Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
File: e5179068-cbcf-4f9a-864d-3c97430c84f4.roa (raw, json)
Hash identifier: i/69utvgxFBQcqHs3cUyCxPWBta5kUYsP6u5gs/nR1g=
Subject key identifier: 7A:78:14:A0:85:05:F4:05:5D:00:04:3A:EA:FD:E3:7E:90:E9:E5:96
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 361D85431DD3AC164EB0DA72DAEFF36D3FED014F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
Signing time: Mon 16 Jun 2025 21:40:12 +0000
ROA not before: Mon 16 Jun 2025 21:40:12 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:1d:85:43:1d:d3:ac:16:4e:b0:da:72:da:ef:f3:6d:3f:ed:01:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:40:12 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=a7dd5c17a942fd3dc975a08486b5a9134c0ab920c4daefb9b0c9777ade37f211, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ec:09:7f:83:4f:9a:58:18:19:1f:45:9c:64:
c8:c9:54:57:20:e8:fc:d0:ca:3a:ea:05:ed:c8:1f:
36:8f:28:21:37:de:ea:19:67:04:e5:3b:c3:b2:7a:
69:ec:a5:57:3a:e4:2a:12:55:34:69:43:4e:59:6e:
e0:48:24:3f:bb:bd:cb:57:44:27:e2:79:ed:e9:b2:
16:41:f8:5e:7f:50:54:47:15:f8:1d:53:1f:fc:1d:
03:9d:7d:0d:57:20:0a:e3:d9:a3:61:28:c1:0d:fc:
bb:2c:c3:67:95:5c:fa:6d:7e:b6:61:b4:97:2d:52:
07:c0:37:d7:a8:a4:e6:c8:7f:34:41:54:fa:0e:96:
38:d2:08:eb:d9:fb:0c:7c:05:84:80:34:ed:14:c6:
8f:96:21:fc:aa:4e:7f:bb:bb:fd:14:99:e9:fe:4e:
b0:bf:01:5f:84:37:a2:74:50:56:d9:ca:76:b5:db:
68:02:69:96:f9:f5:ed:ac:bc:23:60:54:2a:69:2e:
38:4f:fc:65:53:99:15:3b:2f:2b:c8:a9:0d:8c:2c:
92:38:3d:91:11:ae:f4:1d:63:a8:da:79:d6:ca:19:
f5:47:64:67:fc:f1:2a:75:d0:d9:1a:3c:e5:20:e2:
4f:41:06:f7:0e:fa:bb:cd:b6:da:3e:ef:50:94:f5:
4c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:78:14:A0:85:05:F4:05:5D:00:04:3A:EA:FD:E3:7E:90:E9:E5:96
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015::/38
Signature Algorithm: sha256WithRSAEncryption
69:54:cf:9d:af:36:df:48:79:6e:96:2f:2c:e0:a4:1d:93:6a:
a6:bc:1c:1c:33:9f:53:e3:ae:c1:cd:c0:63:4e:e7:ff:de:16:
3c:04:26:fe:d7:06:a0:64:05:09:8b:1c:e6:02:ce:0e:2a:74:
cf:bb:b7:74:d9:63:56:78:2f:4f:94:41:91:87:05:eb:ff:80:
4f:2a:bf:10:df:c8:37:8b:2e:88:d6:48:e9:99:22:fa:a5:07:
a9:6a:ef:a1:f1:bc:db:ef:d5:52:5b:78:fe:c3:ee:d0:a9:c2:
1a:a5:39:75:c8:8c:ef:3b:be:80:16:13:38:9c:1d:d0:a7:4f:
30:09:ac:3a:07:fc:5d:93:ff:44:70:01:f4:68:0a:4c:32:f5:
3d:e9:f2:6c:50:49:7b:f7:d5:08:e7:f3:96:6d:5f:e5:66:14:
71:82:b2:cb:1a:26:56:20:1b:9c:57:7a:a8:41:d6:61:c6:ff:
44:2b:2f:54:ac:f7:f4:cd:da:b5:3f:29:16:98:1a:94:65:20:
0b:65:88:a5:0d:9c:59:16:e2:38:62:39:8b:3d:b8:76:9f:6b:
e6:fd:91:5f:e3:20:46:fb:9d:25:b6:ee:0a:38:7f:bb:4f:08:
ff:3c:32:ed:a0:77:f9:c2:6d:7e:57:80:e5:b4:f9:21:82:2f:
76:87:96:4f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNh2FQx3TrBZOsNpy2u/zbT/tAU8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQwMTJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3ZGQ1YzE3YTk0MmZkM2RjOTc1YTA4NDg2YjVhOTEzNGMwYWI5MjBjNGRh
ZWZiOWIwYzk3NzdhZGUzN2YyMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvsCX+DT5pYGBkfRZxkyMlUVyDo/NDKOuoF7cgfNo8oITfe6hlnBOU7w7J6
aeylVzrkKhJVNGlDTllu4EgkP7u9y1dEJ+J57emyFkH4Xn9QVEcV+B1TH/wdA519
DVcgCuPZo2EowQ38uyzDZ5Vc+m1+tmG0ly1SB8A316ik5sh/NEFU+g6WONII69n7
DHwFhIA07RTGj5Yh/KpOf7u7/RSZ6f5OsL8BX4Q3onRQVtnKdrXbaAJplvn17ay8
I2BUKmkuOE/8ZVOZFTsvK8ipDYwskjg9kRGu9B1jqNp51soZ9UdkZ/zxKnXQ2Ro8
5SDiT0EG9w76u8222j7vUJT1TBcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR6eBSg
hQX0BV0ABDrq/eN+kOnlljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTUxNzkwNjgtY2JjZi00ZjlhLTg2NGQtM2M5NzQzMGM4NGY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUA
MA0GCSqGSIb3DQEBCwUAA4IBAQBpVM+drzbfSHluli8s4KQdk2qmvBwcM59T467B
zcBjTuf/3hY8BCb+1wagZAUJixzmAs4OKnTPu7d02WNWeC9PlEGRhwXr/4BPKr8Q
38g3iy6I1kjpmSL6pQepau+h8bzb79VSW3j+w+7QqcIapTl1yIzvO76AFhM4nB3Q
p08wCaw6B/xdk/9EcAH0aApMMvU96fJsUEl799UI5/OWbV/lZhRxgrLLGiZWIBuc
V3qoQdZhxv9EKy9UrPf0zdq1PykWmBqUZSALZYilDZxZFuI4YjmLPbh2n2vm/ZFf
4yBG+50ltu4KOH+7Twj/PDLtoHf5wm1+V4DltPkhgi92h5ZP
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:04:54 2025 by rpki-client