Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6265269-370a-4e3b-983b-9bec3a5c535a.roa
File: d6265269-370a-4e3b-983b-9bec3a5c535a.roa (raw, json)
Hash identifier: bqoEtcEUEgy6DWE5KJ+Qkem1HXh5UoDrcPPWg8+A19w=
Subject key identifier: 70:8F:37:DD:95:5B:92:AD:7A:ED:C1:C2:73:00:59:09:29:17:C8:94
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 024CC8BEF1BD96F79B35C61C984D3B2BB59B0707
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6265269-370a-4e3b-983b-9bec3a5c535a.roa
Signing time: Thu 26 Jun 2025 19:52:14 +0000
ROA not before: Thu 26 Jun 2025 19:52:14 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:4c:c8:be:f1:bd:96:f7:9b:35:c6:1c:98:4d:3b:2b:b5:9b:07:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:52:14 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=1f710799045c5990f4dd5eba3744c397f16dc6e06e39760c3f3f167f34502f3a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:14:8a:a4:68:00:49:a8:30:89:1c:14:1c:af:
fa:75:0f:23:1f:d8:80:2c:cb:a2:cf:96:98:e9:a5:
b3:96:8a:43:6c:e2:e6:fe:f3:4b:9f:98:6f:76:0f:
61:0e:a0:a0:dd:4c:42:83:3f:f6:85:3f:7d:4f:f8:
63:20:ea:31:88:67:47:a6:45:0a:48:cc:b2:86:cb:
f3:65:d9:88:71:39:4e:ae:e0:11:b7:45:19:58:83:
18:70:a1:c6:35:ce:f1:f8:55:34:ca:a6:e6:8a:89:
82:37:1c:57:4d:4b:63:a1:74:55:95:5b:47:64:06:
ec:a7:46:e1:5b:a3:a7:5e:6d:07:47:7c:97:e1:64:
50:56:92:bf:74:b2:59:69:c1:ae:ec:37:53:45:67:
2a:88:d0:12:42:4f:b7:c2:6c:94:81:17:81:c1:df:
00:01:9f:7f:da:c9:13:fd:36:21:da:b4:5f:b6:8b:
d3:73:a1:d8:99:f3:a8:7e:75:39:0b:87:95:a9:a3:
9b:47:d4:18:89:9d:de:72:d5:2e:0a:0d:32:34:a5:
7a:e7:a2:b8:cf:3c:09:20:91:af:56:77:90:80:5e:
f0:3b:f2:c5:6c:7c:c9:5e:1c:f4:3f:ef:93:0f:33:
c0:32:44:dc:68:76:9b:9b:81:f5:f1:51:4d:a7:aa:
78:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8F:37:DD:95:5B:92:AD:7A:ED:C1:C2:73:00:59:09:29:17:C8:94
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6265269-370a-4e3b-983b-9bec3a5c535a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:e000::/40
Signature Algorithm: sha256WithRSAEncryption
37:e5:3e:74:01:97:f3:a8:fc:7d:e9:34:31:31:ec:a1:c1:02:
ed:60:ff:5f:73:24:80:9f:1f:32:e0:1d:82:81:82:28:c8:31:
f7:6f:a5:78:b1:3d:04:5a:79:76:b8:ae:f1:b4:58:4a:64:f3:
a0:04:25:ed:93:55:bc:b9:de:2d:3c:a1:79:04:04:89:d6:27:
14:e5:8b:97:00:d8:16:61:31:a4:5a:11:14:99:a8:a9:fd:1c:
66:d1:3e:27:03:70:f3:f0:f7:f4:51:6e:68:82:b5:29:9e:06:
b3:a8:14:76:a2:ee:0a:1c:40:ef:ce:66:38:7a:2a:52:c8:c4:
55:d1:2b:08:19:15:86:72:42:98:c4:9b:d4:11:b9:c9:a6:b7:
a4:fb:97:5f:2c:c4:2b:5c:b2:fe:1b:c0:19:1c:7e:23:52:42:
d7:bf:21:46:ff:3b:e7:6e:ca:e5:97:07:63:6d:47:fe:f0:1d:
85:66:ab:31:02:41:89:9d:52:f0:78:61:1a:4d:12:d0:28:72:
54:d2:8c:d1:f6:4c:6b:f6:23:0a:bd:63:b5:75:ef:16:4f:ce:
3a:a0:e9:a4:d4:c8:28:12:34:b3:11:75:e7:73:fa:71:cf:7f:
54:b7:64:d9:8e:76:6b:3a:3d:f6:46:50:a7:d1:16:c0:95:9e:
42:67:c6:52
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAkzIvvG9lvebNcYcmE07K7WbBwcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTUyMTRaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmNzEwNzk5MDQ1YzU5OTBmNGRkNWViYTM3NDRjMzk3ZjE2ZGM2ZTA2ZTM5
NzYwYzNmM2YxNjdmMzQ1MDJmM2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0UiqRoAEmoMIkcFByv+nUPIx/YgCzLos+WmOmls5aKQ2zi5v7zS5+Yb3YP
YQ6goN1MQoM/9oU/fU/4YyDqMYhnR6ZFCkjMsobL82XZiHE5Tq7gEbdFGViDGHCh
xjXO8fhVNMqm5oqJgjccV01LY6F0VZVbR2QG7KdG4Vujp15tB0d8l+FkUFaSv3Sy
WWnBruw3U0VnKojQEkJPt8JslIEXgcHfAAGff9rJE/02Idq0X7aL03Oh2JnzqH51
OQuHlamjm0fUGImd3nLVLgoNMjSleueiuM88CSCRr1Z3kIBe8DvyxWx8yV4c9D/v
kw8zwDJE3Gh2m5uB9fFRTaeqeEkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRwjzfd
lVuSrXrtwcJzAFkJKRfIlDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDYyNjUyNjktMzcwYS00ZTNiLTk4M2ItOWJlYzNhNWM1MzVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HPg
MA0GCSqGSIb3DQEBCwUAA4IBAQA35T50AZfzqPx96TQxMeyhwQLtYP9fcySAnx8y
4B2CgYIoyDH3b6V4sT0EWnl2uK7xtFhKZPOgBCXtk1W8ud4tPKF5BASJ1icU5YuX
ANgWYTGkWhEUmaip/Rxm0T4nA3Dz8Pf0UW5ogrUpngazqBR2ou4KHEDvzmY4eipS
yMRV0SsIGRWGckKYxJvUEbnJprek+5dfLMQrXLL+G8AZHH4jUkLXvyFG/zvnbsrl
lwdjbUf+8B2FZqsxAkGJnVLweGEaTRLQKHJU0ozR9kxr9iMKvWO1de8WT846oOmk
1MgoEjSzEXXnc/pxz39Ut2TZjnZrOj32RlCn0RbAlZ5CZ8ZS
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:37:08 2025 by rpki-client