Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
File: d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa (raw, json)
Hash identifier: Ej6TRS7hklHOmES4Zwdwmp2cP4F6rWz2buhcKlKQOl8=
Subject key identifier: CC:93:AC:A9:58:01:40:C5:40:B3:72:84:6F:FA:E5:E1:30:1E:C3:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 44A6ACA3C729F6251071C799A135D916A8E207A2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
Signing time: Mon 16 Jun 2025 21:50:09 +0000
ROA not before: Mon 16 Jun 2025 21:50:09 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d024::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:a6:ac:a3:c7:29:f6:25:10:71:c7:99:a1:35:d9:16:a8:e2:07:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:50:09 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=df1fce13403a24c9d519cd5c4d3899a6728e395c285d04e09eae23f467a0f6ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:10:e8:ff:22:56:0b:9b:d3:9a:91:b6:97:e2:
76:55:c9:9e:fa:66:50:19:d7:4f:3c:34:3b:e6:d3:
f6:1a:f8:cd:13:93:84:d7:cc:cb:5c:e7:46:8b:a8:
cf:e7:a0:78:92:39:34:7f:9a:e5:7f:1b:4c:ff:94:
ee:de:43:ec:92:0e:d9:b0:d3:2b:d7:ca:fb:ef:85:
03:79:27:6b:44:9e:c4:c2:10:b9:c7:b7:44:08:39:
da:f5:9a:8b:2b:03:16:34:aa:2e:3a:8d:1e:58:33:
3b:5b:5e:77:5b:be:b4:3e:21:35:0a:66:cf:35:0e:
63:49:54:56:f6:a1:60:c2:92:a3:da:ac:96:db:41:
09:f8:59:63:06:3d:79:93:18:b5:50:68:ce:cf:a3:
5b:9b:81:6f:29:32:68:fa:bb:b1:91:1e:4c:fa:81:
93:a7:98:f2:2a:1a:f1:06:a1:c3:25:62:0f:61:f5:
2a:2d:cf:b3:0e:57:41:2c:8a:95:8a:ed:05:2e:b3:
69:02:f9:7d:32:7c:fe:2f:8f:d0:39:1a:8d:c1:4c:
95:a2:b8:de:bb:6d:2b:2d:96:3b:05:0c:76:41:e3:
39:20:40:c4:03:16:1e:75:31:3f:a8:c7:9c:3f:66:
5d:ec:4d:51:db:8c:59:f6:cf:3f:e1:11:89:0c:7a:
76:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:93:AC:A9:58:01:40:C5:40:B3:72:84:6F:FA:E5:E1:30:1E:C3:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d024::/36
Signature Algorithm: sha256WithRSAEncryption
80:95:2c:98:bd:36:4d:90:bb:83:0d:88:ca:b2:f6:9a:0e:34:
eb:19:6c:db:a2:50:62:1f:5a:be:9a:b9:ba:b1:cd:e8:95:a4:
cc:4a:8d:bb:7f:e9:bb:47:00:99:0a:a6:75:71:fd:12:a1:7f:
b7:7e:d0:d2:a4:c5:39:40:c6:a9:22:86:85:c3:5f:1b:95:04:
ce:11:a1:3d:da:8f:24:7a:c9:f8:ca:94:e7:c3:4f:98:32:9a:
36:a1:fe:ce:ed:f5:32:19:4d:1b:b0:83:80:20:f6:95:94:9e:
26:96:70:b4:67:e3:c6:b0:dc:b5:9c:71:87:db:79:98:c8:0f:
d6:0a:bf:50:61:a5:8b:bf:1a:c7:ad:80:7c:fe:b6:70:16:1b:
fb:0e:c7:3d:1a:99:5b:3c:f7:31:35:0b:29:e9:f8:c2:f8:ee:
b0:4a:6c:20:96:9f:5b:1c:56:0f:1e:f4:39:b9:8d:23:00:04:
43:d7:15:78:4d:fe:f1:ce:59:45:fc:27:5a:93:48:e9:b2:cd:
77:5b:b6:3a:30:f0:2d:72:99:1c:a3:f2:17:da:63:91:d1:c6:
ed:c1:dd:0c:2b:b6:49:7b:65:eb:e5:8c:c1:89:55:0f:72:4a:
8b:5a:93:83:6d:7c:cf:15:1e:c9:1b:a2:3b:4d:41:f2:2b:1f:
d8:49:47:51
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURKaso8cp9iUQcceZoTXZFqjiB6IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTUwMDlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmMWZjZTEzNDAzYTI0YzlkNTE5Y2Q1YzRkMzg5OWE2NzI4ZTM5NWMyODVk
MDRlMDllYWUyM2Y0NjdhMGY2YWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkQ6P8iVgub05qRtpfidlXJnvpmUBnXTzw0O+bT9hr4zROThNfMy1znRouo
z+egeJI5NH+a5X8bTP+U7t5D7JIO2bDTK9fK+++FA3kna0SexMIQuce3RAg52vWa
iysDFjSqLjqNHlgzO1ted1u+tD4hNQpmzzUOY0lUVvahYMKSo9qslttBCfhZYwY9
eZMYtVBozs+jW5uBbykyaPq7sZEeTPqBk6eY8ioa8QahwyViD2H1Ki3Psw5XQSyK
lYrtBS6zaQL5fTJ8/i+P0DkajcFMlaK43rttKy2WOwUMdkHjOSBAxAMWHnUxP6jH
nD9mXexNUduMWfbPP+ERiQx6do0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTMk6yp
WAFAxUCzcoRv+uXhMB7D0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDhmZjcwMTMtMDhiNi00ZTM2LWFiODgtYzRmOGJkM2U3YTA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CQA
MA0GCSqGSIb3DQEBCwUAA4IBAQCAlSyYvTZNkLuDDYjKsvaaDjTrGWzbolBiH1q+
mrm6sc3olaTMSo27f+m7RwCZCqZ1cf0SoX+3ftDSpMU5QMapIoaFw18blQTOEaE9
2o8kesn4ypTnw0+YMpo2of7O7fUyGU0bsIOAIPaVlJ4mlnC0Z+PGsNy1nHGH23mY
yA/WCr9QYaWLvxrHrYB8/rZwFhv7Dsc9GplbPPcxNQsp6fjC+O6wSmwglp9bHFYP
HvQ5uY0jAARD1xV4Tf7xzllF/Cdak0jpss13W7Y6MPAtcpkco/IX2mOR0cbtwd0M
K7ZJe2Xr5YzBiVUPckqLWpODbXzPFR7JG6I7TUHyKx/YSUdR
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:21 2025 by rpki-client