Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
File: dedc9540-e267-4454-a449-e65933af6f0f.roa (raw, json)
Hash identifier: ouyvJfR6bDF0LLhQcLZ8TorgkkSw/atJJmLOSeoHbGc=
Subject key identifier: 75:19:22:BE:00:C2:33:A8:2A:A0:FC:B9:DA:9D:B4:F5:D2:8C:7A:E9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4805E906B5039C9056D729FE0FE4FCB58FF7CA4A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
Signing time: Mon 16 Jun 2025 21:31:27 +0000
ROA not before: Mon 16 Jun 2025 21:31:27 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:05:e9:06:b5:03:9c:90:56:d7:29:fe:0f:e4:fc:b5:8f:f7:ca:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:27 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=3bc641654b1d022a7dcd0b585539f24cb870df624f2ddc5d6f7df806a8727295, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:31:e8:7b:80:98:73:13:d7:85:14:d7:80:b3:
f1:0e:57:65:56:51:b3:cc:0f:72:0a:ba:7c:35:5f:
f3:38:41:53:1a:21:f6:2d:3f:aa:47:1d:75:c4:e6:
84:74:22:c8:1d:61:f7:ba:9e:60:d9:20:5e:4a:5b:
9f:dd:10:13:34:dd:a1:cb:9d:d0:89:16:69:a7:1d:
87:91:67:e8:b9:2d:17:81:3f:69:6c:d7:eb:77:2e:
5f:56:f7:3f:34:ea:50:0a:83:e5:2d:c9:f0:96:f4:
e1:45:f9:d6:de:a6:77:91:e0:b2:90:8a:42:d0:d8:
20:76:25:47:d0:ad:b1:b2:51:6f:24:09:d0:49:ff:
d8:d3:84:0c:b7:4f:6d:0b:87:71:2e:d5:b2:91:1f:
43:93:67:79:3a:49:7a:5b:0a:8a:ba:2d:ef:c8:63:
aa:0f:ba:f2:72:5d:ac:51:54:68:fb:7a:c7:a5:cf:
2a:f1:48:f1:57:78:b0:c1:32:be:09:0d:81:71:ed:
5f:6a:a4:e7:1a:51:6e:e3:2a:63:50:60:b4:a9:5b:
6c:5e:25:dc:6d:ed:f0:8d:a1:29:52:18:b2:b0:b5:
0a:ae:d5:99:3d:e5:5c:c2:79:90:3b:0e:53:8e:1a:
8e:06:31:7c:66:95:eb:67:35:d7:26:29:bf:46:81:
5f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:19:22:BE:00:C2:33:A8:2A:A0:FC:B9:DA:9D:B4:F5:D2:8C:7A:E9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dedc9540-e267-4454-a449-e65933af6f0f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:1000::/40
Signature Algorithm: sha256WithRSAEncryption
22:22:b2:0d:85:99:8a:44:2d:d2:73:90:70:ed:1d:6c:5c:44:
fb:92:df:75:bd:75:c9:74:54:db:e6:14:18:28:8d:3a:39:89:
0d:5c:05:c6:2b:43:55:c7:cb:a0:3e:59:87:9e:24:de:9a:4f:
1d:6d:6b:70:d1:31:5e:84:c3:93:ee:19:3c:51:81:c4:40:d2:
77:ea:5b:ee:04:a9:46:2d:4a:2b:da:64:5f:7e:a7:6c:fa:59:
6c:fe:68:fc:a9:95:74:c9:27:2e:47:bb:ba:c2:d1:0e:0b:15:
f1:dd:79:87:de:bb:9d:5e:ed:8d:30:ea:1d:75:2b:12:7a:1c:
91:47:02:54:50:b7:22:bd:e0:fa:e7:22:37:54:2f:72:5d:eb:
24:f3:f8:53:e6:5b:57:1b:1d:5e:9a:3a:81:ca:4f:ef:59:9f:
2b:29:ff:e5:32:cd:db:b7:69:35:82:96:84:73:5d:15:37:7d:
13:14:78:95:ee:c4:b7:a0:f7:d3:8f:d7:a5:cc:fa:f1:5b:28:
1f:f5:35:2e:9b:52:e7:19:f0:f7:b0:3e:59:b2:62:aa:08:20:
31:ce:00:5c:86:99:6f:63:1c:8c:f1:c7:b8:c5:64:fe:7e:f7:
ae:64:2e:be:53:c3:7e:24:4f:5e:65:72:b6:e5:bc:67:6c:24:
7a:1d:c1:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSAXpBrUDnJBW1yn+D+T8tY/3ykowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxMjdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiYzY0MTY1NGIxZDAyMmE3ZGNkMGI1ODU1MzlmMjRjYjg3MGRmNjI0ZjJk
ZGM1ZDZmN2RmODA2YTg3MjcyOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAx6HuAmHMT14UU14Cz8Q5XZVZRs8wPcgq6fDVf8zhBUxoh9i0/qkcddcTm
hHQiyB1h97qeYNkgXkpbn90QEzTdocud0IkWaacdh5Fn6LktF4E/aWzX63cuX1b3
PzTqUAqD5S3J8Jb04UX51t6md5HgspCKQtDYIHYlR9CtsbJRbyQJ0En/2NOEDLdP
bQuHcS7VspEfQ5NneTpJelsKirot78hjqg+68nJdrFFUaPt6x6XPKvFI8Vd4sMEy
vgkNgXHtX2qk5xpRbuMqY1BgtKlbbF4l3G3t8I2hKVIYsrC1Cq7VmT3lXMJ5kDsO
U44ajgYxfGaV62c11yYpv0aBXy8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR1GSK+
AMIzqCqg/LnanbT10ox66TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGVkYzk1NDAtZTI2Ny00NDU0LWE0NDktZTY1OTMzYWY2ZjBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAiIrINhZmKRC3Sc5Bw7R1sXET7kt91vXXJdFTb
5hQYKI06OYkNXAXGK0NVx8ugPlmHniTemk8dbWtw0TFehMOT7hk8UYHEQNJ36lvu
BKlGLUor2mRffqds+lls/mj8qZV0yScuR7u6wtEOCxXx3XmH3rudXu2NMOoddSsS
ehyRRwJUULciveD65yI3VC9yXesk8/hT5ltXGx1emjqByk/vWZ8rKf/lMs3bt2k1
gpaEc10VN30TFHiV7sS3oPfTj9elzPrxWygf9TUum1LnGfD3sD5ZsmKqCCAxzgBc
hplvYxyM8ce4xWT+fveuZC6+U8N+JE9eZXK25bxnbCR6HcHX
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:40 2025 by rpki-client