Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
File: d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa (raw, json)
Hash identifier: zUajX88gOYeZOnuH5t4GZn1glVKlvD2V7vrWWCoPJlc=
Subject key identifier: 11:15:20:88:BD:CD:1D:70:10:41:D9:D3:10:C3:84:F8:1A:19:85:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3CE0CB55B59189DD6D721175792FC378FA67C109
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
Signing time: Mon 16 Jun 2025 21:20:07 +0000
ROA not before: Mon 16 Jun 2025 21:20:07 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:e0:cb:55:b5:91:89:dd:6d:72:11:75:79:2f:c3:78:fa:67:c1:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:20:07 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=a1f8a81ae97a19bab07a03b2307135a89e4752e0c0e86778be5a06a990629dda, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7e:3b:95:e5:3c:d0:de:a5:6a:8a:d2:98:ba:
bd:3a:d3:2c:3f:5f:5c:61:ab:3d:c4:4d:2a:fb:fc:
ac:2d:8c:ba:f7:df:8a:69:f8:63:49:5c:99:05:bd:
2a:b8:69:09:e0:37:01:a6:a3:17:0a:25:28:3d:49:
cb:63:99:44:53:a0:c1:2c:c8:c0:71:84:ee:ee:84:
27:e4:95:97:ef:f9:da:74:7c:8e:26:f7:c7:d6:ab:
68:a7:fe:85:79:df:f8:c1:9a:67:44:14:a1:05:c7:
5e:62:13:2d:83:39:0d:32:f0:a9:1d:4a:e7:02:10:
82:11:f7:d6:cd:ba:ce:d6:fd:f1:1f:29:81:9d:9f:
da:22:03:b7:c8:b5:06:6a:30:a0:12:77:41:26:4d:
76:bf:25:00:7f:8e:3b:bf:30:29:6e:d7:61:dd:0b:
00:7d:fb:a0:49:4f:ba:34:7d:cf:1c:50:38:b8:d5:
b8:54:9e:0c:60:bc:02:59:8f:95:f1:7b:cb:3f:49:
e0:7d:3a:55:a6:57:37:67:f1:7e:c3:77:9c:88:ab:
f3:02:a4:7d:01:b4:75:33:97:bc:96:08:59:06:fd:
81:4b:42:e7:8a:c0:c3:b3:39:c1:2d:97:7b:50:b6:
f6:05:c0:13:af:80:a2:53:be:c0:42:38:65:d8:f8:
b1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:15:20:88:BD:CD:1D:70:10:41:D9:D3:10:C3:84:F8:1A:19:85:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:1000::/40
Signature Algorithm: sha256WithRSAEncryption
9a:15:01:08:b0:cb:44:c3:28:a8:ac:0f:d4:ca:28:39:4e:e9:
94:36:01:85:bc:ec:05:b9:27:2f:db:c4:65:e8:1b:bc:a1:45:
f3:ce:bf:a4:04:b8:c7:b5:9c:e4:38:d5:2e:d3:b9:bc:94:43:
c3:d6:33:85:33:35:d2:b7:e8:53:3f:24:cc:d8:80:e4:23:fa:
f3:aa:4e:9d:cb:45:e5:0b:03:8a:81:7a:82:3c:bb:e2:54:8d:
75:32:57:37:0a:a5:7f:1c:c7:b4:bf:77:3e:b9:f6:50:47:4f:
a7:43:d5:b2:f3:37:00:6e:8a:ed:05:eb:a5:d1:fb:4d:e0:6f:
71:d5:8e:d3:1f:3e:98:d8:ac:26:a4:95:cd:c1:37:15:a1:53:
54:13:96:fc:5b:b2:54:31:82:ac:56:e9:ee:2b:17:cb:f6:9d:
56:35:74:7f:52:fc:27:54:75:b9:73:b4:ce:ba:d9:49:12:dd:
57:86:f0:fb:23:59:d0:30:9c:82:ec:19:e0:cc:68:64:72:44:
10:4b:54:e0:e0:c4:87:d3:d3:af:bf:e5:76:93:56:9f:0d:9a:
d8:08:b3:42:e4:c9:ad:43:1e:91:78:d7:d9:b8:67:66:91:5e:
6f:54:7a:c0:73:10:2b:af:66:40:01:2d:af:80:06:b6:e1:7b:
a6:b9:30:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPODLVbWRid1tchF1eS/DePpnwQkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIwMDdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGExZjhhODFhZTk3YTE5YmFiMDdhMDNiMjMwNzEzNWE4OWU0NzUyZTBjMGU4
Njc3OGJlNWEwNmE5OTA2MjlkZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5+O5XlPNDepWqK0pi6vTrTLD9fXGGrPcRNKvv8rC2Muvffimn4Y0lcmQW9
KrhpCeA3AaajFwolKD1Jy2OZRFOgwSzIwHGE7u6EJ+SVl+/52nR8jib3x9araKf+
hXnf+MGaZ0QUoQXHXmITLYM5DTLwqR1K5wIQghH31s26ztb98R8pgZ2f2iIDt8i1
BmowoBJ3QSZNdr8lAH+OO78wKW7XYd0LAH37oElPujR9zxxQOLjVuFSeDGC8AlmP
lfF7yz9J4H06VaZXN2fxfsN3nIir8wKkfQG0dTOXvJYIWQb9gUtC54rAw7M5wS2X
e1C29gXAE6+AolO+wEI4Zdj4sf8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQRFSCI
vc0dcBBB2dMQw4T4GhmFfzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDM4NWZmNGItN2Y4ZS00NWQyLThmOGItZmNkZTE0MjZhMDUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCaFQEIsMtEwyiorA/Uyig5TumUNgGFvOwFuScv
28Rl6Bu8oUXzzr+kBLjHtZzkONUu07m8lEPD1jOFMzXSt+hTPyTM2IDkI/rzqk6d
y0XlCwOKgXqCPLviVI11Mlc3CqV/HMe0v3c+ufZQR0+nQ9Wy8zcAbortBeul0ftN
4G9x1Y7THz6Y2KwmpJXNwTcVoVNUE5b8W7JUMYKsVunuKxfL9p1WNXR/UvwnVHW5
c7TOutlJEt1XhvD7I1nQMJyC7BngzGhkckQQS1Tg4MSH09Ovv+V2k1afDZrYCLNC
5MmtQx6ReNfZuGdmkV5vVHrAcxArr2ZAAS2vgAa24XumuTC5
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:47 2025 by rpki-client