Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
File: e279c5e7-6144-440a-9f1d-2013fb96d06a.roa (raw, json)
Hash identifier: AZQKGf9klCdCFVA+qF6R+s2St2mG2Cuz/UWqaUd4JNo=
Subject key identifier: AB:E6:D5:8F:F3:16:C7:F9:2F:BB:BB:B0:AE:1A:47:B5:A8:FC:AB:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 097CF83A52664CC0DF52D2E466EECDE608EEBEBC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
Signing time: Mon 16 Jun 2025 21:10:49 +0000
ROA not before: Mon 16 Jun 2025 21:10:49 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:7c:f8:3a:52:66:4c:c0:df:52:d2:e4:66:ee:cd:e6:08:ee:be:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:10:49 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=79fde424c2761f9f69146512e1251024a19ca270d65dc85840a89ca67d670fd5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:dc:6a:68:20:bf:53:19:30:18:ad:9c:cc:e6:
6f:b1:7b:ce:45:6b:3e:ee:27:81:90:ca:ed:e2:6d:
56:9f:c2:c5:e4:5e:01:5c:37:0b:14:fb:90:0b:53:
a6:d6:bc:9d:57:42:50:fc:63:8a:8f:df:2b:65:df:
a5:36:9c:7f:6b:d6:7f:5d:75:cc:d5:b1:93:33:ad:
b8:94:40:4d:28:b9:48:90:d1:af:32:5f:62:d0:2e:
74:e2:31:94:1b:a8:1e:70:ab:56:57:eb:12:c4:69:
04:c5:5c:b0:9a:f2:49:e6:29:f4:0b:d8:78:c8:49:
94:70:de:da:cd:47:a3:55:34:8c:26:32:2f:dd:63:
29:ed:4a:e3:36:42:8f:18:1c:34:e7:63:5d:4c:29:
12:00:44:4d:04:ba:8b:2a:fa:a0:6c:fc:09:33:78:
55:c1:3c:a6:ec:e9:45:1c:0a:98:06:be:be:1d:66:
9c:10:2b:b0:db:b2:19:b9:c8:93:35:8e:31:81:e4:
58:a1:08:77:54:40:c7:22:a9:6f:ed:e1:6b:79:7d:
58:bd:92:f7:2c:e4:2e:c4:ab:f2:43:c8:93:01:4d:
91:09:ff:3a:77:19:c3:16:2c:ec:c0:c6:f1:cc:9c:
d0:79:a4:67:78:00:90:37:90:31:1a:66:29:5e:30:
5d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:E6:D5:8F:F3:16:C7:F9:2F:BB:BB:B0:AE:1A:47:B5:A8:FC:AB:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:2000::/40
Signature Algorithm: sha256WithRSAEncryption
69:f7:45:1d:7b:00:24:e6:91:42:c4:76:79:03:ce:95:0d:26:
2b:e6:cf:7f:b6:86:6e:1c:50:6d:55:f5:1e:65:a8:64:51:0b:
58:78:9f:7d:46:50:47:55:94:d4:0e:cd:b3:6b:7d:2f:38:a6:
69:59:fa:36:06:2d:1f:ce:e0:7d:53:9c:63:33:f1:2d:be:c7:
95:93:97:5c:3b:e5:35:91:b7:ec:86:05:fa:6c:5a:52:11:8d:
01:56:9c:31:99:cd:6a:0d:6e:9c:b3:7e:37:b9:f5:f6:bc:66:
75:c9:29:39:5d:90:f3:f8:45:5e:f7:8d:f1:ca:69:7c:4f:77:
45:36:c8:7c:55:9f:6a:e1:e9:ff:5e:1a:85:fc:c1:84:10:96:
f0:d6:b5:c0:9d:94:03:1e:35:4f:e5:62:7f:4b:7b:43:5f:f8:
fb:df:13:a7:2c:04:be:ff:76:5a:65:96:1c:cb:c5:92:e6:17:
59:23:50:ba:8a:1d:f6:12:7e:25:07:85:cc:31:20:e0:cb:3c:
b3:8c:2f:a1:39:e7:53:4a:5f:28:17:85:e8:75:dc:4e:64:bf:
05:39:a5:6e:76:cc:64:c0:e3:30:fb:fc:da:74:07:e6:9b:79:
96:7f:38:9b:a8:77:ab:85:b5:80:69:73:f7:8c:84:d4:dc:ad:
95:c1:a5:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCXz4OlJmTMDfUtLkZu7N5gjuvrwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTEwNDlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5ZmRlNDI0YzI3NjFmOWY2OTE0NjUxMmUxMjUxMDI0YTE5Y2EyNzBkNjVk
Yzg1ODQwYTg5Y2E2N2Q2NzBmZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJzcamggv1MZMBitnMzmb7F7zkVrPu4ngZDK7eJtVp/CxeReAVw3CxT7kAtT
pta8nVdCUPxjio/fK2XfpTacf2vWf111zNWxkzOtuJRATSi5SJDRrzJfYtAudOIx
lBuoHnCrVlfrEsRpBMVcsJrySeYp9AvYeMhJlHDe2s1Ho1U0jCYyL91jKe1K4zZC
jxgcNOdjXUwpEgBETQS6iyr6oGz8CTN4VcE8puzpRRwKmAa+vh1mnBArsNuyGbnI
kzWOMYHkWKEId1RAxyKpb+3ha3l9WL2S9yzkLsSr8kPIkwFNkQn/OncZwxYs7MDG
8cyc0HmkZ3gAkDeQMRpmKV4wXckCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSr5tWP
8xbH+S+7u7CuGke1qPyr+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTI3OWM1ZTctNjE0NC00NDBhLTlmMWQtMjAxM2ZiOTZkMDZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIg
MA0GCSqGSIb3DQEBCwUAA4IBAQBp90UdewAk5pFCxHZ5A86VDSYr5s9/toZuHFBt
VfUeZahkUQtYeJ99RlBHVZTUDs2za30vOKZpWfo2Bi0fzuB9U5xjM/EtvseVk5dc
O+U1kbfshgX6bFpSEY0BVpwxmc1qDW6cs343ufX2vGZ1ySk5XZDz+EVe943xyml8
T3dFNsh8VZ9q4en/XhqF/MGEEJbw1rXAnZQDHjVP5WJ/S3tDX/j73xOnLAS+/3Za
ZZYcy8WS5hdZI1C6ih32En4lB4XMMSDgyzyzjC+hOedTSl8oF4XoddxOZL8FOaVu
dsxkwOMw+/zadAfmm3mWfzibqHerhbWAaXP3jITU3K2VwaVe
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:33:17 2025 by rpki-client