Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
File: e396d806-dffa-4609-8ae4-1e8fdbde728e.roa (raw, json)
Hash identifier: hUbbv71L3UP/W7LH9K0KK/6vQef65pubS9abCFjckRI=
Subject key identifier: 72:65:49:2A:88:68:3D:71:F5:D7:2C:25:58:57:C1:27:4D:A3:B5:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69689F54FF24FBD854C6ED54D0A306242699FA79
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
Signing time: Mon 16 Jun 2025 19:50:17 +0000
ROA not before: Mon 16 Jun 2025 19:50:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:68:9f:54:ff:24:fb:d8:54:c6:ed:54:d0:a3:06:24:26:99:fa:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:50:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8d4fe96a310f61c5ca2d09834dd1aaef1de5b6b2f03ddf0f3644d455b43f6ebc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d5:18:ae:e9:a8:14:70:53:8b:c1:7d:98:69:
4e:85:e8:dd:dc:0d:88:9e:d0:35:6e:0c:57:04:58:
64:4d:23:6a:5c:0d:e8:94:2a:3d:86:c9:62:9e:9d:
fd:02:0b:bd:01:66:e3:c0:13:9f:a0:70:9a:e7:2b:
04:16:d7:35:cb:ab:e3:da:5d:9c:12:1a:4a:5d:98:
c2:a1:7f:94:e7:2c:6c:6c:7e:f8:e6:45:e7:07:06:
ac:93:0f:f7:25:48:f3:63:a9:96:eb:f8:10:72:18:
d1:78:cb:ad:4d:71:c1:38:6b:1a:9d:21:e5:1b:5e:
d8:d5:ec:b7:17:37:cf:05:c2:d4:93:b8:cd:16:9b:
c5:4d:0e:19:7e:fd:05:3a:e9:46:95:d3:ab:bb:27:
5d:e2:36:b3:ad:de:b4:22:09:5b:25:a6:7a:9b:a8:
5c:78:10:4b:73:61:d2:a6:2b:25:30:45:bb:08:58:
98:47:aa:15:f3:36:b3:8e:6d:fe:10:42:16:9b:d9:
f2:4c:4f:10:6a:cf:a4:a6:ce:af:03:55:9b:86:c7:
3b:85:fc:b4:ca:9c:2f:5a:47:e5:36:7b:bc:1e:7d:
90:d6:7b:e2:90:d9:fe:6a:28:be:e7:51:4f:92:5f:
dc:12:8f:5c:cb:b3:14:d1:63:d2:2e:4c:c4:45:d3:
c6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:65:49:2A:88:68:3D:71:F5:D7:2C:25:58:57:C1:27:4D:A3:B5:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
85:93:7e:72:74:29:b8:ff:33:cc:08:93:45:19:6b:c8:9b:6e:
10:9b:5c:03:b1:1a:f2:a9:85:a8:90:18:c1:68:5c:e7:84:14:
39:a7:57:79:3c:2c:c7:9c:53:77:4a:ed:7f:98:52:25:af:5d:
93:11:ef:25:b1:d5:d2:c3:62:3c:b2:63:f4:88:6e:bf:95:a2:
35:3e:1b:4a:f2:d2:cb:bb:93:01:44:f7:78:66:66:c4:9e:ad:
b0:b0:30:38:8f:34:ca:20:bf:51:2f:49:73:d4:b3:81:57:75:
d7:c5:61:5b:44:e3:ab:2e:58:03:9e:0e:b4:09:4b:2e:17:e4:
84:bc:34:61:f8:cb:b7:b6:67:8d:d5:88:3d:68:6f:66:45:78:
10:b6:26:45:a8:59:d7:55:9b:90:aa:a5:90:38:17:20:b8:cb:
3b:41:d7:ec:2d:16:a1:ae:74:a5:fd:e8:2b:fd:27:25:63:d5:
8c:7a:09:2c:7b:43:2f:04:1a:8c:c0:6e:7d:ce:9c:9f:db:3b:
e2:37:ac:ff:90:3a:67:71:28:bb:b8:35:61:2f:71:25:34:d1:
77:66:21:18:56:0d:48:c7:ab:57:f1:0a:6d:00:fa:e7:2e:fb:
18:f7:8a:93:ee:f9:3b:71:6b:8d:64:2e:d4:01:b7:4b:a1:04:
97:87:aa:83
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaWifVP8k+9hUxu1U0KMGJCaZ+nkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUwMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkNGZlOTZhMzEwZjYxYzVjYTJkMDk4MzRkZDFhYWVmMWRlNWI2YjJmMDNk
ZGYwZjM2NDRkNDU1YjQzZjZlYmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMXVGK7pqBRwU4vBfZhpToXo3dwNiJ7QNW4MVwRYZE0jalwN6JQqPYbJYp6d
/QILvQFm48ATn6BwmucrBBbXNcur49pdnBIaSl2YwqF/lOcsbGx++OZF5wcGrJMP
9yVI82Opluv4EHIY0XjLrU1xwThrGp0h5Rte2NXstxc3zwXC1JO4zRabxU0OGX79
BTrpRpXTq7snXeI2s63etCIJWyWmepuoXHgQS3Nh0qYrJTBFuwhYmEeqFfM2s45t
/hBCFpvZ8kxPEGrPpKbOrwNVm4bHO4X8tMqcL1pH5TZ7vB59kNZ74pDZ/moovudR
T5Jf3BKPXMuzFNFj0i5MxEXTxhsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRyZUkq
iGg9cfXXLCVYV8EnTaO1NjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTM5NmQ4MDYtZGZmYS00NjA5LThhZTQtMWU4ZmRiZGU3MjhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg
wDANBgkqhkiG9w0BAQsFAAOCAQEAhZN+cnQpuP8zzAiTRRlryJtuEJtcA7Ea8qmF
qJAYwWhc54QUOadXeTwsx5xTd0rtf5hSJa9dkxHvJbHV0sNiPLJj9Ihuv5WiNT4b
SvLSy7uTAUT3eGZmxJ6tsLAwOI80yiC/US9Jc9SzgVd118VhW0Tjqy5YA54OtAlL
LhfkhLw0YfjLt7ZnjdWIPWhvZkV4ELYmRahZ11WbkKqlkDgXILjLO0HX7C0Woa50
pf3oK/0nJWPVjHoJLHtDLwQajMBufc6cn9s74jes/5A6Z3Eou7g1YS9xJTTRd2Yh
GFYNSMerV/EKbQD65y77GPeKk+75O3FrjWQu1AG3S6EEl4eqgw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:27 2025 by rpki-client