Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
File: c768f15e-576e-48c0-91d4-8446a6be70a8.roa (raw, json)
Hash identifier: U5ax7AN7K+kGQRPussbkprEQljBBcnb7nS+JOa3IYxw=
Subject key identifier: AD:F9:9C:12:7C:12:A7:FE:B8:9E:A0:B4:2C:08:AB:E0:45:53:EF:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3AAE67A3BA427F327B117D61BC4BE07AAF112488
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
Signing time: Mon 16 Jun 2025 21:21:24 +0000
ROA not before: Mon 16 Jun 2025 21:21:24 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:ae:67:a3:ba:42:7f:32:7b:11:7d:61:bc:4b:e0:7a:af:11:24:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:21:24 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=b9395e9b6b326c7fc8d51edb1d8edc43fad0c0ec1abfdc8a3f6d815743770c23, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:96:99:51:36:ec:6b:91:cc:6e:7d:1f:15:9c:
42:22:88:99:02:4c:85:a1:aa:11:5a:0b:39:25:5e:
b6:33:b6:3d:89:e7:7d:25:d8:e7:93:d0:07:9d:f2:
2e:0f:43:a9:f3:1e:4e:68:a3:1c:b6:48:db:47:e4:
9b:00:35:36:4e:bc:d9:b8:34:da:cb:ed:eb:7a:11:
b0:c4:74:c8:ec:97:51:c2:a9:9d:4c:7e:59:88:62:
5a:8c:99:6e:d4:3b:64:0c:51:07:52:00:44:98:53:
b6:5b:c2:26:e5:b2:a2:fe:1e:2e:ba:c0:59:a7:24:
69:d4:ee:3c:0c:10:5a:39:bc:01:ae:fa:8b:9d:c9:
75:49:40:73:76:59:45:53:20:25:29:7c:61:c6:af:
47:81:17:a8:f1:82:e3:2f:49:9d:6f:ea:20:4c:c0:
35:ca:16:63:cb:d2:5f:d2:c5:d7:70:c6:1e:21:f5:
19:22:5a:5f:12:94:8a:81:0f:4a:eb:52:99:74:e3:
9d:0f:5b:53:69:43:fd:81:3d:68:cd:ff:6f:5a:6f:
f3:60:5a:c2:e2:98:f3:ed:56:56:30:80:72:67:5c:
ab:c8:9c:60:b4:c7:f9:a4:ac:71:35:f3:00:61:b7:
61:3c:e5:1d:fb:45:3a:55:20:36:22:02:51:ec:40:
4c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F9:9C:12:7C:12:A7:FE:B8:9E:A0:B4:2C:08:AB:E0:45:53:EF:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:e000::/40
Signature Algorithm: sha256WithRSAEncryption
70:a5:ca:92:9a:ee:cf:38:5f:eb:57:b4:b5:6e:ce:ac:f8:e4:
17:63:a0:13:93:ab:f9:af:64:3c:7a:66:93:77:c0:9d:27:0f:
ea:cd:ea:75:fd:e5:6c:db:f6:88:3b:ad:9a:fa:02:62:d2:80:
46:cf:83:90:1b:00:99:d4:95:54:db:31:51:cb:4b:79:65:f5:
c0:35:76:cc:b5:ad:90:6c:e4:3a:fb:06:b2:8f:38:17:a4:b6:
53:f4:ed:d8:f4:9c:cc:63:30:87:4c:1b:94:7a:cb:f4:a1:ec:
6b:bc:64:f9:91:b5:f9:00:5d:e9:39:f9:5b:cf:b8:3e:3d:89:
78:7c:87:c3:6d:67:21:3c:c2:47:b4:49:c5:b8:d9:4b:56:2d:
28:ad:45:15:12:34:04:f3:99:58:31:2d:88:86:09:ef:4d:97:
8c:4a:b2:87:92:ef:cf:2b:2e:8f:6c:a2:7f:3f:c8:b4:7f:08:
3c:a4:9d:64:46:be:92:de:79:30:5c:3d:46:ed:25:52:f4:8b:
40:90:56:f8:33:99:e2:91:13:cb:d0:0b:42:2a:2c:30:7b:07:
6d:79:46:53:db:91:a2:fc:13:e7:e5:c7:76:86:06:cb:dc:fb:
e6:a2:c0:34:21:14:63:eb:80:ea:68:75:2e:25:f2:e4:5c:28:
c5:06:31:12
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOq5no7pCfzJ7EX1hvEvgeq8RJIgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIxMjRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5Mzk1ZTliNmIzMjZjN2ZjOGQ1MWVkYjFkOGVkYzQzZmFkMGMwZWMxYWJm
ZGM4YTNmNmQ4MTU3NDM3NzBjMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOSWmVE27GuRzG59HxWcQiKImQJMhaGqEVoLOSVetjO2PYnnfSXY55PQB53y
Lg9DqfMeTmijHLZI20fkmwA1Nk682bg02svt63oRsMR0yOyXUcKpnUx+WYhiWoyZ
btQ7ZAxRB1IARJhTtlvCJuWyov4eLrrAWackadTuPAwQWjm8Aa76i53JdUlAc3ZZ
RVMgJSl8YcavR4EXqPGC4y9JnW/qIEzANcoWY8vSX9LF13DGHiH1GSJaXxKUioEP
SutSmXTjnQ9bU2lD/YE9aM3/b1pv82BawuKY8+1WVjCAcmdcq8icYLTH+aSscTXz
AGG3YTzlHftFOlUgNiICUexATNMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSt+ZwS
fBKn/rieoLQsCKvgRVPvuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc2OGYxNWUtNTc2ZS00OGMwLTkxZDQtODQ0NmE2YmU3MGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DLg
MA0GCSqGSIb3DQEBCwUAA4IBAQBwpcqSmu7POF/rV7S1bs6s+OQXY6ATk6v5r2Q8
emaTd8CdJw/qzep1/eVs2/aIO62a+gJi0oBGz4OQGwCZ1JVU2zFRy0t5ZfXANXbM
ta2QbOQ6+wayjzgXpLZT9O3Y9JzMYzCHTBuUesv0oexrvGT5kbX5AF3pOflbz7g+
PYl4fIfDbWchPMJHtEnFuNlLVi0orUUVEjQE85lYMS2IhgnvTZeMSrKHku/PKy6P
bKJ/P8i0fwg8pJ1kRr6S3nkwXD1G7SVS9ItAkFb4M5nikRPL0AtCKiwwewdteUZT
25Gi/BPn5cd2hgbL3PvmosA0IRRj64DqaHUuJfLkXCjFBjES
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:27 2025 by rpki-client