Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
File: d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa (raw, json)
Hash identifier: qWN7xxLT7RgGTzllKDtqTGuqs2nfauuYXoVVcCYCGZw=
Subject key identifier: F0:85:26:D2:7F:ED:6D:98:AE:71:BE:E1:F2:2B:09:4D:99:9B:8E:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23996489B9DB37A663DC3241E1ACE16D6B4D2C66
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
Signing time: Mon 16 Jun 2025 21:31:13 +0000
ROA not before: Mon 16 Jun 2025 21:31:13 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:99:64:89:b9:db:37:a6:63:dc:32:41:e1:ac:e1:6d:6b:4d:2c:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:13 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=b42c8910a104ef6ed7b207662f08e72500062d2b0abd7cc295b46fb381fc83a0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ba:64:a0:01:3c:43:cf:b2:dc:b5:59:b5:e7:
8f:f6:ed:32:28:16:64:d2:e8:62:d0:b8:4e:14:44:
2d:23:96:9d:6b:1b:12:d5:c2:48:a0:55:ef:67:4c:
d4:5a:19:e1:23:4b:0d:b2:2f:bd:03:b3:32:25:69:
fb:a4:2f:17:63:0e:cd:0e:8c:ad:bf:08:7d:c0:47:
aa:25:48:05:fb:2a:12:aa:3f:1c:25:cd:ac:38:bf:
10:12:1e:80:92:31:d6:5d:4c:69:ba:f5:0d:7c:a1:
6d:04:42:09:c3:6e:21:b3:d3:e8:ad:4a:43:68:15:
69:aa:c9:a5:fc:67:7c:be:49:16:3e:72:c2:fa:7f:
58:88:7b:96:f2:92:f2:26:27:a4:da:44:2d:d7:97:
58:df:5c:a1:d8:77:3b:c2:77:30:4c:b0:43:5e:2f:
bd:fd:ee:86:ff:b0:a4:3b:62:f2:d5:95:3a:4d:57:
91:66:50:3e:ee:3f:de:d6:28:ca:68:13:d8:06:8d:
33:a7:8b:6c:3a:19:4a:97:6c:bf:aa:0c:3a:04:93:
45:65:b2:43:ce:af:31:88:c3:78:ab:33:59:c7:90:
60:b3:9b:bf:5f:01:02:46:13:80:f4:22:60:6b:f7:
64:aa:e5:1c:8f:bb:2f:5d:fc:8e:b1:de:aa:bc:84:
02:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:85:26:D2:7F:ED:6D:98:AE:71:BE:E1:F2:2B:09:4D:99:9B:8E:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016:400::/38
Signature Algorithm: sha256WithRSAEncryption
8d:6e:8d:6d:f1:33:f2:4e:76:10:eb:52:3a:58:0c:7d:f7:5d:
4d:f1:b7:d7:85:11:92:c1:31:b1:4c:12:d2:02:8c:28:10:4a:
f5:6d:2b:af:2d:74:29:0a:7b:8e:50:28:4f:ca:a2:65:a9:be:
ba:d6:5e:99:8c:df:08:02:23:0a:50:05:e5:a0:e8:ec:f4:11:
b8:42:62:98:29:d1:45:bb:bf:ff:d8:ec:c5:8e:e1:e3:f3:24:
db:a9:78:35:60:a4:b1:b8:1f:59:de:6e:d3:3d:4b:e4:3c:b3:
aa:07:bf:e0:f1:b7:0e:29:cc:6d:44:c3:13:d3:ec:00:94:72:
15:df:aa:6b:b4:98:a0:a8:db:a1:61:01:c1:88:8f:8f:08:4e:
80:21:7e:e8:bb:fd:61:c5:7f:3a:8f:dc:ee:95:59:37:b6:e1:
13:85:76:94:3e:bb:03:c6:93:c8:ca:7c:99:19:4c:7d:08:13:
6a:eb:28:20:38:0d:8f:d7:57:af:df:74:5b:f4:05:48:49:3f:
f1:ba:91:ed:d5:c2:86:ae:2b:c0:30:50:ad:90:c8:37:24:ee:
e5:57:c0:7d:87:de:56:5c:18:f0:4e:8e:e9:2e:a3:65:c2:a4:
49:d1:d6:95:7a:95:6e:1f:c8:ef:05:57:7e:47:25:5d:d5:85:
32:14:c1:0a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUI5lkibnbN6Zj3DJB4azhbWtNLGYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxMTNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0MmM4OTEwYTEwNGVmNmVkN2IyMDc2NjJmMDhlNzI1MDAwNjJkMmIwYWJk
N2NjMjk1YjQ2ZmIzODFmYzgzYTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALe6ZKABPEPPsty1WbXnj/btMigWZNLoYtC4ThRELSOWnWsbEtXCSKBV72dM
1FoZ4SNLDbIvvQOzMiVp+6QvF2MOzQ6Mrb8IfcBHqiVIBfsqEqo/HCXNrDi/EBIe
gJIx1l1Mabr1DXyhbQRCCcNuIbPT6K1KQ2gVaarJpfxnfL5JFj5ywvp/WIh7lvKS
8iYnpNpELdeXWN9codh3O8J3MEywQ14vvf3uhv+wpDti8tWVOk1XkWZQPu4/3tYo
ymgT2AaNM6eLbDoZSpdsv6oMOgSTRWWyQ86vMYjDeKszWceQYLObv18BAkYTgPQi
YGv3ZKrlHI+7L138jrHeqryEAjECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTwhSbS
f+1tmK5xvuHyKwlNmZuOEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDNhYzhhMGEtOGQwNi00MGRlLWEyOTItY2I4MjRiN2M0OGI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYE
MA0GCSqGSIb3DQEBCwUAA4IBAQCNbo1t8TPyTnYQ61I6WAx9911N8bfXhRGSwTGx
TBLSAowoEEr1bSuvLXQpCnuOUChPyqJlqb661l6ZjN8IAiMKUAXloOjs9BG4QmKY
KdFFu7//2OzFjuHj8yTbqXg1YKSxuB9Z3m7TPUvkPLOqB7/g8bcOKcxtRMMT0+wA
lHIV36prtJigqNuhYQHBiI+PCE6AIX7ou/1hxX86j9zulVk3tuEThXaUPrsDxpPI
ynyZGUx9CBNq6yggOA2P11ev33Rb9AVIST/xupHt1cKGrivAMFCtkMg3JO7lV8B9
h95WXBjwTo7pLqNlwqRJ0daVepVuH8jvBVd+RyVd1YUyFMEK
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:35 2025 by rpki-client