Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9843a73f-18f2-433e-b871-f493b0645337.roa
File: 9843a73f-18f2-433e-b871-f493b0645337.roa (raw, json)
Hash identifier: WWVlTL9M4LS6CbASySBOE1BX8uJelNy3MDgmrWau6eM=
Subject key identifier: B8:57:8D:3B:69:70:E1:7E:E9:E1:26:14:C9:E7:9F:58:D6:FB:DD:04
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 15212FFA8ED93AC5BB2A283C43A21A070A9363A9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9843a73f-18f2-433e-b871-f493b0645337.roa
Signing time: Tue 10 Jun 2025 17:30:06 +0000
ROA not before: Tue 10 Jun 2025 17:30:06 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:21:2f:fa:8e:d9:3a:c5:bb:2a:28:3c:43:a2:1a:07:0a:93:63:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:30:06 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=4ef108aa65caf32c403e1669a0434a9db03e371ab1d05fbbd328bc59eab9af45, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a8:86:3a:f2:98:84:74:78:ec:01:20:4f:1c:
2e:67:2f:02:bd:90:6e:3c:df:ba:8e:3f:e4:39:3f:
dd:2e:43:0e:a8:dc:3f:58:fc:2a:55:56:a2:44:da:
55:dc:01:9d:60:69:d0:15:7a:0d:3e:38:cf:00:65:
6f:9e:95:cb:10:93:a8:4d:11:b0:12:2d:b8:05:ab:
04:e5:df:2c:9c:cf:8a:1d:52:fe:40:2e:d6:56:c9:
7f:b8:f3:62:84:b5:a4:cb:1e:1a:fc:72:2e:72:87:
08:39:4b:a2:30:e2:50:8b:ff:91:64:91:c8:0a:e5:
62:0b:1e:dd:b7:26:0f:49:15:6f:ea:74:25:e9:15:
4d:85:5f:83:85:84:1d:f3:a2:cd:f9:1c:3e:43:5a:
29:80:cd:4f:91:65:f3:a6:72:b9:36:2f:21:d2:8a:
89:04:a7:47:b6:e1:4d:64:7d:bf:ab:c3:0c:63:0b:
a0:1e:03:10:a2:69:e4:a7:7c:c5:f6:14:99:23:1e:
82:57:b3:c6:62:52:c1:48:01:38:b0:ca:ca:f0:cd:
25:50:50:f5:c9:45:9b:ef:e4:96:bc:3b:a5:14:9b:
35:8c:7e:95:d4:77:83:1f:ca:32:de:2a:b8:c4:8d:
bb:29:0a:ba:41:9f:54:e4:02:8e:85:96:a8:8b:96:
1b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:57:8D:3B:69:70:E1:7E:E9:E1:26:14:C9:E7:9F:58:D6:FB:DD:04
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9843a73f-18f2-433e-b871-f493b0645337.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:800::/40
Signature Algorithm: sha256WithRSAEncryption
b7:84:2d:bf:18:a7:1c:38:e1:f4:45:08:02:64:69:8e:1a:44:
98:7e:f7:00:a8:58:3d:18:cc:c2:b1:78:60:04:cd:59:e2:22:
cb:75:9e:93:c8:e4:16:a8:f8:bf:0d:97:bd:ff:85:93:e1:40:
76:23:ce:cb:e7:3f:d5:75:87:f4:dd:6b:5b:6a:14:bf:f0:24:
6a:92:33:b0:e5:12:fa:f2:28:45:40:25:36:16:30:0c:3a:c0:
b2:59:8a:e9:16:16:d1:3a:35:36:f6:0d:ec:fa:b2:be:1a:28:
d4:57:e5:d6:02:d2:dc:3e:bd:e0:ba:50:fa:c9:d1:78:07:0a:
e8:e9:19:81:ed:3a:d8:65:b4:ef:cf:0e:f4:56:04:43:dc:62:
8a:8a:9d:19:af:38:b6:f3:91:35:02:83:2a:ff:da:41:0f:c2:
ea:2d:8c:55:64:5b:3c:63:5d:69:1a:39:2d:8d:32:9d:80:bb:
e2:44:6e:11:5d:3b:15:3c:27:fb:8d:af:1d:a8:9b:c7:aa:04:
50:6b:c6:69:e2:1c:ff:5f:67:ac:bc:5f:8c:9d:8f:ec:ca:4e:
46:57:da:c1:54:dc:61:d5:5d:a8:12:e5:ed:c3:8d:ec:fa:64:
6f:63:89:f8:30:00:2a:3f:c2:2f:f0:09:07:fc:13:9a:2d:b6:
1e:fa:02:f8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFSEv+o7ZOsW7Kig8Q6IaBwqTY6kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzMwMDZaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlZjEwOGFhNjVjYWYzMmM0MDNlMTY2OWEwNDM0YTlkYjAzZTM3MWFiMWQw
NWZiYmQzMjhiYzU5ZWFiOWFmNDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANKohjrymIR0eOwBIE8cLmcvAr2Qbjzfuo4/5Dk/3S5DDqjcP1j8KlVWokTa
VdwBnWBp0BV6DT44zwBlb56VyxCTqE0RsBItuAWrBOXfLJzPih1S/kAu1lbJf7jz
YoS1pMseGvxyLnKHCDlLojDiUIv/kWSRyArlYgse3bcmD0kVb+p0JekVTYVfg4WE
HfOizfkcPkNaKYDNT5Fl86ZyuTYvIdKKiQSnR7bhTWR9v6vDDGMLoB4DEKJp5Kd8
xfYUmSMeglezxmJSwUgBOLDKyvDNJVBQ9clFm+/klrw7pRSbNYx+ldR3gx/KMt4q
uMSNuykKukGfVOQCjoWWqIuWG30CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS4V407
aXDhfunhJhTJ559Y1vvdBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTg0M2E3M2YtMThmMi00MzNlLWI4NzEtZjQ5M2IwNjQ1MzM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DoI
MA0GCSqGSIb3DQEBCwUAA4IBAQC3hC2/GKccOOH0RQgCZGmOGkSYfvcAqFg9GMzC
sXhgBM1Z4iLLdZ6TyOQWqPi/DZe9/4WT4UB2I87L5z/VdYf03WtbahS/8CRqkjOw
5RL68ihFQCU2FjAMOsCyWYrpFhbROjU29g3s+rK+GijUV+XWAtLcPr3gulD6ydF4
Bwro6RmB7TrYZbTvzw70VgRD3GKKip0Zrzi285E1AoMq/9pBD8LqLYxVZFs8Y11p
GjktjTKdgLviRG4RXTsVPCf7ja8dqJvHqgRQa8Zp4hz/X2esvF+MnY/syk5GV9rB
VNxh1V2oEuXtw43s+mRvY4n4MAAqP8Iv8AkH/BOaLbYe+gL4
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:20 2025 by rpki-client