Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa
File: d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa (raw, json)
Hash identifier: IJZh0Qx3NLKDSE9vC8EFOxGQMzqkZ1wYcjA5pk4H270=
Subject key identifier: 22:32:9D:5B:9D:DE:BB:CA:A6:B7:85:26:A7:93:3F:33:29:BA:06:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1457A0B60E57DE019EC2D25E31800953EDAE08FB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa
Signing time: Fri 20 Jun 2025 00:10:42 +0000
ROA not before: Fri 20 Jun 2025 00:10:42 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02f::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:57:a0:b6:0e:57:de:01:9e:c2:d2:5e:31:80:09:53:ed:ae:08:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 20 00:10:42 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=e1cd907ea0efc07434c73a154b55871de16c27aa00a27114da4ab0bc77bcba2b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:db:61:59:94:9d:58:e2:60:54:f0:83:eb:ac:
d5:b3:b3:5c:60:9e:62:f3:b2:7b:00:8a:cc:49:5f:
90:d3:33:43:35:8a:9d:96:50:bd:f5:cf:04:f6:96:
42:59:51:f7:48:dc:38:2b:60:e0:c6:ac:6b:93:8c:
22:1b:c4:3d:87:6b:73:21:07:94:fe:80:04:07:4d:
fc:2e:5a:72:a9:30:11:a2:2c:ca:d9:6f:25:8a:83:
27:39:af:ce:98:f1:2d:84:ab:c8:1a:c1:46:8a:8c:
02:44:92:b3:c4:82:f7:1b:e9:f5:aa:3d:91:46:83:
b7:57:5f:b1:14:1c:7e:a8:84:92:5f:a0:48:9a:4b:
dc:ec:81:73:86:70:4c:f6:dc:de:cc:a1:6b:17:ae:
15:66:06:e0:26:9e:a9:b9:d0:33:a4:f0:01:92:6b:
cb:65:28:a1:41:5c:82:9d:80:4e:dd:68:c4:30:dd:
4e:89:c5:a3:aa:0d:9b:e0:4e:f7:f0:ed:c4:1d:a7:
f0:7f:99:6e:0d:b7:62:91:08:f0:4b:b6:a3:7a:d8:
56:f7:0a:4a:59:7d:ca:71:da:89:4f:ae:37:da:14:
66:45:57:2e:97:41:ad:b4:f9:32:ee:63:69:0f:33:
ab:47:0b:0c:4e:c8:1f:12:c9:d5:7c:8a:ed:0c:a9:
00:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:32:9D:5B:9D:DE:BB:CA:A6:B7:85:26:A7:93:3F:33:29:BA:06:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02f::/37
Signature Algorithm: sha256WithRSAEncryption
53:7a:1a:14:18:cb:26:4e:9c:f9:ec:e6:b3:ea:22:3b:1b:96:
13:6b:cd:8f:d1:a5:c8:30:d6:e4:2c:f0:fa:02:26:75:f1:0b:
4a:e0:9c:8c:b2:c9:ce:de:3f:7f:b7:33:33:b4:72:e8:39:fe:
98:76:38:9f:46:15:37:0c:c6:bc:bd:52:8c:9a:36:63:34:90:
32:e4:c4:af:c9:fe:f8:87:53:dd:bb:82:88:e9:42:3d:62:8c:
81:a4:d6:4c:da:82:c9:b8:4d:85:0d:a1:24:7b:df:3f:a7:fc:
06:eb:3a:90:b9:e9:2c:1a:e0:c4:73:24:96:10:ed:67:37:ca:
fc:3e:45:0e:39:65:1d:01:53:d0:c8:46:76:3d:25:cd:36:da:
35:ac:3a:cc:92:23:e7:b4:bb:0d:64:94:25:d8:21:79:3d:f8:
86:aa:53:4f:d6:b5:b7:48:08:3e:d9:7f:0b:b1:a2:31:df:78:
d3:11:2e:3f:39:e1:81:31:72:21:57:3f:f1:db:c0:af:bb:a3:
26:99:86:69:f8:10:6f:85:3f:52:2f:3c:4e:e6:93:1f:20:14:
cd:0f:56:9e:6e:9d:74:1f:73:d0:ff:b1:b7:03:5d:87:4d:34:
57:91:87:57:0c:16:9a:61:14:15:bd:aa:41:be:da:82:3a:51:
63:d7:84:08
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFFegtg5X3gGewtJeMYAJU+2uCPswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjAwMDEwNDJaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxY2Q5MDdlYTBlZmMwNzQzNGM3M2ExNTRiNTU4NzFkZTE2YzI3YWEwMGEy
NzExNGRhNGFiMGJjNzdiY2JhMmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOHbYVmUnVjiYFTwg+us1bOzXGCeYvOyewCKzElfkNMzQzWKnZZQvfXPBPaW
QllR90jcOCtg4Masa5OMIhvEPYdrcyEHlP6ABAdN/C5acqkwEaIsytlvJYqDJzmv
zpjxLYSryBrBRoqMAkSSs8SC9xvp9ao9kUaDt1dfsRQcfqiEkl+gSJpL3OyBc4Zw
TPbc3syhaxeuFWYG4CaeqbnQM6TwAZJry2UooUFcgp2ATt1oxDDdTonFo6oNm+BO
9/DtxB2n8H+Zbg23YpEI8Eu2o3rYVvcKSll9ynHaiU+uN9oUZkVXLpdBrbT5Mu5j
aQ8zq0cLDE7IHxLJ1XyK7QypALUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQiMp1b
nd67yqa3hSankz8zKboGTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDJjZjQ3NmMtOWYzOS00ZWE4LWE2ZDUtNzlhODJjNGE0ZGZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0C8A
MA0GCSqGSIb3DQEBCwUAA4IBAQBTehoUGMsmTpz57Oaz6iI7G5YTa82P0aXIMNbk
LPD6AiZ18QtK4JyMssnO3j9/tzMztHLoOf6YdjifRhU3DMa8vVKMmjZjNJAy5MSv
yf74h1Pdu4KI6UI9YoyBpNZM2oLJuE2FDaEke98/p/wG6zqQueksGuDEcySWEO1n
N8r8PkUOOWUdAVPQyEZ2PSXNNto1rDrMkiPntLsNZJQl2CF5PfiGqlNP1rW3SAg+
2X8LsaIx33jTES4/OeGBMXIhVz/x28Cvu6MmmYZp+BBvhT9SLzxO5pMfIBTND1ae
bp10H3PQ/7G3A12HTTRXkYdXDBaaYRQVvapBvtqCOlFj14QI
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:03 2025 by rpki-client