac:75:44:c8:6f:84:a1:d2:be:d2:46:
6d:51:a8:d4:69:f2:35:a5:40:d0:e2:de:31:7d:1f:3a:a7:b8:
1b:95:a5:f7:e1:3b:1f:fb:53:c9:44:56:95:80:9a:2b:56:bb:
da:89:ae:34:49:91:aa:94:cb:d9:cb:b8:7f:78:6f:e1:f0:91:
34:cc:25:c5:8c:a3:36:8d:1a:46:c4:4b:35:d3:0c:a5:a7:38:
ae:42:80:4a:bc:22:15:1b:10:1c:a6:d6:42:79:a5:7b:ca:d5:
cf:0b:e4:1b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAKyIwyGjdm+58teYe46z1jDBlo4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDExMzlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1YTQ3YjY4ZDEzOGIxMzYxNjg2NjU2NDRiMTE5ZWY0NGQ4ZTNjMzU3Mjky
ZjEyOGI5NjNlMGY2OWZlMGZhODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/O92IGrr48z/brt1q2cdYkZO7v+BELHT6VYXEqWaPyrrg561VLHhBBT2RA
wTRnNk7dE6Ft2cmR0cV2QYgqVI3/D218wn3fT5OcOd6NmJkFULRfj4BDmxw3CI4q
b2tsF1H8mA/uU22z3w6dE+StrRWzGShW7KtqypvJil69F4YD+ui2hwy9jOFkjKLJ
rxxt9/q19BqaL4S2YIhYadQhMmfoSb6eiAVcR3ziBpIWpumiFkMJP/aGL9oLnOIs
rnzk98QXNBHlbROEZfiG9skmavnMnIktF42eSaitwvmdXfMAgIOXqA8nnpF3Bhip
YVw+Wy1nFzX4M2npI2U6pA1j6qsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRbZK1a
N5+l6XWg5bfUtVgNzI9a0TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzY1ZTExZmEtZWM2ZC00MjE0LTg4YzUtNDY0YTAyNGQ4OTU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFA
MA0GCSqGSIb3DQEBCwUAA4IBAQCeB01H9/GH+aKhX/qt/0vkwGFRZcFqRTOKCg3r
deXBNDH4MiTtobule9IKBTcPF13jH6+Y3TROBsEguUy/Upk770s9X9oELfnyKQ/w
JesZ3Ej6tiy2s8DOs/3Z+dEwdLJnKzTLtuG+0b5IDLIUN+EAj4l+QFzymXZiDhg0
AKljbNny3ZRFr0kR2oZ2vEoebRp0ablMkj/arHVEyG+EodK+0kZtUajUafI1pUDQ
4t4xfR86p7gblaX34Tsf+1PJRFaVgJorVrvaia40SZGqlMvZy7h/eG/h8JE0zCXF
jKM2jRpGxEs10wylpziuQoBKvCIVGxAcptZCeaV7ytXPC+Qb
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:18 2025 by rpki-client