Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa
File: d62aaac2-f54a-4bc2-8155-22367e855165.roa (raw, json)
Hash identifier: L0GDq5j6dmzQiO5GukMzpQcX9C0Kw/kPpshJG6Ccwyk=
Subject key identifier: CC:41:6F:B0:B7:6E:36:06:0C:3C:12:12:82:5D:06:35:5F:08:D3:34
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 421EF7AAC9C5F05AF365BFBB15D2EF1958F9D664
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa
Signing time: Mon 16 Jun 2025 21:20:17 +0000
ROA not before: Mon 16 Jun 2025 21:20:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:1e:f7:aa:c9:c5:f0:5a:f3:65:bf:bb:15:d2:ef:19:58:f9:d6:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:20:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=53dd26a82ca39da5da9de20d3cca8527d654e3874ffc1d1574d2d03453115c17, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:70:e9:be:26:e3:5b:af:d1:d6:e5:c8:96:75:
c5:a8:7c:52:bb:4a:27:2c:b4:dd:6e:ac:f0:7a:22:
3b:35:be:2b:0b:b1:2a:10:e0:d1:49:e2:08:81:c1:
0e:4d:a8:4c:0d:2a:98:91:4e:45:68:7f:96:40:34:
a9:f1:68:02:78:31:39:4f:e9:99:84:e5:87:b3:c8:
8a:ad:0c:a3:7a:95:fc:43:74:05:77:21:2f:bd:0b:
54:99:ee:e9:eb:83:13:b4:44:85:d8:8c:00:b1:a3:
85:01:e0:90:22:d3:f8:88:ea:de:af:3d:bd:84:66:
3e:bb:46:3d:ae:bf:59:17:78:3b:a7:5a:8a:56:e9:
d3:33:6e:c1:e0:a8:73:bc:7e:8d:62:87:5d:ce:5b:
61:fd:92:8a:15:fe:95:c3:35:61:80:f6:aa:0f:22:
c7:06:6d:9a:35:ef:ea:42:20:5d:d0:3d:f8:d8:91:
df:34:98:5c:b1:16:a4:bf:af:e3:e8:be:bc:09:1e:
dd:49:46:b6:30:bc:11:94:09:e7:a4:7a:e5:a9:01:
8d:bf:a6:31:31:4a:dc:68:07:02:2b:b1:62:50:c7:
b5:6a:88:70:7d:98:33:03:e1:4d:b4:6b:b1:22:20:
ad:d5:bc:a5:c4:da:fe:72:8f:88:e6:68:a3:d7:ea:
2d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:41:6F:B0:B7:6E:36:06:0C:3C:12:12:82:5D:06:35:5F:08:D3:34
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:b000::/40
Signature Algorithm: sha256WithRSAEncryption
2a:71:18:13:2b:7e:63:e5:b8:6a:c4:7a:02:b2:9e:f4:48:99:
dc:5a:f0:4c:fc:5a:10:85:31:8c:bd:23:b7:16:e5:44:b4:0b:
1f:cd:d3:8b:12:12:e3:f0:ea:16:ff:4d:cf:1d:42:c5:22:c5:
32:78:be:d5:c1:23:b6:ee:a6:b5:a2:a0:b5:0e:f0:af:c1:9f:
46:fe:f9:c1:75:a0:ed:ff:98:88:95:45:39:a9:24:45:3a:a9:
52:8a:9a:bf:20:17:7c:4f:16:b5:9d:9b:60:d4:bf:47:73:a6:
9a:d6:1e:9f:e1:10:ac:ad:45:eb:91:10:6b:60:6b:e1:ac:87:
c4:cb:50:e6:fa:39:c0:db:48:9c:95:0f:be:28:ee:fe:3e:dc:
a5:86:44:2d:12:3b:fa:66:b0:cf:74:93:c7:4f:98:4c:f0:0c:
41:df:9e:f6:23:d3:66:70:f3:ec:9e:a2:d4:bc:b9:f6:a1:97:
ad:23:a0:c6:1d:54:f7:d4:8e:4f:24:93:f5:e7:0a:06:7b:2d:
1d:89:7b:9d:f6:9a:31:15:68:57:cf:5a:26:83:9f:55:3c:31:
79:29:6b:0a:42:9c:0b:6c:dc:67:2b:b0:f7:f0:ef:1f:cb:fb:
78:6b:c8:6c:41:cf:5f:91:73:f2:e2:c6:3e:df:e0:aa:d5:dc:
bb:af:6c:b0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQh73qsnF8FrzZb+7FdLvGVj51mQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIwMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzZGQyNmE4MmNhMzlkYTVkYTlkZTIwZDNjY2E4NTI3ZDY1NGUzODc0ZmZj
MWQxNTc0ZDJkMDM0NTMxMTVjMTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1w6b4m41uv0dblyJZ1xah8UrtKJyy03W6s8HoiOzW+KwuxKhDg0UniCIHB
Dk2oTA0qmJFORWh/lkA0qfFoAngxOU/pmYTlh7PIiq0Mo3qV/EN0BXchL70LVJnu
6euDE7REhdiMALGjhQHgkCLT+Ijq3q89vYRmPrtGPa6/WRd4O6dailbp0zNuweCo
c7x+jWKHXc5bYf2SihX+lcM1YYD2qg8ixwZtmjXv6kIgXdA9+NiR3zSYXLEWpL+v
4+i+vAke3UlGtjC8EZQJ56R65akBjb+mMTFK3GgHAiuxYlDHtWqIcH2YMwPhTbRr
sSIgrdW8pcTa/nKPiOZoo9fqLckCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTMQW+w
t242Bgw8EhKCXQY1XwjTNDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDYyYWFhYzItZjU0YS00YmMyLTgxNTUtMjIzNjdlODU1MTY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKw
MA0GCSqGSIb3DQEBCwUAA4IBAQAqcRgTK35j5bhqxHoCsp70SJncWvBM/FoQhTGM
vSO3FuVEtAsfzdOLEhLj8OoW/03PHULFIsUyeL7VwSO27qa1oqC1DvCvwZ9G/vnB
daDt/5iIlUU5qSRFOqlSipq/IBd8Txa1nZtg1L9Hc6aa1h6f4RCsrUXrkRBrYGvh
rIfEy1Dm+jnA20iclQ++KO7+PtylhkQtEjv6ZrDPdJPHT5hM8AxB3572I9NmcPPs
nqLUvLn2oZetI6DGHVT31I5PJJP15woGey0diXud9poxFWhXz1omg59VPDF5KWsK
QpwLbNxnK7D38O8fy/t4a8hsQc9fkXPy4sY+3+Cq1dy7r2yw
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:04:45 2025 by rpki-client