Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ccee04d-5f4f-40b6-8ff7-72cf1f2b1d0f.roa
File: 0ccee04d-5f4f-40b6-8ff7-72cf1f2b1d0f.roa (raw, json)
Hash identifier: ++lp9HE5SC6vyZYMY6uVLcSoneGEh4lz6KLybbioKic=
Subject key identifier: 90:FD:82:54:89:71:E9:4B:57:4E:F9:A4:97:CC:DC:F3:15:6E:99:47
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78140289A30FD00C5032A7E73E7115A419D1D053
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ccee04d-5f4f-40b6-8ff7-72cf1f2b1d0f.roa
Signing time: Thu 26 Jun 2025 19:51:57 +0000
ROA not before: Thu 26 Jun 2025 19:51:57 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:4020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:14:02:89:a3:0f:d0:0c:50:32:a7:e7:3e:71:15:a4:19:d1:d0:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:51:57 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=5d1f6baf1efbaf57ed89b6f0f84f2bc9412e0684df98add0c501faddc3589b95, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8b:0a:96:73:33:90:51:f6:d9:62:fa:31:62:
1c:7a:40:38:6a:f3:69:e8:90:05:e0:a5:f4:62:58:
1b:7e:ff:4d:86:65:11:74:c2:0e:ab:c5:29:8e:f1:
76:50:2a:da:e7:55:22:84:b4:5e:50:92:fc:5a:f0:
a8:91:2a:81:97:7a:87:8c:35:09:c1:3f:9f:21:75:
3d:78:a6:3a:a6:da:90:4c:b1:39:a1:7a:b0:13:da:
4c:26:d6:6b:d9:ed:7f:5f:43:07:31:c0:37:a4:74:
47:1d:38:1b:16:90:cc:51:4d:c9:7a:ed:03:e6:bf:
10:e6:96:3f:ae:f9:d1:1d:8a:67:15:82:81:5c:c4:
30:a3:1a:e5:6e:84:4b:61:9c:b7:f7:c7:5a:10:c3:
b4:db:2c:da:4b:c8:1e:04:01:7b:5e:15:25:67:34:
b0:38:40:07:ed:29:4a:17:dc:42:77:ed:02:6d:6f:
47:ff:16:1a:40:ea:d4:2b:0c:ca:b9:4f:2f:51:34:
2a:c1:94:68:31:ce:72:4f:47:48:5e:75:64:3d:9c:
88:44:9d:62:0f:dc:c1:16:73:37:70:47:47:30:eb:
55:a3:e3:63:f8:99:75:f0:2d:ac:a3:7e:5d:96:47:
d0:3e:40:1f:77:65:e0:5e:ce:b4:26:e0:63:79:4e:
99:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:FD:82:54:89:71:E9:4B:57:4E:F9:A4:97:CC:DC:F3:15:6E:99:47
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ccee04d-5f4f-40b6-8ff7-72cf1f2b1d0f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:4020::/46
Signature Algorithm: sha256WithRSAEncryption
69:3b:5e:d5:42:0f:a1:e6:98:a2:cc:8d:a6:1a:ca:9d:5b:98:
8e:3d:47:81:d6:ae:81:eb:8d:8f:d0:04:98:a8:b3:b8:77:34:
62:8f:6c:c2:42:8d:4b:ff:7e:be:dd:5c:71:1a:9c:12:c5:95:
cc:8f:e3:2e:49:d5:a8:3f:02:ec:64:da:0e:c4:39:7f:09:6d:
3b:03:97:85:7c:d6:db:12:53:e1:88:e0:7a:af:0c:dd:43:cd:
8d:34:68:4b:93:42:a6:d2:d5:d6:c1:78:96:57:64:93:6f:07:
11:6b:32:22:da:f0:36:5f:ae:ba:6d:22:06:92:35:f5:fb:5a:
6a:c1:af:7b:f3:b8:2f:7f:37:2f:dd:17:2e:da:34:50:7c:41:
36:f2:07:43:d0:67:29:a1:09:06:5a:ae:0c:4c:b5:a3:4c:a1:
1f:ed:00:da:a7:44:1b:c9:6d:8e:db:2b:26:f5:e2:91:71:05:
b8:d8:5d:49:ff:7f:d4:57:75:ee:1c:10:b4:60:46:82:7d:4a:
fc:cf:99:dc:6d:9e:d2:7d:2b:e0:af:d8:50:63:4b:05:d3:e4:
1d:76:fe:54:0a:b5:a2:c1:7a:b1:d1:11:36:fa:88:21:4a:2b:
88:27:06:02:aa:14:99:a6:21:8a:e1:ae:9a:df:0b:74:e6:16:
3e:1c:7d:c0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeBQCiaMP0AxQMqfnPnEVpBnR0FMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTUxNTdaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkMWY2YmFmMWVmYmFmNTdlZDg5YjZmMGY4NGYyYmM5NDEyZTA2ODRkZjk4
YWRkMGM1MDFmYWRkYzM1ODliOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOLCpZzM5BR9tli+jFiHHpAOGrzaeiQBeCl9GJYG37/TYZlEXTCDqvFKY7x
dlAq2udVIoS0XlCS/FrwqJEqgZd6h4w1CcE/nyF1PXimOqbakEyxOaF6sBPaTCbW
a9ntf19DBzHAN6R0Rx04GxaQzFFNyXrtA+a/EOaWP6750R2KZxWCgVzEMKMa5W6E
S2Gct/fHWhDDtNss2kvIHgQBe14VJWc0sDhAB+0pShfcQnftAm1vR/8WGkDq1CsM
yrlPL1E0KsGUaDHOck9HSF51ZD2ciESdYg/cwRZzN3BHRzDrVaPjY/iZdfAtrKN+
XZZH0D5AH3dl4F7OtCbgY3lOmQsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSQ/YJU
iXHpS1dO+aSXzNzzFW6ZRzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGNjZWUwNGQtNWY0Zi00MGI2LThmZjctNzJjZjFmMmIxZDBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HtA
IDANBgkqhkiG9w0BAQsFAAOCAQEAaTte1UIPoeaYosyNphrKnVuYjj1HgdaugeuN
j9AEmKizuHc0Yo9swkKNS/9+vt1ccRqcEsWVzI/jLknVqD8C7GTaDsQ5fwltOwOX
hXzW2xJT4Yjgeq8M3UPNjTRoS5NCptLV1sF4lldkk28HEWsyItrwNl+uum0iBpI1
9ftaasGve/O4L383L90XLto0UHxBNvIHQ9BnKaEJBlquDEy1o0yhH+0A2qdEG8lt
jtsrJvXikXEFuNhdSf9/1Fd17hwQtGBGgn1K/M+Z3G2e0n0r4K/YUGNLBdPkHXb+
VAq1osF6sdERNvqIIUoriCcGAqoUmaYhiuGumt8LdOYWPhx9wA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:02 2025 by rpki-client