Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa
File: 290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa (raw, json)
Hash identifier: LvlujFAPnG0/WjtD0mPmtLbvKHiklXTmg/BW1/yb8IA=
Subject key identifier: 4D:84:0D:F7:27:BD:C1:66:D3:DF:C4:DA:F3:51:FC:23:4F:AF:0C:F8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6DF3FE7B6FB115109B57051C9803E86729A35453
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa
Signing time: Fri 11 Jul 2025 20:50:57 +0000
ROA not before: Fri 11 Jul 2025 20:50:57 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02b::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:f3:fe:7b:6f:b1:15:10:9b:57:05:1c:98:03:e8:67:29:a3:54:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:50:57 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=69aa9602a6411d261d037bd44dadb0394ae96c04dc289d04c1ec091508b858b0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f0:e2:da:13:08:de:cc:7f:7b:97:9e:b9:07:
11:f4:54:34:1f:47:6f:5b:d4:8a:bf:cc:91:7b:9f:
1a:37:ae:9d:af:12:1b:bb:34:7a:76:5f:f9:c9:2f:
07:ba:aa:8b:d1:bd:61:0a:09:02:e0:56:da:2d:0b:
d3:ec:bb:e6:8a:15:c3:e2:c1:ed:6e:6f:25:a7:70:
80:fb:ad:34:82:f7:82:aa:1b:04:69:92:04:06:3a:
ee:7a:d5:f8:be:f9:98:d1:5f:6a:c0:48:e9:64:22:
1f:f9:f6:b6:f4:d8:c4:9d:2f:71:20:ab:2e:03:eb:
4b:f0:71:57:9d:74:79:ad:0f:0b:6e:2c:a8:0e:34:
b7:76:11:d3:66:eb:ac:cd:4c:4f:e0:d9:5d:e5:d6:
29:e4:c6:4a:6e:71:e0:54:75:cb:51:49:27:7b:fa:
9b:f7:2e:f4:30:5f:47:1d:32:e8:a7:9e:1f:c4:0a:
e6:04:b8:92:c1:c9:f7:6a:11:dc:35:c8:09:44:33:
41:23:07:cb:28:93:13:62:10:62:a8:c7:e3:be:d3:
50:1e:68:8f:3e:c2:13:1d:53:70:3c:c4:13:98:24:
15:a9:26:76:2c:c5:a5:58:ba:c7:90:0b:59:73:a6:
48:72:39:46:c2:37:c7:7a:97:18:9c:49:6d:2b:a4:
74:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:84:0D:F7:27:BD:C1:66:D3:DF:C4:DA:F3:51:FC:23:4F:AF:0C:F8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02b::/36
Signature Algorithm: sha256WithRSAEncryption
04:6c:4c:a5:21:44:71:5a:2a:ba:38:57:22:da:ef:d6:cb:72:
d0:1c:53:da:ae:81:9a:6a:ae:b1:40:92:b2:07:47:a0:16:54:
69:0c:bf:c2:89:56:ec:f6:a6:b7:0e:28:e4:7d:e2:c6:8e:1d:
63:55:19:d6:47:2f:5f:e0:1f:19:4d:58:c5:83:82:8f:8b:82:
62:02:ab:d1:29:f7:d5:d7:68:e3:79:ae:7c:85:bf:93:33:49:
b8:4c:1e:b1:86:ee:d8:24:fc:54:5b:32:1a:80:a6:07:49:cc:
02:6d:da:3b:ae:f0:ac:e5:92:59:c5:95:37:b7:4f:fd:da:eb:
d8:68:bb:c4:1e:4b:e5:f7:b2:9f:dd:c0:10:d1:31:3c:93:5c:
40:b3:66:4b:23:a4:2c:7a:5d:ba:55:3b:c9:3a:06:b5:6d:b5:
87:30:5b:be:b4:cf:3c:1e:7a:8d:ec:47:ef:7d:a5:f8:fa:8f:
4b:10:a0:b4:93:bf:10:f9:2f:66:fb:d7:44:e5:3a:26:ce:7f:
9d:72:44:75:a7:dd:f9:b9:5f:1c:e5:33:cd:f0:28:14:00:19:
b7:5e:bc:5c:c8:a9:49:76:85:ac:8b:90:ba:8d:fd:35:cf:43:
72:d6:8d:c9:d8:bb:d7:1b:9b:fe:4e:52:c3:31:78:e4:3f:05:
31:f7:cb:5a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbfP+e2+xFRCbVwUcmAPoZymjVFMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDUwNTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5YWE5NjAyYTY0MTFkMjYxZDAzN2JkNDRkYWRiMDM5NGFlOTZjMDRkYzI4
OWQwNGMxZWMwOTE1MDhiODU4YjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLw4toTCN7Mf3uXnrkHEfRUNB9Hb1vUir/MkXufGjeuna8SG7s0enZf+ckv
B7qqi9G9YQoJAuBW2i0L0+y75ooVw+LB7W5vJadwgPutNIL3gqobBGmSBAY67nrV
+L75mNFfasBI6WQiH/n2tvTYxJ0vcSCrLgPrS/BxV510ea0PC24sqA40t3YR02br
rM1MT+DZXeXWKeTGSm5x4FR1y1FJJ3v6m/cu9DBfRx0y6KeeH8QK5gS4ksHJ92oR
3DXICUQzQSMHyyiTE2IQYqjH477TUB5ojz7CEx1TcDzEE5gkFakmdizFpVi6x5AL
WXOmSHI5RsI3x3qXGJxJbSukdL0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRNhA33
J73BZtPfxNrzUfwjT68M+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjkwZTY3YzctN2I3NS00YjlkLWFiYzYtMGMzZWMzNGMxNTI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CsA
MA0GCSqGSIb3DQEBCwUAA4IBAQAEbEylIURxWiq6OFci2u/Wy3LQHFParoGaaq6x
QJKyB0egFlRpDL/CiVbs9qa3DijkfeLGjh1jVRnWRy9f4B8ZTVjFg4KPi4JiAqvR
KffV12jjea58hb+TM0m4TB6xhu7YJPxUWzIagKYHScwCbdo7rvCs5ZJZxZU3t0/9
2uvYaLvEHkvl97Kf3cAQ0TE8k1xAs2ZLI6Qsel26VTvJOga1bbWHMFu+tM88HnqN
7EfvfaX4+o9LEKC0k78Q+S9m+9dE5Tomzn+dckR1p935uV8c5TPN8CgUABm3Xrxc
yKlJdoWsi5C6jf01z0Ny1o3J2LvXG5v+TlLDMXjkPwUx98ta
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:15 2025 by rpki-client