Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
File: 9a0196e5-a789-4daf-912c-37aa6951f379.roa (raw, json)
Hash identifier: SVUPAHN3AFjeSns9UVebSIVayu46OkoHrlzCF01X1to=
Subject key identifier: F7:97:AA:B9:94:79:CB:26:F4:76:20:6B:73:63:5D:B1:2E:40:9A:5B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0EC1E1F2B0F22C46657612BDC75BC36979862BA5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
Signing time: Fri 06 Jun 2025 15:10:46 +0000
ROA not before: Fri 06 Jun 2025 15:10:46 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:c1:e1:f2:b0:f2:2c:46:65:76:12:bd:c7:5b:c3:69:79:86:2b:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:46 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=79c953c98bcc4e9439e3af17793e097465cd7859222a072c42f164213479b49d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:58:21:e7:b1:a5:81:58:1e:09:2f:f9:b5:57:
e2:22:b5:b3:16:76:d8:a4:01:22:f4:8a:3a:d2:23:
cd:a0:74:95:71:91:8c:50:bb:9c:2d:41:a5:a3:05:
53:5e:53:e1:d5:ac:4f:0e:d6:22:51:0c:2d:d7:ba:
de:df:e8:c7:3f:d8:a5:b3:af:91:19:32:3d:17:cf:
87:8c:41:94:2d:aa:fc:78:dd:e4:d7:d3:50:05:77:
48:77:e5:7c:fc:77:a8:e2:60:93:6f:31:30:2b:9a:
67:a1:07:3d:ab:06:f5:63:40:5f:4c:97:a4:42:4e:
0c:4a:7d:c9:1a:1a:6c:61:59:d1:c9:f7:38:57:46:
42:4b:0d:2b:01:16:6b:2a:f1:36:9b:75:41:c2:71:
6f:ca:17:36:89:cf:30:d5:b1:71:b9:96:b0:51:7e:
86:a1:9f:38:68:91:00:d6:ba:30:10:21:ff:74:f2:
26:b6:7b:cc:2d:32:de:b1:dc:98:c1:15:8e:bb:40:
bd:17:c2:63:52:ef:d8:a6:33:f6:71:c9:ec:88:0c:
63:5a:8d:ac:7c:db:b5:1a:ed:5a:b8:53:55:fd:b1:
09:f4:7b:ff:10:06:0f:88:8a:f1:70:3a:20:94:ac:
2d:88:dd:61:b6:d7:fc:75:d0:e4:e5:59:84:3f:34:
42:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:97:AA:B9:94:79:CB:26:F4:76:20:6B:73:63:5D:B1:2E:40:9A:5B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:a000::/40
Signature Algorithm: sha256WithRSAEncryption
04:ef:81:38:02:57:be:bc:2e:96:0e:ec:b8:87:89:fa:e5:7c:
64:f4:31:81:33:71:d4:30:c6:6c:f6:80:c2:b3:b8:3f:c5:4b:
f6:83:5d:bd:6c:fd:24:b7:9d:00:ba:38:50:69:b7:0a:6d:34:
5a:7a:59:78:f6:84:e1:5f:88:9a:a3:50:44:df:76:c7:f3:74:
36:67:ba:09:0e:59:78:ea:2d:bc:71:09:d5:b9:88:2e:7a:bd:
4a:6f:65:55:86:25:ad:59:38:6b:48:a7:06:18:96:2c:5f:a0:
1c:43:aa:7a:02:1f:05:4a:06:4d:f5:fe:7b:e5:c1:7f:32:fc:
79:3b:a0:c9:59:eb:04:79:0e:b8:26:9b:08:9e:0c:d0:36:03:
f2:eb:89:ea:95:be:ab:db:37:f9:9b:1c:a0:ff:c4:63:0d:a0:
64:9c:38:68:74:63:19:54:ff:ad:3f:0e:6c:2b:5e:af:1f:63:
a6:c0:9b:3e:97:a0:ee:b7:79:1e:f7:8a:28:bd:b1:88:83:a9:
67:63:90:7e:cf:30:7b:a6:dc:82:72:4d:96:2d:6a:2b:36:a1:
75:46:15:27:2a:9d:ef:78:ea:00:d3:a7:41:4b:69:5a:06:b2:
2f:77:fd:9e:ec:2c:54:76:f3:d9:25:d7:f6:03:38:ac:7f:92:
e7:73:aa:aa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDsHh8rDyLEZldhK9x1vDaXmGK6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwNDZaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5Yzk1M2M5OGJjYzRlOTQzOWUzYWYxNzc5M2UwOTc0NjVjZDc4NTkyMjJh
MDcyYzQyZjE2NDIxMzQ3OWI0OWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlYIeexpYFYHgkv+bVX4iK1sxZ22KQBIvSKOtIjzaB0lXGRjFC7nC1BpaMF
U15T4dWsTw7WIlEMLde63t/oxz/YpbOvkRkyPRfPh4xBlC2q/Hjd5NfTUAV3SHfl
fPx3qOJgk28xMCuaZ6EHPasG9WNAX0yXpEJODEp9yRoabGFZ0cn3OFdGQksNKwEW
ayrxNpt1QcJxb8oXNonPMNWxcbmWsFF+hqGfOGiRANa6MBAh/3TyJrZ7zC0y3rHc
mMEVjrtAvRfCY1Lv2KYz9nHJ7IgMY1qNrHzbtRrtWrhTVf2xCfR7/xAGD4iK8XA6
IJSsLYjdYbbX/HXQ5OVZhD80QpsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT3l6q5
lHnLJvR2IGtzY12xLkCaWzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWEwMTk2ZTUtYTc4OS00ZGFmLTkxMmMtMzdhYTY5NTFmMzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCg
MA0GCSqGSIb3DQEBCwUAA4IBAQAE74E4Ale+vC6WDuy4h4n65Xxk9DGBM3HUMMZs
9oDCs7g/xUv2g129bP0kt50AujhQabcKbTRaell49oThX4iao1BE33bH83Q2Z7oJ
Dll46i28cQnVuYguer1Kb2VVhiWtWThrSKcGGJYsX6AcQ6p6Ah8FSgZN9f575cF/
Mvx5O6DJWesEeQ64JpsIngzQNgPy64nqlb6r2zf5mxyg/8RjDaBknDhodGMZVP+t
Pw5sK16vH2OmwJs+l6Dut3ke94oovbGIg6lnY5B+zzB7ptyCck2WLWorNqF1RhUn
Kp3veOoA06dBS2laBrIvd/2e7CxUdvPZJdf2Azisf5Lnc6qq
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:59:41 2025 by rpki-client