Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
File: d7bcc124-bcd8-42ec-911f-1b551dceda68.roa (raw, json)
Hash identifier: oYWz0PbwekqznZExg+l+frZQSdhPQxPHa0nr7PZYOnE=
Subject key identifier: 25:5D:3B:76:2E:C7:71:04:BC:56:94:A3:E8:BD:1A:3B:8A:35:B5:37
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 558D46BC20DAC39CC6A54E39A0D468AFB6BE2321
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
Signing time: Mon 16 Jun 2025 21:11:21 +0000
ROA not before: Mon 16 Jun 2025 21:11:21 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:8d:46:bc:20:da:c3:9c:c6:a5:4e:39:a0:d4:68:af:b6:be:23:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:11:21 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=a17c1848f684f00f99086e8cf9fbf186d40dd92436e7699da8c3575aa2b71b4c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:71:ea:b6:e6:2b:51:e4:9b:5d:2b:2d:f7:76:
5d:e5:86:46:cf:6a:1e:3f:2c:ad:2b:28:bd:0b:22:
bf:9a:8a:b7:25:1a:cb:74:64:8c:80:a7:b6:aa:cd:
7f:3d:35:24:c4:b9:dd:46:f8:69:c1:21:d5:0e:69:
80:11:38:83:ef:ed:66:9e:e7:e2:38:39:d9:9c:ab:
b4:9f:85:a0:f2:9e:97:c3:6f:6f:c0:59:cf:f1:c4:
73:f9:37:96:e8:0a:81:ac:3c:2c:93:d4:38:51:c8:
06:b6:9c:20:92:f1:5e:45:d8:16:10:5b:4b:e9:fb:
8f:dc:1e:5a:f4:21:d6:24:ff:28:c0:6c:b0:db:1f:
e6:04:95:b4:c0:92:34:ea:00:f1:78:5f:7d:6f:18:
05:e9:f4:0d:56:5d:51:02:ed:83:b4:c8:e9:c4:fa:
37:74:2a:2e:67:13:3d:74:90:8c:47:47:73:60:c0:
0e:f3:21:f6:8a:80:43:95:e7:54:d0:dc:06:04:ee:
e7:f1:1d:4d:83:27:a6:80:ec:03:b3:f0:ab:f8:cc:
41:54:58:73:eb:5b:d7:dc:a3:2d:1a:26:cf:78:8b:
5b:dc:fb:da:06:72:46:3f:c8:81:82:76:c0:87:9f:
b8:2a:ed:54:cf:25:8f:9c:b7:a7:10:38:74:38:c8:
45:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:5D:3B:76:2E:C7:71:04:BC:56:94:A3:E8:BD:1A:3B:8A:35:B5:37
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:e000::/40
Signature Algorithm: sha256WithRSAEncryption
00:95:6d:4a:0f:81:2e:24:dd:ad:e2:c1:7b:98:a2:2d:70:db:
ff:d4:2c:ca:49:a2:c4:6d:61:ef:c6:b8:af:1d:97:c2:aa:bf:
eb:ab:91:d7:99:cf:ba:e9:65:f9:b9:0a:69:c8:82:c4:0c:9f:
48:61:02:87:bd:26:cf:d6:f2:00:75:80:f1:f3:d6:d3:f5:7d:
e6:de:5f:f3:ff:5d:9e:f1:18:7a:f1:0b:7a:18:60:f8:9c:9d:
b0:ee:f2:d1:b1:67:a1:92:9c:0a:c8:17:8c:17:d5:b7:19:3a:
91:6c:1e:8b:95:32:60:b1:52:e2:13:79:c6:2c:9e:63:cb:78:
44:36:b9:86:db:b5:ae:30:67:70:27:ce:99:fb:42:54:c7:1e:
43:6b:c3:ae:49:54:6a:92:e7:b6:94:ec:ed:ae:28:0a:22:36:
09:ee:a1:7e:26:4b:2d:18:37:de:a8:e9:b3:3d:87:a5:92:92:
9e:3f:9e:e7:dd:94:e2:d5:1d:90:b9:75:78:4a:ee:e5:57:f3:
02:c3:10:98:f5:33:a5:83:c2:1e:ef:e4:24:00:71:38:44:4f:
9b:16:3e:37:84:58:42:29:50:6b:54:33:29:08:52:e8:55:03:
2c:49:25:1e:0e:76:a7:21:3f:fb:94:e3:e4:13:ed:bf:07:1b:
b9:58:b0:ae
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVY1GvCDaw5zGpU45oNRor7a+IyEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTExMjFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGExN2MxODQ4ZjY4NGYwMGY5OTA4NmU4Y2Y5ZmJmMTg2ZDQwZGQ5MjQzNmU3
Njk5ZGE4YzM1NzVhYTJiNzFiNGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJtx6rbmK1Hkm10rLfd2XeWGRs9qHj8srSsovQsiv5qKtyUay3RkjICntqrN
fz01JMS53Ub4acEh1Q5pgBE4g+/tZp7n4jg52ZyrtJ+FoPKel8Nvb8BZz/HEc/k3
lugKgaw8LJPUOFHIBracIJLxXkXYFhBbS+n7j9weWvQh1iT/KMBssNsf5gSVtMCS
NOoA8XhffW8YBen0DVZdUQLtg7TI6cT6N3QqLmcTPXSQjEdHc2DADvMh9oqAQ5Xn
VNDcBgTu5/EdTYMnpoDsA7Pwq/jMQVRYc+tb19yjLRomz3iLW9z72gZyRj/IgYJ2
wIefuCrtVM8lj5y3pxA4dDjIRXsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQlXTt2
LsdxBLxWlKPovRo7ijW1NzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdiY2MxMjQtYmNkOC00MmVjLTkxMWYtMWI1NTFkY2VkYTY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H7g
MA0GCSqGSIb3DQEBCwUAA4IBAQAAlW1KD4EuJN2t4sF7mKItcNv/1CzKSaLEbWHv
xrivHZfCqr/rq5HXmc+66WX5uQppyILEDJ9IYQKHvSbP1vIAdYDx89bT9X3m3l/z
/12e8Rh68Qt6GGD4nJ2w7vLRsWehkpwKyBeMF9W3GTqRbB6LlTJgsVLiE3nGLJ5j
y3hENrmG27WuMGdwJ86Z+0JUxx5Da8OuSVRqkue2lOztrigKIjYJ7qF+JkstGDfe
qOmzPYelkpKeP57n3ZTi1R2QuXV4Su7lV/MCwxCY9TOlg8Ie7+QkAHE4RE+bFj43
hFhCKVBrVDMpCFLoVQMsSSUeDnanIT/7lOPkE+2/Bxu5WLCu
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:34 2025 by rpki-client