Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa
File: 431d8e22-a384-419e-9218-32a80c0ce0e3.roa (raw, json)
Hash identifier: REZYMJnLPJc856gcYu8EE09ryV/EIgOc/AM2HDkUGsI=
Subject key identifier: C7:AC:8A:29:A1:EF:D8:96:51:C5:AF:87:7F:E3:D0:85:08:20:15:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7878AA28CC311748F02A40EAD96DADBC5DB7BEEF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa
Signing time: Mon 09 Jun 2025 19:20:19 +0000
ROA not before: Mon 09 Jun 2025 19:20:19 +0000
ROA not after: Mon 14 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:78:aa:28:cc:31:17:48:f0:2a:40:ea:d9:6d:ad:bc:5d:b7:be:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 9 19:20:19 2025 GMT
Not After : Jul 14 23:59:59 2025 GMT
Subject: serialNumber=31e4fcd55798a3b92980c91a268aa63d84f5de1cbac286a887103177c2b214f1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:55:a7:ce:94:f3:88:77:72:19:06:b3:72:d9:
9b:45:63:00:49:37:78:ab:b7:e4:e5:4b:d6:08:62:
ac:bb:94:30:59:96:f1:42:ab:04:d7:d0:0b:8b:e2:
94:cc:27:99:fa:2e:ac:cc:46:d8:da:16:fa:06:a6:
a0:b4:fa:c2:50:fd:d2:60:5e:8c:76:62:1d:65:63:
be:cc:8d:5a:1b:c2:df:52:f5:e0:ba:6c:4e:40:dd:
4d:11:36:3b:d3:fe:70:2c:50:fa:c3:0e:ca:24:9a:
ac:4c:3c:b0:bd:e3:7f:33:20:3c:20:fd:dd:aa:be:
ab:7e:04:b1:35:80:09:7a:71:39:6e:71:09:e4:af:
70:8b:90:a9:52:1a:9b:13:1e:b9:2f:f3:71:b0:03:
7d:ff:7c:76:1f:6b:04:50:e5:81:a8:80:11:62:a8:
c2:ce:6a:b0:a8:c3:f0:74:a9:0e:b0:29:74:e6:32:
7e:47:44:cf:22:d3:88:8b:84:d6:60:c9:dc:52:92:
e1:bb:42:b6:79:81:92:49:38:9e:bc:15:d9:0f:eb:
f6:39:50:a3:1b:f1:3f:76:40:90:a5:8e:aa:c4:26:
8a:8a:d5:9e:1a:c6:40:14:6e:a0:88:ed:7a:f0:34:
35:c0:11:d1:cf:27:b3:ae:16:fa:91:cf:70:a8:30:
15:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:AC:8A:29:A1:EF:D8:96:51:C5:AF:87:7F:E3:D0:85:08:20:15:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:e000::/40
Signature Algorithm: sha256WithRSAEncryption
a6:20:bf:8f:98:0d:43:42:c8:23:4c:97:bb:d3:7d:cb:b9:9a:
fe:39:9e:5d:e5:2d:99:19:66:61:fd:7e:c0:f8:a0:6f:96:2c:
12:70:be:01:98:0a:0e:ef:32:e9:5c:fb:4e:0e:2a:a0:43:93:
9d:9a:f9:5c:6e:99:11:1c:10:7e:ac:b1:3c:1e:8c:8c:7b:c4:
b2:59:31:e8:a0:4d:91:2b:85:4e:e0:aa:d9:14:ef:ad:1f:bc:
b0:08:40:72:33:91:66:f9:4c:98:b6:6c:4f:ef:08:39:a6:da:
3e:d3:34:6a:d5:b4:64:cb:d6:49:40:31:15:79:31:1a:ba:a0:
e0:ef:0e:1f:0a:56:91:2d:4b:5f:ca:39:0d:7c:bb:1f:b2:34:
c4:33:73:e6:4b:35:c2:0a:ac:04:fa:ca:92:04:2d:7e:43:e3:
dc:58:55:d8:99:78:e8:33:f8:fb:ec:17:f1:cf:bd:4f:fa:8f:
13:9f:c2:52:16:0d:31:53:63:6b:be:1c:c9:af:4e:48:a5:6b:
72:a8:9d:22:cb:7e:3e:ab:d3:20:25:69:49:86:c2:ba:be:ae:
3f:f6:e0:91:72:e6:18:5e:84:fd:6f:6e:98:0b:d2:a0:c4:07:
25:ef:3b:7e:1a:3b:e8:69:44:3b:48:5d:45:bd:56:33:b1:ed:
45:e7:d7:29
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeHiqKMwxF0jwKkDq2W2tvF23vu8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDkxOTIwMTlaFw0yNTA3MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxZTRmY2Q1NTc5OGEzYjkyOTgwYzkxYTI2OGFhNjNkODRmNWRlMWNiYWMy
ODZhODg3MTAzMTc3YzJiMjE0ZjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIdVp86U84h3chkGs3LZm0VjAEk3eKu35OVL1ghirLuUMFmW8UKrBNfQC4vi
lMwnmfourMxG2NoW+gamoLT6wlD90mBejHZiHWVjvsyNWhvC31L14LpsTkDdTRE2
O9P+cCxQ+sMOyiSarEw8sL3jfzMgPCD93aq+q34EsTWACXpxOW5xCeSvcIuQqVIa
mxMeuS/zcbADff98dh9rBFDlgaiAEWKows5qsKjD8HSpDrApdOYyfkdEzyLTiIuE
1mDJ3FKS4btCtnmBkkk4nrwV2Q/r9jlQoxvxP3ZAkKWOqsQmiorVnhrGQBRuoIjt
evA0NcAR0c8ns64W+pHPcKgwFS0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTHrIop
oe/YllHFr4d/49CFCCAVejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDMxZDhlMjItYTM4NC00MTllLTkyMTgtMzJhODBjMGNlMGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hbg
MA0GCSqGSIb3DQEBCwUAA4IBAQCmIL+PmA1DQsgjTJe7033LuZr+OZ5d5S2ZGWZh
/X7A+KBvliwScL4BmAoO7zLpXPtODiqgQ5OdmvlcbpkRHBB+rLE8HoyMe8SyWTHo
oE2RK4VO4KrZFO+tH7ywCEByM5Fm+UyYtmxP7wg5pto+0zRq1bRky9ZJQDEVeTEa
uqDg7w4fClaRLUtfyjkNfLsfsjTEM3PmSzXCCqwE+sqSBC1+Q+PcWFXYmXjoM/j7
7Bfxz71P+o8Tn8JSFg0xU2NrvhzJr05IpWtyqJ0iy34+q9MgJWlJhsK6vq4/9uCR
cuYYXoT9b26YC9KgxAcl7zt+GjvoaUQ7SF1FvVYzse1F59cp
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:56 2025 by rpki-client