Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa
File: ddbb8798-3423-4d98-a384-58621b010556.roa (raw, json)
Hash identifier: 1xJVEbI/YyUmIyfLJG/140Z43oFEi6QsgVe4Mw8AX2Y=
Subject key identifier: A7:53:8C:EC:5F:91:74:CA:A7:A7:04:AA:10:6B:2B:26:68:25:48:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 09CD39D410759A5596C5466D12875D015FB632AB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa
Signing time: Mon 16 Jun 2025 21:40:01 +0000
ROA not before: Mon 16 Jun 2025 21:40:01 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:cd:39:d4:10:75:9a:55:96:c5:46:6d:12:87:5d:01:5f:b6:32:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:40:01 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=d9001b8538fbd1624ec022256da6ea62b3d5d1f984923869b60595d74dfd2f75, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ab:5c:41:c7:6a:f7:84:f1:c0:3c:c0:75:c6:
58:5e:37:71:a8:b6:f5:b4:bb:8e:fe:fa:9e:7e:d1:
2f:d1:de:07:fa:78:48:cd:97:30:b7:f8:27:54:37:
c4:7d:2e:8f:c2:94:80:92:c2:22:be:a1:51:de:50:
cb:ac:20:ca:88:a0:52:02:48:b7:00:96:86:fa:84:
20:89:67:7b:6f:9d:eb:d2:6e:de:4b:fe:0e:06:08:
98:be:c5:22:96:a1:f8:b2:aa:18:7e:5e:ad:68:a1:
ed:18:d0:0d:00:d3:7a:c9:12:01:b5:d1:86:58:7e:
29:c0:1f:b4:70:ec:6d:d8:77:25:4e:6e:d0:09:b3:
3b:bc:ec:b6:3c:60:72:d5:2f:23:81:ab:32:a3:ef:
43:f7:92:fd:d6:1d:47:4b:11:40:e3:34:7b:4a:2a:
ab:40:d1:30:9d:8f:14:a0:c7:a9:ad:41:33:c3:01:
61:d8:fe:7c:d6:44:07:fd:c4:69:ca:08:a1:80:13:
7d:35:c6:17:d7:d0:9a:e6:49:b1:84:55:31:86:e5:
36:d8:e3:19:02:da:39:83:30:41:0e:bc:f0:8b:1a:
0f:50:c8:f9:90:99:3c:cc:33:aa:be:82:01:03:c4:
19:7b:de:2d:9e:3a:52:67:ef:e1:90:fe:5a:e9:4a:
0d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:53:8C:EC:5F:91:74:CA:A7:A7:04:AA:10:6B:2B:26:68:25:48:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019:c00::/38
Signature Algorithm: sha256WithRSAEncryption
5d:ff:61:e0:d0:64:ad:d1:92:1e:fa:cb:f4:42:de:66:d0:9f:
6c:7d:fa:ef:97:32:2a:d9:6b:b1:59:d7:79:53:55:77:c4:4d:
06:0e:1a:90:e5:90:ee:89:04:7a:b1:be:ec:a8:fb:76:67:72:
af:a0:23:1c:03:71:32:ba:de:2d:32:cc:43:74:c2:d3:2b:2a:
61:c1:60:ad:52:83:86:46:42:6e:b5:7f:bf:be:e9:6f:b2:fc:
cf:89:ee:09:bc:6f:4c:77:b4:24:22:51:56:28:3e:63:3e:65:
f5:61:ce:e1:a5:35:b9:53:8b:81:3d:d4:41:13:fd:e8:9e:7a:
ad:78:82:c8:7f:46:49:fa:59:94:61:9f:2a:a8:66:c6:98:3b:
74:ee:90:ea:62:b2:c5:75:93:32:cf:50:15:d6:20:18:08:24:
16:5c:78:c1:c0:c7:41:88:3b:3d:98:e6:c4:42:e0:61:0c:ca:
12:71:8d:ec:0f:c7:bf:e5:f0:3b:3a:18:08:2d:a9:d5:17:93:
a8:7e:06:8c:1e:cc:7e:ba:ca:09:a9:5a:29:35:2f:a5:eb:15:
74:ac:9a:67:18:ea:74:ec:0d:44:77:c0:dc:b2:3a:4f:b9:b2:
3c:51:a0:bc:ef:52:e6:c5:82:d7:e1:1e:c5:45:96:2b:ae:22:
17:32:37:9a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCc051BB1mlWWxUZtEoddAV+2MqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQwMDFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5MDAxYjg1MzhmYmQxNjI0ZWMwMjIyNTZkYTZlYTYyYjNkNWQxZjk4NDky
Mzg2OWI2MDU5NWQ3NGRmZDJmNzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMerXEHHaveE8cA8wHXGWF43cai29bS7jv76nn7RL9HeB/p4SM2XMLf4J1Q3
xH0uj8KUgJLCIr6hUd5Qy6wgyoigUgJItwCWhvqEIIlne2+d69Ju3kv+DgYImL7F
Ipah+LKqGH5erWih7RjQDQDTeskSAbXRhlh+KcAftHDsbdh3JU5u0AmzO7zstjxg
ctUvI4GrMqPvQ/eS/dYdR0sRQOM0e0oqq0DRMJ2PFKDHqa1BM8MBYdj+fNZEB/3E
acoIoYATfTXGF9fQmuZJsYRVMYblNtjjGQLaOYMwQQ688IsaD1DI+ZCZPMwzqr6C
AQPEGXveLZ46Umfv4ZD+WulKDZECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSnU4zs
X5F0yqenBKoQaysmaCVI4TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGRiYjg3OTgtMzQyMy00ZDk4LWEzODQtNTg2MjFiMDEwNTU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkM
MA0GCSqGSIb3DQEBCwUAA4IBAQBd/2Hg0GSt0ZIe+sv0Qt5m0J9sffrvlzIq2Wux
Wdd5U1V3xE0GDhqQ5ZDuiQR6sb7sqPt2Z3KvoCMcA3Eyut4tMsxDdMLTKyphwWCt
UoOGRkJutX+/vulvsvzPie4JvG9Md7QkIlFWKD5jPmX1Yc7hpTW5U4uBPdRBE/3o
nnqteILIf0ZJ+lmUYZ8qqGbGmDt07pDqYrLFdZMyz1AV1iAYCCQWXHjBwMdBiDs9
mObEQuBhDMoScY3sD8e/5fA7OhgILanVF5OofgaMHsx+usoJqVopNS+l6xV0rJpn
GOp07A1Ed8DcsjpPubI8UaC871LmxYLX4R7FRZYrriIXMjea
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:22:54 2025 by rpki-client