Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
File: e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa (raw, json)
Hash identifier: bJhyETlVTdlt9hZb82vJfYwPzJPzs9mL9veKxBgLaGY=
Subject key identifier: 52:10:D7:5F:A9:B3:B1:F8:C0:7F:41:C2:92:F8:FC:22:AA:A7:9E:C9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 705267362B84DAF9B826B943D28B089B2F2196DB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
Signing time: Mon 09 Jun 2025 19:20:10 +0000
ROA not before: Mon 09 Jun 2025 19:20:10 +0000
ROA not after: Mon 14 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:52:67:36:2b:84:da:f9:b8:26:b9:43:d2:8b:08:9b:2f:21:96:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 9 19:20:10 2025 GMT
Not After : Jul 14 23:59:59 2025 GMT
Subject: serialNumber=58cba4739af075411149ebc9d076776c1eedcff5d06def54eac07b42d8773767, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a3:0d:87:2b:81:37:a2:2c:6b:e8:b7:10:df:
c1:6a:5e:59:4c:8c:56:93:1d:fa:fa:9f:91:a6:99:
13:16:71:58:6f:c4:69:5c:4c:48:f3:77:e5:e1:e5:
c4:9a:a6:0b:43:e8:47:2e:d9:00:e6:44:90:2e:98:
24:6c:03:ee:ea:0b:09:d8:47:d4:aa:e1:66:de:89:
3f:ad:ae:9b:c8:a3:5c:c4:07:9a:68:bb:d9:f0:46:
90:bf:86:82:9a:89:8e:c2:95:7d:1c:7f:7b:bc:ab:
2f:9e:e2:db:0b:a9:a9:42:81:49:86:e9:93:15:e0:
91:b7:27:b9:75:e1:cd:23:91:93:51:c6:14:33:a3:
e6:c7:50:f3:fb:e1:ce:41:03:58:7f:86:c0:e5:fb:
79:ff:08:13:22:11:0d:15:88:a8:2d:43:ce:92:73:
02:cb:e4:ae:a1:6f:3b:cd:cb:49:bc:af:b7:6e:ec:
09:f9:87:54:92:89:f6:dd:12:05:28:a1:73:58:89:
ca:73:ef:d1:93:c8:1d:6a:ed:c7:a7:11:26:ba:6a:
08:8d:16:ba:48:c0:4f:dd:68:2f:e5:21:7a:16:81:
d3:7c:47:47:b6:b2:40:95:15:99:5e:09:4c:37:ba:
da:3a:78:de:be:cb:67:52:95:52:33:cd:c7:16:1a:
e0:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:10:D7:5F:A9:B3:B1:F8:C0:7F:41:C2:92:F8:FC:22:AA:A7:9E:C9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:a000::/40
Signature Algorithm: sha256WithRSAEncryption
97:4d:5f:04:ac:21:54:2d:c5:1e:d3:64:24:31:6d:21:aa:55:
d7:85:dc:a3:5b:eb:f9:f0:36:eb:96:65:6a:15:1d:b0:4f:3f:
1d:c0:3d:8f:e0:94:37:cf:27:04:69:8a:55:40:23:76:7b:5d:
a9:8f:33:8b:b3:79:c2:e1:46:8c:bd:22:f8:30:e6:3f:73:2a:
e8:8d:59:66:eb:3e:b4:01:37:4e:a6:e7:e5:1e:f0:d8:bb:a4:
aa:e1:75:9f:79:54:c1:3e:73:78:ad:40:0e:a9:d9:fe:29:7e:
9b:c3:6e:76:a7:84:93:a3:45:f2:5b:26:a2:1f:c6:74:f2:3a:
67:d3:86:73:5a:b7:45:7d:39:5b:6f:09:65:e2:6a:d2:a0:d7:
ba:4a:fb:d2:53:37:9b:a1:5e:a1:6c:33:a4:07:e1:53:73:1f:
cc:db:ce:d5:9a:49:20:56:74:6b:09:af:12:30:f9:ce:78:35:
b5:6a:f9:66:6e:a1:64:29:37:02:76:13:c1:3f:62:9e:37:26:
95:42:13:e5:79:8d:bc:4d:35:91:6e:90:99:0e:bd:6b:d0:81:
63:a4:e2:9e:44:32:89:38:34:4c:be:e9:fb:2e:5a:f2:6a:4c:
bc:c5:46:ce:45:01:5c:ec:c8:2a:a1:d8:cc:71:3e:75:6c:ab:
a2:86:1d:b2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcFJnNiuE2vm4JrlD0osImy8hltswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDkxOTIwMTBaFw0yNTA3MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4Y2JhNDczOWFmMDc1NDExMTQ5ZWJjOWQwNzY3NzZjMWVlZGNmZjVkMDZk
ZWY1NGVhYzA3YjQyZDg3NzM3NjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+jDYcrgTeiLGvotxDfwWpeWUyMVpMd+vqfkaaZExZxWG/EaVxMSPN35eHl
xJqmC0PoRy7ZAOZEkC6YJGwD7uoLCdhH1KrhZt6JP62um8ijXMQHmmi72fBGkL+G
gpqJjsKVfRx/e7yrL57i2wupqUKBSYbpkxXgkbcnuXXhzSORk1HGFDOj5sdQ8/vh
zkEDWH+GwOX7ef8IEyIRDRWIqC1DzpJzAsvkrqFvO83LSbyvt27sCfmHVJKJ9t0S
BSihc1iJynPv0ZPIHWrtx6cRJrpqCI0WukjAT91oL+UhehaB03xHR7ayQJUVmV4J
TDe62jp43r7LZ1KVUjPNxxYa4LUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRSENdf
qbOx+MB/QcKS+PwiqqeeyTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTYxNWZlYTMtMzgyNi00YzU5LTk1NzQtNzJmYjZjYzhmMmVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hag
MA0GCSqGSIb3DQEBCwUAA4IBAQCXTV8ErCFULcUe02QkMW0hqlXXhdyjW+v58Dbr
lmVqFR2wTz8dwD2P4JQ3zycEaYpVQCN2e12pjzOLs3nC4UaMvSL4MOY/cyrojVlm
6z60ATdOpuflHvDYu6Sq4XWfeVTBPnN4rUAOqdn+KX6bw252p4STo0XyWyaiH8Z0
8jpn04ZzWrdFfTlbbwll4mrSoNe6SvvSUzeboV6hbDOkB+FTcx/M287VmkkgVnRr
Ca8SMPnOeDW1avlmbqFkKTcCdhPBP2KeNyaVQhPleY28TTWRbpCZDr1r0IFjpOKe
RDKJODRMvun7Llryaky8xUbORQFc7MgqodjMcT51bKuihh2y
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:20 2025 by rpki-client