Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216e1c1f-35c3-4c02-a0c3-0b5815c016d7.roa
File: 216e1c1f-35c3-4c02-a0c3-0b5815c016d7.roa (raw, json)
Hash identifier: Erc4VoYpAaRWvN9a66AO1UU8bMig6B18Kcvrq3EyJkc=
Subject key identifier: 14:DF:B3:6D:EA:B8:AC:06:7F:EC:24:E7:78:D1:2A:DD:40:B5:11:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07C8F44BB199F100E8EA8FACD5D1BCE8EE419FF8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216e1c1f-35c3-4c02-a0c3-0b5815c016d7.roa
Signing time: Mon 16 Jun 2025 19:40:31 +0000
ROA not before: Mon 16 Jun 2025 19:40:31 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:c8:f4:4b:b1:99:f1:00:e8:ea:8f:ac:d5:d1:bc:e8:ee:41:9f:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:40:31 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=6f7ec9b438f66e3c3ef802be6fb02c410a44b6d936ae532aea1453e7d7dde77b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c8:92:7e:ff:a1:3e:55:f1:4b:a0:d5:43:9b:
71:1e:f5:ae:b5:c4:6e:c0:7c:ef:06:e2:8c:04:e0:
97:4d:f7:96:cf:27:b0:73:ae:30:46:38:a3:45:e4:
57:d8:b8:59:07:2a:e4:a3:91:cc:55:ea:8a:5a:57:
70:11:0b:6c:c9:2b:e6:00:77:b1:56:36:f8:75:ed:
2e:80:28:17:40:31:17:aa:01:ce:83:7f:cb:74:8f:
ef:a8:61:9c:45:44:d4:51:c8:d4:0d:a5:38:2a:34:
15:40:19:84:46:93:71:6e:76:e2:88:60:83:d7:9c:
59:9f:91:c6:87:6b:5e:de:e4:c5:7c:43:2e:14:5b:
98:24:fd:27:f0:31:90:f8:60:3e:7d:73:13:f9:c2:
8a:ad:cd:55:73:3d:18:d0:46:b0:5a:02:69:44:20:
97:cf:5f:ae:e0:2c:23:f4:0d:87:ee:fc:38:c8:db:
a6:c7:f3:02:ef:47:31:09:e7:8a:5a:c7:7d:64:43:
4b:55:44:8f:46:1f:fb:cc:77:ae:8a:dd:89:39:a1:
b2:4b:34:4d:bc:72:fd:86:fb:97:b4:4f:41:9c:6d:
c9:0c:a1:c5:ae:4c:25:26:c4:4f:ef:42:31:19:a6:
bf:f5:b3:fd:bf:e2:19:df:e8:0e:c0:c2:28:2c:ab:
19:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:DF:B3:6D:EA:B8:AC:06:7F:EC:24:E7:78:D1:2A:DD:40:B5:11:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216e1c1f-35c3-4c02-a0c3-0b5815c016d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
29:93:a2:00:e5:22:8f:7e:40:39:91:90:22:ec:e9:b8:ab:30:
7b:13:88:8a:8a:47:ab:7e:e6:34:b7:e2:ce:1e:50:17:78:92:
72:8b:3f:d4:21:d1:ed:27:c0:28:4d:dc:25:49:31:e6:1e:88:
4f:20:91:ea:cf:32:89:ba:ce:2c:e1:98:ee:20:89:88:90:96:
2c:e0:7b:a7:b5:93:bf:fa:a2:da:f7:1f:6c:8e:57:33:75:39:
fd:e3:95:9b:ee:e3:81:44:f0:f5:49:fd:67:9c:47:84:da:f0:
45:62:9b:79:1e:34:f3:35:6d:07:81:7b:c1:17:4e:37:01:a8:
ec:66:9b:bf:95:4c:ea:c6:dc:d3:7c:73:bc:f7:a0:e9:fb:36:
80:d8:e4:c3:f0:33:ba:bb:27:ec:1b:e6:3c:cf:a1:b8:27:7e:
48:4b:a5:0d:5b:6a:6e:66:eb:66:0f:2f:2f:6e:89:36:4c:18:
e7:0c:f9:97:57:c3:0d:fa:ea:05:c0:4e:b6:4a:33:52:07:d6:
c8:16:88:e2:d6:5e:18:82:c6:b3:83:ab:c3:dd:ff:cd:85:50:
18:b1:3b:a5:b5:bc:7f:99:dc:ba:69:04:29:23:7c:a6:fb:60:
d7:e2:e9:74:34:ee:ad:e5:c1:9f:6b:5e:20:89:eb:67:23:e3:
52:3f:1b:34
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUB8j0S7GZ8QDo6o+s1dG86O5Bn/gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTQwMzFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmN2VjOWI0MzhmNjZlM2MzZWY4MDJiZTZmYjAyYzQxMGE0NGI2ZDkzNmFl
NTMyYWVhMTQ1M2U3ZDdkZGU3N2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3Ikn7/oT5V8Uug1UObcR71rrXEbsB87wbijATgl033ls8nsHOuMEY4o0Xk
V9i4WQcq5KORzFXqilpXcBELbMkr5gB3sVY2+HXtLoAoF0AxF6oBzoN/y3SP76hh
nEVE1FHI1A2lOCo0FUAZhEaTcW524ohgg9ecWZ+RxodrXt7kxXxDLhRbmCT9J/Ax
kPhgPn1zE/nCiq3NVXM9GNBGsFoCaUQgl89fruAsI/QNh+78OMjbpsfzAu9HMQnn
ilrHfWRDS1VEj0Yf+8x3rordiTmhsks0Tbxy/Yb7l7RPQZxtyQyhxa5MJSbET+9C
MRmmv/Wz/b/iGd/oDsDCKCyrGTMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQU37Nt
6risBn/sJOd40SrdQLURCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjE2ZTFjMWYtMzVjMy00YzAyLWEwYzMtMGI1ODE1YzAxNmQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
wDANBgkqhkiG9w0BAQsFAAOCAQEAKZOiAOUij35AOZGQIuzpuKswexOIiopHq37m
NLfizh5QF3iScos/1CHR7SfAKE3cJUkx5h6ITyCR6s8yibrOLOGY7iCJiJCWLOB7
p7WTv/qi2vcfbI5XM3U5/eOVm+7jgUTw9Un9Z5xHhNrwRWKbeR408zVtB4F7wRdO
NwGo7Gabv5VM6sbc03xzvPeg6fs2gNjkw/Azursn7BvmPM+huCd+SEulDVtqbmbr
Zg8vL26JNkwY5wz5l1fDDfrqBcBOtkozUgfWyBaI4tZeGILGs4Orw93/zYVQGLE7
pbW8f5ncumkEKSN8pvtg1+LpdDTureXBn2teIInrZyPjUj8bNA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:26 2025 by rpki-client