Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa
File: d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa (raw, json)
Hash identifier: Pa12fNa4cGdmWtYBhAJdTayLejOVupV2U09/GpARbww=
Subject key identifier: 71:F9:9E:C2:7F:51:4A:C8:A0:68:7C:62:93:AD:10:C0:3B:74:41:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4089665A392E863DC905C6D1429FB9E60C9B4396
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa
Signing time: Fri 20 Jun 2025 00:10:41 +0000
ROA not before: Fri 20 Jun 2025 00:10:41 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01f::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:89:66:5a:39:2e:86:3d:c9:05:c6:d1:42:9f:b9:e6:0c:9b:43:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 20 00:10:41 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=2aa51050bd216789b0d0a8257ecc8ce96b95b1fa44946942928429c82d9effc6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c3:14:30:94:a1:91:95:09:2f:65:13:08:91:
34:1e:35:f8:b0:19:21:c8:bc:cc:76:25:14:c0:c9:
96:bb:7f:ee:ac:cf:50:b1:ee:9a:37:97:b2:0c:15:
89:c1:37:cc:70:aa:38:83:d2:e7:41:4c:28:bd:02:
93:29:79:1a:b9:55:e6:9c:16:ab:af:5d:04:37:a4:
73:f3:08:02:ba:aa:fb:ac:77:1c:74:4b:90:fb:62:
0a:02:7d:39:d5:1a:c1:87:de:9b:bd:a3:78:d1:1a:
b5:6b:66:35:42:1b:2f:4c:44:6d:f2:d8:29:5a:a0:
b3:c0:9b:53:e8:56:12:34:59:e4:fe:82:bc:e1:82:
29:c3:80:62:c6:76:e5:5d:fe:65:b3:2f:27:37:73:
53:82:8b:3e:49:4e:57:37:6f:a8:7f:5b:9d:de:b3:
bb:99:6a:6a:4f:05:cb:3e:cd:14:5f:e4:c4:b1:db:
41:a2:86:46:8a:45:ad:6c:1c:d6:f8:c1:ef:7d:fc:
f3:06:a4:e4:32:f6:8f:be:88:0c:b4:99:f1:52:76:
0f:7b:63:f3:e9:4f:68:29:c2:c2:ae:5b:a3:0a:0e:
de:03:12:2d:70:df:65:a2:7a:fd:a1:3f:b0:0e:f4:
e6:46:b4:b1:c7:f1:13:97:0c:2f:b5:dc:4c:6e:36:
ec:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F9:9E:C2:7F:51:4A:C8:A0:68:7C:62:93:AD:10:C0:3B:74:41:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01f::/37
Signature Algorithm: sha256WithRSAEncryption
b0:f5:b3:c1:33:bf:a9:4f:3b:84:78:e4:e9:d3:42:a9:c1:b4:
24:99:e4:2b:d1:9d:9b:f4:b1:e6:aa:ab:15:ee:b1:16:0a:fe:
61:fd:4a:f7:f8:b8:9e:5b:5a:ab:ae:ad:02:64:27:14:2f:40:
d4:e2:94:ea:0e:58:65:07:b1:e3:ed:ca:21:01:2a:a8:50:5b:
84:5c:3a:2d:4f:d7:1d:8f:9f:df:17:14:3c:a0:5e:74:89:bf:
a2:af:b5:20:c6:f7:0d:6f:47:e8:09:1b:b4:cb:7c:90:1f:f7:
df:37:75:e3:c9:44:61:44:ed:89:8e:c0:cd:95:fb:2f:81:ba:
a4:19:66:33:8f:95:55:70:24:4a:31:eb:0d:c1:7d:8b:d7:cc:
56:d9:e4:1c:b8:a2:66:b8:2f:80:77:dd:3f:23:bf:8f:76:20:
35:7b:d4:ec:64:85:7c:7d:33:9e:54:25:7f:3f:6f:32:da:46:
41:0c:73:39:c8:af:c0:4e:ac:52:fc:fb:de:66:7e:5b:33:94:
14:2f:03:1b:6f:f9:a4:3b:19:cd:71:d5:e9:91:f8:16:71:2f:
f9:77:a9:50:aa:4b:35:f2:d8:69:87:50:de:35:99:8c:3e:cd:
8a:46:ad:e5:7b:41:7d:52:d2:bd:70:65:1b:a1:35:f3:b1:15:
fe:5d:fd:d4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQIlmWjkuhj3JBcbRQp+55gybQ5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjAwMDEwNDFaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhYTUxMDUwYmQyMTY3ODliMGQwYTgyNTdlY2M4Y2U5NmI5NWIxZmE0NDk0
Njk0MjkyODQyOWM4MmQ5ZWZmYzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJzDFDCUoZGVCS9lEwiRNB41+LAZIci8zHYlFMDJlrt/7qzPULHumjeXsgwV
icE3zHCqOIPS50FMKL0Ckyl5GrlV5pwWq69dBDekc/MIArqq+6x3HHRLkPtiCgJ9
OdUawYfem72jeNEatWtmNUIbL0xEbfLYKVqgs8CbU+hWEjRZ5P6CvOGCKcOAYsZ2
5V3+ZbMvJzdzU4KLPklOVzdvqH9bnd6zu5lqak8Fyz7NFF/kxLHbQaKGRopFrWwc
1vjB73388wak5DL2j76IDLSZ8VJ2D3tj8+lPaCnCwq5bowoO3gMSLXDfZaJ6/aE/
sA705ka0scfxE5cML7XcTG427KECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRx+Z7C
f1FKyKBofGKTrRDAO3RBjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDJlNWNkMTEtZTMzYi00MDgwLTkxZDUtZjU1MGYxZDdhMGI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B8A
MA0GCSqGSIb3DQEBCwUAA4IBAQCw9bPBM7+pTzuEeOTp00KpwbQkmeQr0Z2b9LHm
qqsV7rEWCv5h/Ur3+LieW1qrrq0CZCcUL0DU4pTqDlhlB7Hj7cohASqoUFuEXDot
T9cdj5/fFxQ8oF50ib+ir7UgxvcNb0foCRu0y3yQH/ffN3XjyURhRO2JjsDNlfsv
gbqkGWYzj5VVcCRKMesNwX2L18xW2eQcuKJmuC+Ad90/I7+PdiA1e9TsZIV8fTOe
VCV/P28y2kZBDHM5yK/ATqxS/PveZn5bM5QULwMbb/mkOxnNcdXpkfgWcS/5d6lQ
qks18thph1DeNZmMPs2KRq3le0F9UtK9cGUboTXzsRX+Xf3U
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:13 2025 by rpki-client