Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
File: 6f78d89d-1d32-4176-8f3e-9966f674843e.roa (raw, json)
Hash identifier: k3LOR+mK4pN3ZxzOYI9nCVgYZqDq4zxmAl2MXxuIxaI=
Subject key identifier: 9A:1C:72:FE:AA:A6:B4:EC:C0:12:43:7A:E6:F7:77:7A:1B:53:D8:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 382907EF3816397849936B14A8409D01E39E889E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
Signing time: Tue 10 Jun 2025 17:21:15 +0000
ROA not before: Tue 10 Jun 2025 17:21:15 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:29:07:ef:38:16:39:78:49:93:6b:14:a8:40:9d:01:e3:9e:88:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:21:15 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=658c1f25b4fa303b08d1f9043fd81edde7bb5804ddba0fe85aade7a3f45ab2ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9f:78:10:25:81:e6:fc:f8:19:69:f9:a2:4b:
42:c0:2b:04:5c:31:78:33:ac:c1:79:e8:91:bf:7f:
60:e2:10:49:f2:18:85:5c:3c:b9:90:8a:52:0b:cc:
ff:63:40:32:96:24:a1:12:ce:9c:13:0e:57:96:7d:
1d:ff:40:82:46:31:7e:d9:81:cc:9b:af:5b:b1:78:
bd:a8:8a:9e:e0:f3:40:54:05:23:51:82:d7:45:75:
95:f4:e1:eb:e1:c7:de:39:9f:3a:d2:ac:23:04:3f:
de:89:23:93:77:73:71:04:1e:6b:34:b6:62:98:49:
8b:21:51:2d:bf:7e:24:d0:87:3e:03:ce:fa:8d:e7:
75:6c:d0:9f:22:54:2e:04:06:0d:6e:1f:3b:1f:cb:
35:2f:74:cb:d1:77:23:79:ce:00:f0:aa:6c:88:8f:
19:cc:03:47:b7:12:79:85:53:80:67:7d:38:65:42:
75:d0:73:c6:c4:62:3b:95:cb:11:c0:89:2c:79:ad:
60:2f:8e:26:84:53:53:c2:45:c2:12:fb:8e:87:ed:
98:f6:26:2c:dd:36:1b:44:4f:8d:02:d9:15:ce:48:
f5:5a:c6:cd:84:fd:82:4a:fb:f0:28:3a:8d:72:75:
33:08:11:ac:d7:78:1c:1d:73:4f:07:c5:e9:89:38:
1a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1C:72:FE:AA:A6:B4:EC:C0:12:43:7A:E6:F7:77:7A:1B:53:D8:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071::/32
Signature Algorithm: sha256WithRSAEncryption
29:25:d5:1a:b0:48:69:a2:4a:28:94:9b:57:06:b2:5a:0e:c6:
13:1c:2a:3b:a0:45:9b:ea:12:43:3a:9b:6e:6e:0a:fd:f3:79:
27:af:fe:b7:b7:83:66:cd:05:27:b3:fa:db:42:81:5f:e0:f7:
03:52:1a:56:27:ab:e5:ed:4c:30:c5:18:ec:34:15:ae:4f:da:
85:83:ba:84:3b:b7:50:95:be:ba:e4:46:a4:41:78:1f:16:fd:
01:56:30:6e:06:85:de:3b:f8:fb:d2:d0:35:91:ee:3f:d2:b6:
d1:00:a4:03:1e:15:e1:e5:db:e0:a1:98:b4:59:e2:e6:db:9e:
39:b8:73:b1:91:08:46:bf:32:0c:bb:70:43:60:d8:a6:75:69:
a0:b1:af:4b:30:98:8b:6e:71:2b:2f:86:90:3a:f4:1c:b4:62:
b8:83:45:f5:b8:c0:90:7b:2c:41:3c:bd:52:e4:0b:bd:30:5a:
c4:fa:48:76:0e:2b:35:90:ae:71:05:79:e8:28:16:54:f9:5a:
6c:d0:b6:5e:96:4a:41:bc:c6:2d:6d:cf:ab:7d:66:48:49:31:
be:92:bf:a9:08:ec:6a:28:9f:f8:80:9d:f3:83:02:96:78:34:
05:3c:7b:19:4c:0e:54:2b:fb:11:03:6d:17:1f:0e:02:f4:56:
c6:91:38:e8
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUOCkH7zgWOXhJk2sUqECdAeOeiJ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIxMTVaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1OGMxZjI1YjRmYTMwM2IwOGQxZjkwNDNmZDgxZWRkZTdiYjU4MDRkZGJh
MGZlODVhYWRlN2EzZjQ1YWIyZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJGfeBAlgeb8+Blp+aJLQsArBFwxeDOswXnokb9/YOIQSfIYhVw8uZCKUgvM
/2NAMpYkoRLOnBMOV5Z9Hf9AgkYxftmBzJuvW7F4vaiKnuDzQFQFI1GC10V1lfTh
6+HH3jmfOtKsIwQ/3okjk3dzcQQeazS2YphJiyFRLb9+JNCHPgPO+o3ndWzQnyJU
LgQGDW4fOx/LNS90y9F3I3nOAPCqbIiPGcwDR7cSeYVTgGd9OGVCddBzxsRiO5XL
EcCJLHmtYC+OJoRTU8JFwhL7joftmPYmLN02G0RPjQLZFc5I9VrGzYT9gkr78Cg6
jXJ1MwgRrNd4HB1zTwfF6Yk4GsUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSaHHL+
qqa07MASQ3rm93d6G1PYGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmY3OGQ4OWQtMWQzMi00MTc2LThmM2UtOTk2NmY2NzQ4NDNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HEw
DQYJKoZIhvcNAQELBQADggEBACkl1RqwSGmiSiiUm1cGsloOxhMcKjugRZvqEkM6
m25uCv3zeSev/re3g2bNBSez+ttCgV/g9wNSGlYnq+XtTDDFGOw0Fa5P2oWDuoQ7
t1CVvrrkRqRBeB8W/QFWMG4Ghd47+PvS0DWR7j/SttEApAMeFeHl2+ChmLRZ4ubb
njm4c7GRCEa/Mgy7cENg2KZ1aaCxr0swmItucSsvhpA69By0YriDRfW4wJB7LEE8
vVLkC70wWsT6SHYOKzWQrnEFeegoFlT5WmzQtl6WSkG8xi1tz6t9ZkhJMb6Sv6kI
7Goon/iAnfODApZ4NAU8exlMDlQr+xEDbRcfDgL0VsaROOg=
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:19 2025 by rpki-client