Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/689f17ea-2ccc-4beb-bf91-0695da802222.roa
File: 689f17ea-2ccc-4beb-bf91-0695da802222.roa (raw, json)
Hash identifier: qoHb0OF6n5T0z2zEA2ScDHTR74ObOtO+UpvxmD/cqEE=
Subject key identifier: 38:09:03:27:84:1D:79:83:F9:41:A0:B4:8B:74:31:F3:75:9C:00:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 549FB8275E428C003F381CEA457712688A44FEA1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/689f17ea-2ccc-4beb-bf91-0695da802222.roa
Signing time: Fri 06 Jun 2025 15:10:40 +0000
ROA not before: Fri 06 Jun 2025 15:10:40 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:9f:b8:27:5e:42:8c:00:3f:38:1c:ea:45:77:12:68:8a:44:fe:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:40 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=efe2b9abee55b74b602332c44f5d5c336f77316d9f816e890bd582980bd87413, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5d:0c:f8:2a:39:81:75:8a:f3:f5:d8:a3:c4:
15:3a:77:54:fa:65:3e:d7:1b:21:f7:72:54:4b:41:
d4:31:f9:ed:ef:07:76:4c:22:ab:86:f0:d4:cb:73:
23:60:fb:07:95:f3:6c:23:8f:87:da:1e:99:94:ab:
e4:9e:b0:aa:32:9d:52:ca:de:2e:e4:ea:b9:ae:3a:
c6:cb:59:43:21:59:f5:98:67:ac:59:f4:fa:fb:db:
7f:63:97:c8:ae:83:26:75:2d:53:d5:09:95:1d:22:
e0:88:c6:a4:15:7e:97:ae:93:83:83:ad:3a:77:53:
7d:99:5e:7a:b0:bd:74:60:e0:ff:c7:56:a4:23:33:
89:fa:d6:e8:61:7c:24:8e:64:ae:da:6a:3e:d3:2a:
85:5c:37:b1:ab:5a:0c:a6:0c:b5:33:10:ad:62:81:
a9:ee:29:d4:ec:b9:57:5a:46:0a:71:80:44:70:e5:
79:0d:d4:e3:c9:d0:b5:66:ff:02:5f:8e:0c:da:b9:
29:44:a1:48:9a:98:b9:2c:77:15:ac:0d:ef:39:b3:
da:be:8c:8e:7f:01:08:d3:da:1a:76:1d:3c:03:89:
c3:1c:06:9b:27:7c:86:a2:9e:10:41:a2:68:01:29:
77:f7:b5:55:44:72:50:05:94:44:32:de:de:8e:8f:
a5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:09:03:27:84:1D:79:83:F9:41:A0:B4:8B:74:31:F3:75:9C:00:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/689f17ea-2ccc-4beb-bf91-0695da802222.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:1000::/40
Signature Algorithm: sha256WithRSAEncryption
40:1e:f3:eb:6c:da:21:0c:cd:2c:58:c2:66:94:2b:80:fc:38:
c9:57:2e:8a:40:40:1a:31:ad:f2:f7:cc:11:b8:9a:03:e4:81:
93:db:24:a4:8b:3c:ad:51:14:87:a3:f7:ef:fd:ca:a6:64:f1:
61:55:ed:59:fb:b1:ee:60:b5:46:3c:09:a9:7a:e2:cb:85:32:
d4:5e:91:98:01:c3:4e:1f:d2:80:5a:67:c8:bb:00:f6:08:21:
98:2c:c6:84:b1:f0:71:9f:d7:53:aa:bc:fe:22:7f:9b:29:42:
89:07:2d:c1:45:67:c9:4e:65:85:89:9b:2b:63:d3:bf:99:4a:
2f:53:13:58:c2:3e:76:cb:98:92:8a:6c:0b:49:a8:37:54:83:
49:45:2c:d9:fd:7a:a0:d3:ea:d8:36:8d:19:3b:6e:d2:5c:36:
d3:d9:db:d5:50:6f:f2:9b:4d:41:46:e8:f3:a8:3e:1f:57:fe:
86:51:21:9c:46:7c:37:93:0f:a0:c0:21:3a:40:0f:df:4e:91:
ee:76:17:c1:da:0b:8b:8c:f8:cf:11:27:23:fb:e1:42:23:55:
84:cf:a2:c8:28:fb:47:d2:f5:c9:83:ed:ed:1a:04:16:79:85:
35:51:86:be:ca:ff:80:29:8f:76:b7:11:8a:d1:44:5f:fa:6c:
55:33:10:bb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVJ+4J15CjAA/OBzqRXcSaIpE/qEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwNDBaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmZTJiOWFiZWU1NWI3NGI2MDIzMzJjNDRmNWQ1YzMzNmY3NzMxNmQ5Zjgx
NmU4OTBiZDU4Mjk4MGJkODc0MTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJBdDPgqOYF1ivP12KPEFTp3VPplPtcbIfdyVEtB1DH57e8Hdkwiq4bw1Mtz
I2D7B5XzbCOPh9oemZSr5J6wqjKdUsreLuTqua46xstZQyFZ9ZhnrFn0+vvbf2OX
yK6DJnUtU9UJlR0i4IjGpBV+l66Tg4OtOndTfZleerC9dGDg/8dWpCMzifrW6GF8
JI5krtpqPtMqhVw3sataDKYMtTMQrWKBqe4p1Oy5V1pGCnGARHDleQ3U48nQtWb/
Al+ODNq5KUShSJqYuSx3FawN7zmz2r6Mjn8BCNPaGnYdPAOJwxwGmyd8hqKeEEGi
aAEpd/e1VURyUAWURDLe3o6PpS0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ4CQMn
hB15g/lBoLSLdDHzdZwAgzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njg5ZjE3ZWEtMmNjYy00YmViLWJmOTEtMDY5NWRhODAyMjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBAHvPrbNohDM0sWMJmlCuA/DjJVy6KQEAaMa3y
98wRuJoD5IGT2ySkizytURSHo/fv/cqmZPFhVe1Z+7HuYLVGPAmpeuLLhTLUXpGY
AcNOH9KAWmfIuwD2CCGYLMaEsfBxn9dTqrz+In+bKUKJBy3BRWfJTmWFiZsrY9O/
mUovUxNYwj52y5iSimwLSag3VINJRSzZ/Xqg0+rYNo0ZO27SXDbT2dvVUG/ym01B
RujzqD4fV/6GUSGcRnw3kw+gwCE6QA/fTpHudhfB2guLjPjPEScj++FCI1WEz6LI
KPtH0vXJg+3tGgQWeYU1UYa+yv+AKY92txGK0URf+mxVMxC7
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:45 2025 by rpki-client