Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
File: 15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa (raw, json)
Hash identifier: JsqiCFFVKHYgYoPkpJWJksWbQQNOclv7peARNURkXR4=
Subject key identifier: 6D:D8:7E:CA:C9:B1:36:57:52:12:89:DD:59:E0:43:9D:74:BE:9D:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49ABB5D5802CD9EBF0DCC8D08135086FA59F1646
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
Signing time: Mon 16 Jun 2025 20:00:46 +0000
ROA not before: Mon 16 Jun 2025 20:00:46 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:ab:b5:d5:80:2c:d9:eb:f0:dc:c8:d0:81:35:08:6f:a5:9f:16:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:46 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=1ac1de09c22b63bbe28bbe607781b23f75080ca868a58eedc0804118d8f09304, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:8b:8a:a7:79:9d:ea:d9:3b:f8:cd:0b:a5:1e:
42:68:03:1c:09:fa:c2:21:02:91:7d:4f:8e:02:c5:
ad:26:59:35:34:6f:9a:36:79:24:99:aa:0b:6d:29:
61:df:73:0b:c6:b2:63:e3:41:39:e7:cd:ce:a1:ed:
db:f9:5a:e1:3a:dc:8d:45:82:30:47:d0:50:8a:00:
5a:95:0a:3e:96:34:de:c2:d7:23:5f:8d:95:40:14:
fd:f6:b7:80:43:8d:80:f5:43:dc:d4:81:ad:83:f6:
05:5c:6d:a4:b0:11:c1:30:19:b3:d3:ea:0b:25:a2:
7e:7d:0f:71:b8:61:e5:88:89:55:b9:7e:a5:b1:bd:
aa:fd:32:a3:48:0d:12:68:26:df:79:65:8e:e2:de:
38:52:2c:b6:32:91:17:d8:06:f3:c4:f3:a4:a9:0c:
6b:4d:54:d8:d9:4e:9f:9f:7a:75:b2:0e:86:5b:1e:
d6:97:e2:c4:a3:9b:d2:a0:9b:b7:b1:80:2e:ef:40:
db:ae:2a:88:d1:29:44:c2:ac:6a:50:b2:fa:77:51:
38:ad:49:2c:aa:88:c2:63:22:05:22:8a:55:ee:02:
12:3a:c3:3a:06:81:5d:02:ee:16:cc:06:80:ff:e1:
19:ac:30:ac:40:3d:b9:8f:d6:2f:6d:1c:59:2f:7b:
21:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D8:7E:CA:C9:B1:36:57:52:12:89:DD:59:E0:43:9D:74:BE:9D:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
b1:aa:a2:48:be:a1:97:ae:5d:cd:30:f6:af:36:22:b3:70:6a:
98:dd:f5:be:79:b8:fa:f2:3b:e9:bc:da:3a:2e:37:c9:6e:b7:
b0:87:ba:a6:da:2a:ed:3b:cb:ae:b5:ce:35:6e:b8:cd:34:22:
ca:77:5e:5c:84:94:12:9e:b4:20:f7:8d:c1:6e:fa:2f:22:b7:
aa:6c:0f:7b:61:bd:14:0e:69:6a:9e:1d:65:a4:cd:f0:2a:b6:
7a:e5:de:cf:46:69:a2:c3:df:c9:93:6e:ee:bf:51:21:29:8e:
6e:bb:05:76:6c:6f:44:ba:9d:84:a6:85:ad:55:25:1b:af:ba:
61:cc:4f:5e:a4:db:03:d6:40:cb:78:96:c6:cf:35:f1:89:0f:
32:45:b2:0a:dd:3b:12:d9:d7:31:5a:c8:54:ea:4c:9f:ae:3e:
0c:68:a5:66:a1:ad:26:e5:d6:72:77:6f:77:0c:4b:71:d2:d9:
f2:f0:98:66:17:1f:e9:3b:79:9f:d3:78:e1:42:ea:08:c6:8f:
05:4e:d4:86:7d:34:8d:b7:10:87:26:c2:e6:83:e4:91:0d:c5:
30:87:93:95:a8:31:cd:4e:ea:ae:19:4f:7c:49:95:e6:24:b1:
c6:ab:5a:3e:06:52:ba:8b:d9:16:a5:56:d7:1e:1d:73:03:ba:
63:e3:ea:0e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSau11YAs2evw3MjQgTUIb6WfFkYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwNDZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhYzFkZTA5YzIyYjYzYmJlMjhiYmU2MDc3ODFiMjNmNzUwODBjYTg2OGE1
OGVlZGMwODA0MTE4ZDhmMDkzMDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOCLiqd5nerZO/jNC6UeQmgDHAn6wiECkX1PjgLFrSZZNTRvmjZ5JJmqC20p
Yd9zC8ayY+NBOefNzqHt2/la4TrcjUWCMEfQUIoAWpUKPpY03sLXI1+NlUAU/fa3
gEONgPVD3NSBrYP2BVxtpLARwTAZs9PqCyWifn0Pcbhh5YiJVbl+pbG9qv0yo0gN
Emgm33lljuLeOFIstjKRF9gG88TzpKkMa01U2NlOn596dbIOhlse1pfixKOb0qCb
t7GALu9A264qiNEpRMKsalCy+ndROK1JLKqIwmMiBSKKVe4CEjrDOgaBXQLuFswG
gP/hGawwrEA9uY/WL20cWS97IT0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRt2H7K
ybE2V1ISid1Z4EOddL6dSzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTVkZTAwNGItY2QwZi00NGExLTk5YjEtNGUyZTcxZmYwN2QxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
wDANBgkqhkiG9w0BAQsFAAOCAQEAsaqiSL6hl65dzTD2rzYis3BqmN31vnm4+vI7
6bzaOi43yW63sIe6ptoq7TvLrrXONW64zTQiyndeXISUEp60IPeNwW76LyK3qmwP
e2G9FA5pap4dZaTN8Cq2euXez0ZposPfyZNu7r9RISmObrsFdmxvRLqdhKaFrVUl
G6+6YcxPXqTbA9ZAy3iWxs818YkPMkWyCt07EtnXMVrIVOpMn64+DGilZqGtJuXW
cndvdwxLcdLZ8vCYZhcf6Tt5n9N44ULqCMaPBU7Uhn00jbcQhybC5oPkkQ3FMIeT
lagxzU7qrhlPfEmV5iSxxqtaPgZSuovZFqVW1x4dcwO6Y+PqDg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:24:36 2025 by rpki-client