Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
File: da8369e9-0146-44b6-865e-0064a4d1ed72.roa (raw, json)
Hash identifier: eoipywLnZiPHtEIZ3fUJHetDOu97wilmJhhyomxYHrc=
Subject key identifier: 38:7F:03:8D:D9:DA:93:6A:43:73:EC:04:BB:8C:DC:9B:2F:44:48:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32B9B960550090FC0CB4D7729CC67F20AE762DAA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
Signing time: Mon 16 Jun 2025 20:10:56 +0000
ROA not before: Mon 16 Jun 2025 20:10:56 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:b9:b9:60:55:00:90:fc:0c:b4:d7:72:9c:c6:7f:20:ae:76:2d:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:10:56 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=cacfea48ac51aa2d62f37e7e7160a5d20fa2b493445792ad79d83cccb1fe537d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:05:ee:cc:34:a9:19:4f:2a:b7:24:70:b6:67:
51:f0:67:26:68:d5:0d:0c:79:85:65:fc:04:7a:30:
d9:f1:85:32:df:46:9e:06:2a:00:26:e7:b8:1d:e1:
7d:1f:22:38:48:17:f6:20:4b:0c:f3:7d:2d:67:24:
08:7f:2a:f2:cc:f1:2d:4e:b8:55:82:fc:70:ac:1b:
8e:9b:8f:89:14:ff:71:fb:53:d7:a0:72:0a:68:6c:
af:a0:c9:71:e9:fd:05:93:a6:67:2a:05:03:47:f8:
53:16:22:1d:f1:77:5d:74:df:39:b9:5a:16:e0:94:
b5:35:0f:36:90:d1:83:20:6d:95:e7:6d:d0:10:98:
f3:21:b5:f8:0f:e3:54:10:11:a0:79:27:43:26:cb:
49:78:51:59:58:8a:bc:bb:86:31:8d:78:a7:b5:c0:
ce:28:ef:20:21:0a:c9:7b:b0:c2:fb:0b:7f:3a:c6:
f1:16:5a:83:6b:3f:62:6e:c3:5f:b4:c6:12:6e:22:
42:2b:5b:95:18:6a:22:56:5e:99:5f:1b:d2:df:fe:
ec:0a:97:72:bb:63:76:a3:fc:bb:ba:1d:d1:0d:fb:
bd:f8:79:31:f5:5a:8a:62:23:89:fa:f2:a4:64:bf:
69:14:fd:98:54:ef:02:81:e7:39:69:c2:f3:85:7b:
d6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7F:03:8D:D9:DA:93:6A:43:73:EC:04:BB:8C:DC:9B:2F:44:48:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6000::/40
Signature Algorithm: sha256WithRSAEncryption
13:0e:50:d2:e9:60:d9:fe:53:32:6b:8d:3f:46:fb:ac:ec:92:
91:49:eb:29:ea:f5:42:9b:cc:c0:7f:ad:6b:a5:ec:f0:4f:66:
41:a9:25:15:a3:1f:7b:53:27:c7:a8:27:31:3c:f4:89:b4:17:
16:5e:9a:0b:17:c3:53:f3:5a:c4:d8:9a:65:a9:1b:49:43:58:
a9:24:b0:0f:c9:fc:66:6c:ae:93:a9:8c:38:47:91:9f:92:5c:
b5:2f:ac:de:e4:08:3c:4b:f8:11:35:50:20:d3:d4:d6:27:85:
25:47:25:c2:05:51:a1:5b:04:6a:ca:13:a6:62:36:55:5d:d2:
fe:0a:60:cd:a9:94:83:96:0a:19:72:a3:4e:b9:ef:73:a8:b6:
f5:1c:94:90:d6:0f:33:1c:97:c6:53:82:ea:25:19:ef:3c:61:
df:8a:68:e0:70:9b:0d:47:c3:a3:92:5d:b2:e0:60:72:4d:24:
b2:dd:18:e2:64:ad:b7:29:d5:2a:4a:b2:e8:b1:6e:91:90:6e:
18:05:da:d3:25:b5:1d:b8:63:08:14:a8:06:e6:d9:8b:58:d5:
37:e7:ed:9b:ef:a3:d8:af:ab:e0:37:03:6f:21:ea:1e:66:58:
8b:90:38:57:26:30:8d:31:b5:88:a5:1f:f3:de:20:3d:da:73:
ab:6a:b1:b7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMrm5YFUAkPwMtNdynMZ/IK52LaowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDEwNTZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhY2ZlYTQ4YWM1MWFhMmQ2MmYzN2U3ZTcxNjBhNWQyMGZhMmI0OTM0NDU3
OTJhZDc5ZDgzY2NjYjFmZTUzN2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4F7sw0qRlPKrckcLZnUfBnJmjVDQx5hWX8BHow2fGFMt9GngYqACbnuB3h
fR8iOEgX9iBLDPN9LWckCH8q8szxLU64VYL8cKwbjpuPiRT/cftT16ByCmhsr6DJ
cen9BZOmZyoFA0f4UxYiHfF3XXTfOblaFuCUtTUPNpDRgyBtledt0BCY8yG1+A/j
VBARoHknQybLSXhRWViKvLuGMY14p7XAzijvICEKyXuwwvsLfzrG8RZag2s/Ym7D
X7TGEm4iQitblRhqIlZemV8b0t/+7AqXcrtjdqP8u7od0Q37vfh5MfVaimIjifry
pGS/aRT9mFTvAoHnOWnC84V71q0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ4fwON
2dqTakNz7AS7jNybL0RIITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGE4MzY5ZTktMDE0Ni00NGI2LTg2NWUtMDA2NGE0ZDFlZDcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFg
MA0GCSqGSIb3DQEBCwUAA4IBAQATDlDS6WDZ/lMya40/Rvus7JKRSesp6vVCm8zA
f61rpezwT2ZBqSUVox97UyfHqCcxPPSJtBcWXpoLF8NT81rE2JplqRtJQ1ipJLAP
yfxmbK6TqYw4R5Gfkly1L6ze5Ag8S/gRNVAg09TWJ4UlRyXCBVGhWwRqyhOmYjZV
XdL+CmDNqZSDlgoZcqNOue9zqLb1HJSQ1g8zHJfGU4LqJRnvPGHfimjgcJsNR8Oj
kl2y4GByTSSy3RjiZK23KdUqSrLosW6RkG4YBdrTJbUduGMIFKgG5tmLWNU35+2b
76PYr6vgNwNvIeoeZliLkDhXJjCNMbWIpR/z3iA92nOrarG3
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:56:42 2025 by rpki-client