Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
File: e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa (raw, json)
Hash identifier: xqq7AIluySnUG2MV72J7zO2kvV3kBeYegflpR2YDSh4=
Subject key identifier: F3:E9:7F:A1:D7:4A:2E:9A:0D:E7:46:39:65:03:B6:A2:68:E7:81:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37B45919E7E7DAB1A02F4812197C6B124D7E0569
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
Signing time: Mon 16 Jun 2025 19:41:20 +0000
ROA not before: Mon 16 Jun 2025 19:41:20 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:b4:59:19:e7:e7:da:b1:a0:2f:48:12:19:7c:6b:12:4d:7e:05:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:41:20 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f6bc6301c1e0ad4406cda8cbb27258f96762487feb750a93a3d229eef9d05f22, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8c:ab:11:96:04:7a:b7:f2:63:9d:bc:85:39:
21:91:9d:44:0d:c8:c9:93:c4:88:4f:4d:26:2f:a1:
4c:bb:f6:56:8f:03:a0:1d:8a:3d:03:3c:07:da:74:
01:dd:93:b2:6a:a1:e4:df:9e:32:70:50:4b:3e:fa:
30:6b:38:02:78:5d:be:a9:66:b0:33:f1:12:8d:48:
75:9a:dd:e0:ed:1a:b6:a7:9d:c0:e4:f5:5f:67:f5:
4e:0f:f3:a6:35:9e:98:b5:c5:9a:0f:40:76:65:73:
ee:8a:3e:c5:12:67:9c:cd:92:c1:62:54:e1:e0:87:
1b:fa:01:ef:60:9d:5f:d6:9e:68:40:b6:ee:9e:43:
57:5e:ee:3e:48:68:e4:86:ba:44:e9:aa:ee:48:dd:
99:03:ff:39:61:d4:b6:82:c4:f8:1f:77:e5:85:3f:
f9:d5:9a:36:e3:8f:c7:d1:e4:19:ff:db:66:bb:29:
36:e0:d2:90:80:85:09:2f:fc:cf:3c:0b:5d:68:7f:
b4:73:89:5a:55:0d:14:b2:47:1d:f4:92:30:57:64:
e6:a4:d4:04:19:9f:2a:97:9b:24:21:ac:a0:7e:98:
5c:d7:9c:e0:da:54:5f:06:1f:62:21:f3:ef:14:be:
f4:51:a4:c1:b7:9d:01:7b:90:27:96:40:c9:dd:7a:
36:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:E9:7F:A1:D7:4A:2E:9A:0D:E7:46:39:65:03:B6:A2:68:E7:81:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
99:06:35:8a:c2:05:fc:cb:91:70:96:df:0f:f0:2a:c0:46:74:
db:28:c6:33:40:89:ab:95:b6:dc:98:3f:4c:16:d8:b4:58:3c:
34:63:76:f8:b7:ae:cf:31:0c:ff:63:20:66:46:67:c4:e7:9c:
24:57:bd:3e:9a:ca:ee:e6:5b:ef:ff:f6:94:c6:a5:31:93:b7:
2d:03:31:2b:85:68:83:35:b3:9e:58:63:80:24:bb:0a:29:a9:
80:ba:a8:73:b4:2d:bd:0c:2f:7b:a6:aa:a8:37:9d:b0:b3:d2:
3a:9b:06:92:bf:4d:fb:9e:50:92:3b:a6:70:e4:77:77:85:ad:
25:81:6d:69:ed:95:60:cf:b6:1d:23:b8:24:56:3f:10:d5:58:
7c:14:e3:19:89:a2:3e:08:51:78:05:96:0d:27:35:dd:ef:ed:
93:8c:b5:bc:0a:1e:2b:b0:da:55:1f:a7:f1:47:6b:77:1a:6f:
8c:09:05:79:e8:1e:65:9a:1b:09:e0:20:bb:90:44:20:9d:77:
33:06:19:36:0a:f9:fe:16:62:c0:3c:dd:45:29:c8:69:d9:c7:
76:67:ad:44:16:86:52:bd:4c:f7:96:44:92:75:9a:7b:20:59:
2e:87:99:d3:c4:5f:12:a5:4c:ac:bc:6a:19:8a:af:29:fd:92:
2f:68:8f:89
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUN7RZGefn2rGgL0gSGXxrEk1+BWkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTQxMjBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2YmM2MzAxYzFlMGFkNDQwNmNkYThjYmIyNzI1OGY5Njc2MjQ4N2ZlYjc1
MGE5M2EzZDIyOWVlZjlkMDVmMjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyMqxGWBHq38mOdvIU5IZGdRA3IyZPEiE9NJi+hTLv2Vo8DoB2KPQM8B9p0
Ad2Tsmqh5N+eMnBQSz76MGs4AnhdvqlmsDPxEo1IdZrd4O0atqedwOT1X2f1Tg/z
pjWemLXFmg9AdmVz7oo+xRJnnM2SwWJU4eCHG/oB72CdX9aeaEC27p5DV17uPkho
5Ia6ROmq7kjdmQP/OWHUtoLE+B935YU/+dWaNuOPx9HkGf/bZrspNuDSkICFCS/8
zzwLXWh/tHOJWlUNFLJHHfSSMFdk5qTUBBmfKpebJCGsoH6YXNec4NpUXwYfYiHz
7xS+9FGkwbedAXuQJ5ZAyd16Nt8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTz6X+h
10oumg3nRjllA7aiaOeBIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg3YTk3MWMtOWJhZC00NGQ0LWJhNjMtOWMwOWYwMjk5ZmEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLg
wDANBgkqhkiG9w0BAQsFAAOCAQEAmQY1isIF/MuRcJbfD/AqwEZ02yjGM0CJq5W2
3Jg/TBbYtFg8NGN2+LeuzzEM/2MgZkZnxOecJFe9PprK7uZb7//2lMalMZO3LQMx
K4VogzWznlhjgCS7CimpgLqoc7QtvQwve6aqqDedsLPSOpsGkr9N+55QkjumcOR3
d4WtJYFtae2VYM+2HSO4JFY/ENVYfBTjGYmiPghReAWWDSc13e/tk4y1vAoeK7Da
VR+n8UdrdxpvjAkFeegeZZobCeAgu5BEIJ13MwYZNgr5/hZiwDzdRSnIadnHdmet
RBaGUr1M95ZEknWaeyBZLoeZ08RfEqVMrLxqGYqvKf2SL2iPiQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:27:20 2025 by rpki-client