Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
File: 88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa (raw, json)
Hash identifier: WlbyN3Z8Dbq8ALoMFbjoDHFJ3OvzJS6fUJWYUw1I79I=
Subject key identifier: 99:DC:6E:26:3B:2B:D9:5F:E8:7D:5C:96:B8:0F:59:26:D5:19:2A:23
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0636C10F95D34934434507FAA85B42E3561421F0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
Signing time: Tue 20 May 2025 20:20:09 +0000
ROA not before: Tue 20 May 2025 20:20:09 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:36:c1:0f:95:d3:49:34:43:45:07:fa:a8:5b:42:e3:56:14:21:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:20:09 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=464e61bcd6ed5b632d70ab2631295790a4fdb6ee1acf7dec5cad2a49a5834939, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:10:48:e4:f0:cf:ef:2e:b7:35:9c:57:aa:37:
48:25:4d:98:34:43:57:1e:a8:3a:01:9d:65:ef:e1:
a6:5d:3f:d4:99:05:9b:7b:47:cd:40:74:d8:d8:63:
54:81:45:ae:b0:d9:9e:40:77:ef:34:aa:1c:1b:b2:
77:c8:a3:ed:98:3d:0c:2f:32:98:48:0f:93:be:ce:
18:3d:91:5c:68:6e:9f:af:75:7d:41:fe:2d:7a:60:
e4:90:e2:83:74:9b:dd:3e:ae:a4:35:bd:08:9d:e7:
f7:7d:ed:1a:29:cf:74:67:72:4d:ac:39:c9:8e:08:
75:77:81:32:7f:49:eb:9f:8a:f5:7f:8f:cc:c9:e5:
6a:f3:1b:d5:3f:c2:06:ca:5e:d7:9d:99:02:97:b3:
00:51:d5:d7:7d:6e:d8:03:89:94:d8:c9:e1:10:38:
88:81:da:7d:a0:22:cf:e6:05:c3:3f:d0:2e:89:47:
be:b8:d0:b6:bc:cf:cc:e7:72:c7:bd:6d:64:4e:91:
56:36:bb:40:8b:ed:7c:8c:3a:ca:d7:26:38:ca:85:
2f:66:05:a1:84:8c:a6:0b:59:98:a1:66:8d:ad:07:
b0:5b:e1:20:80:43:72:0c:f1:33:2b:c2:29:8f:27:
30:c2:c1:14:c5:62:bb:5b:09:49:8f:d7:7b:36:fb:
7a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:DC:6E:26:3B:2B:D9:5F:E8:7D:5C:96:B8:0F:59:26:D5:19:2A:23
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:c00::/38
Signature Algorithm: sha256WithRSAEncryption
73:97:7b:eb:fd:05:8a:61:50:07:b5:81:2a:e5:da:1c:4c:12:
48:e4:ee:be:8d:e7:a7:da:16:09:27:3f:66:3a:be:0a:ce:e3:
12:f5:74:88:ef:cd:5f:7a:e1:8a:9b:f3:95:ab:6a:f5:35:5f:
34:5a:0c:8f:9b:c7:9e:ce:c6:92:2e:c9:f3:36:06:0f:64:b6:
e6:ac:d4:39:37:bf:b0:72:5b:1d:a1:b5:16:38:c8:b8:2b:c0:
78:1f:4d:8b:e5:78:ab:a2:98:cb:8c:d0:d7:d9:55:b9:ef:76:
a4:fc:77:7f:46:2e:e3:19:ba:21:fc:00:19:a1:e8:d5:7d:02:
41:23:6a:b3:09:66:e9:ac:1a:d2:70:93:2f:fa:b3:08:58:eb:
bb:a9:19:12:c2:8a:5b:0a:4c:69:b5:40:07:f8:4c:15:d7:51:
4c:69:14:e8:95:0e:2a:3a:7d:ba:8a:f3:07:58:48:8f:20:9d:
b6:b2:fd:d3:de:13:6d:a8:6f:15:63:03:62:d9:df:45:9f:ed:
31:26:a2:1e:10:84:0a:4b:f1:9d:bd:c2:8f:42:3d:a9:eb:c3:
1a:70:a6:da:73:50:ea:60:68:97:86:92:97:9a:e6:f3:b7:f3:
09:e4:b6:70:9a:52:30:a9:39:23:2d:fb:69:29:89:d3:bb:3e:
1c:5d:7b:7f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBjbBD5XTSTRDRQf6qFtC41YUIfAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDIwMDlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2NGU2MWJjZDZlZDViNjMyZDcwYWIyNjMxMjk1NzkwYTRmZGI2ZWUxYWNm
N2RlYzVjYWQyYTQ5YTU4MzQ5MzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwQSOTwz+8utzWcV6o3SCVNmDRDVx6oOgGdZe/hpl0/1JkFm3tHzUB02Nhj
VIFFrrDZnkB37zSqHBuyd8ij7Zg9DC8ymEgPk77OGD2RXGhun691fUH+LXpg5JDi
g3Sb3T6upDW9CJ3n933tGinPdGdyTaw5yY4IdXeBMn9J65+K9X+PzMnlavMb1T/C
Bspe152ZApezAFHV131u2AOJlNjJ4RA4iIHafaAiz+YFwz/QLolHvrjQtrzPzOdy
x71tZE6RVja7QIvtfIw6ytcmOMqFL2YFoYSMpgtZmKFmja0HsFvhIIBDcgzxMyvC
KY8nMMLBFMViu1sJSY/Xezb7etkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSZ3G4m
OyvZX+h9XJa4D1km1RkqIzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg4MDBmOWYtNDhmZC00NDQyLWE2ZjYtN2E1MDRlMWNiM2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIM
MA0GCSqGSIb3DQEBCwUAA4IBAQBzl3vr/QWKYVAHtYEq5docTBJI5O6+jeen2hYJ
Jz9mOr4KzuMS9XSI781feuGKm/OVq2r1NV80WgyPm8eezsaSLsnzNgYPZLbmrNQ5
N7+wclsdobUWOMi4K8B4H02L5XiropjLjNDX2VW573ak/Hd/Ri7jGboh/AAZoejV
fQJBI2qzCWbprBrScJMv+rMIWOu7qRkSwopbCkxptUAH+EwV11FMaRTolQ4qOn26
ivMHWEiPIJ22sv3T3hNtqG8VYwNi2d9Fn+0xJqIeEIQKS/GdvcKPQj2p68MacKba
c1DqYGiXhpKXmubzt/MJ5LZwmlIwqTkjLftpKYnTuz4cXXt/
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:14 2025 by rpki-client