Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/26750169-59df-4208-bbd4-d751d66a7b35.roa
File: 26750169-59df-4208-bbd4-d751d66a7b35.roa (raw, json)
Hash identifier: zVaHI+/L1zQgFZEtPooy9k4FzlPXcptjIPQa8l09dDc=
Subject key identifier: 54:D6:E9:9F:3C:66:BD:F0:D3:FD:C2:5B:99:05:4C:3C:19:D8:CF:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3411C42F764651246C1410AA9C6EAAFB243AE928
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/26750169-59df-4208-bbd4-d751d66a7b35.roa
Signing time: Mon 16 Jun 2025 20:30:54 +0000
ROA not before: Mon 16 Jun 2025 20:30:54 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:8080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:11:c4:2f:76:46:51:24:6c:14:10:aa:9c:6e:aa:fb:24:3a:e9:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:30:54 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=b526b4e025af291499045068de36d9b0a3a0cda1567a95bede0345e6678dcaa4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:93:29:ef:30:89:d4:e8:72:09:72:5f:0a:9a:
5f:ec:ad:7a:05:c8:4f:19:b2:19:68:33:f9:d2:e8:
22:4f:4f:00:7f:a5:8a:20:73:1d:e0:b5:e3:ee:3a:
7f:44:d7:cd:d0:df:37:a1:1e:dd:d9:41:76:14:05:
d6:ab:85:63:8a:3a:f0:78:c1:09:4b:4e:dd:d1:b1:
48:a9:35:27:8a:7b:e7:93:f8:87:98:f8:ef:28:6e:
80:ed:8b:7e:df:34:6b:ce:29:bb:95:dd:fa:cb:65:
a9:0d:ff:c4:6a:28:6a:7d:44:98:e9:a2:93:0f:86:
60:d9:1a:4b:46:7e:5a:20:91:a4:9f:a9:af:57:68:
71:85:51:30:b9:f4:a0:83:0f:a1:10:7f:03:68:11:
11:89:c2:ee:b2:5e:76:8a:b9:2e:eb:90:44:88:b5:
8e:69:57:54:ed:58:e6:c4:8c:23:57:34:da:af:48:
74:55:86:aa:f3:47:34:ea:d0:e0:72:32:90:fb:f2:
1a:d6:e2:8f:fb:ce:ff:64:f6:00:26:7a:f6:c8:14:
ff:05:1e:9f:3a:01:f3:ba:49:2d:3f:ce:80:37:69:
0c:8d:e6:d5:01:2b:71:e6:79:06:c1:04:1f:52:7d:
e6:2c:3b:3c:ff:2e:e0:5c:7f:4b:bc:c7:e6:ab:22:
d1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:D6:E9:9F:3C:66:BD:F0:D3:FD:C2:5B:99:05:4C:3C:19:D8:CF:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/26750169-59df-4208-bbd4-d751d66a7b35.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:8080::/46
Signature Algorithm: sha256WithRSAEncryption
5e:fd:75:c8:d9:d4:3d:26:1b:e4:12:82:c5:2a:3d:8c:c2:c3:
6e:96:5f:e6:77:bf:20:cf:db:97:f3:4d:8d:c3:4b:02:9f:49:
8d:3b:48:20:75:c3:84:e8:dd:a9:9d:32:22:97:61:e0:85:22:
5f:ea:b2:6f:fe:9a:1c:02:5e:c2:57:5d:1f:82:c6:76:f5:86:
0b:10:af:e3:2a:d4:9a:f2:f9:79:30:c1:ed:c3:cf:2f:a5:64:
a6:2a:c2:ff:4e:6d:00:a1:d3:d8:f7:cd:d9:e9:12:73:11:4e:
11:14:0b:04:97:fe:d6:36:db:49:2c:73:a0:b0:0f:43:d0:ff:
b2:a1:2e:80:43:c7:78:66:54:7b:10:a1:35:dd:13:84:41:f2:
a6:ae:cf:5d:de:76:4d:d8:68:57:3c:39:a5:46:ad:de:a8:58:
d5:60:f4:c8:37:a2:a7:d4:53:07:fb:f8:04:7f:b3:5e:5d:1a:
f2:9c:39:e9:59:f5:dc:10:31:de:93:e3:fa:a4:a3:bd:21:7d:
e1:1d:e0:b9:4f:ca:85:59:8d:2d:20:c9:c1:61:ef:78:ca:48:
77:f6:37:2b:b3:84:de:0f:3f:e9:8b:c7:ef:bf:f7:76:05:9c:
3d:1f:fc:c0:7c:67:5a:c6:b3:86:7d:7a:b0:6d:45:6e:e7:3f:
50:50:9f:23
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNBHEL3ZGUSRsFBCqnG6q+yQ66SgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDMwNTRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1MjZiNGUwMjVhZjI5MTQ5OTA0NTA2OGRlMzZkOWIwYTNhMGNkYTE1Njdh
OTViZWRlMDM0NWU2Njc4ZGNhYTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyTKe8widTocglyXwqaX+ytegXITxmyGWgz+dLoIk9PAH+liiBzHeC14+46
f0TXzdDfN6Ee3dlBdhQF1quFY4o68HjBCUtO3dGxSKk1J4p755P4h5j47yhugO2L
ft80a84pu5Xd+stlqQ3/xGooan1EmOmikw+GYNkaS0Z+WiCRpJ+pr1docYVRMLn0
oIMPoRB/A2gREYnC7rJedoq5LuuQRIi1jmlXVO1Y5sSMI1c02q9IdFWGqvNHNOrQ
4HIykPvyGtbij/vO/2T2ACZ69sgU/wUenzoB87pJLT/OgDdpDI3m1QErceZ5BsEE
H1J95iw7PP8u4Fx/S7zH5qsi0fkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRU1umf
PGa98NP9wluZBUw8GdjPPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjY3NTAxNjktNTlkZi00MjA4LWJiZDQtZDc1MWQ2NmE3YjM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeA
gDANBgkqhkiG9w0BAQsFAAOCAQEAXv11yNnUPSYb5BKCxSo9jMLDbpZf5ne/IM/b
l/NNjcNLAp9JjTtIIHXDhOjdqZ0yIpdh4IUiX+qyb/6aHAJewlddH4LGdvWGCxCv
4yrUmvL5eTDB7cPPL6VkpirC/05tAKHT2PfN2ekScxFOERQLBJf+1jbbSSxzoLAP
Q9D/sqEugEPHeGZUexChNd0ThEHypq7PXd52TdhoVzw5pUat3qhY1WD0yDeip9RT
B/v4BH+zXl0a8pw56Vn13BAx3pPj+qSjvSF94R3guU/KhVmNLSDJwWHveMpId/Y3
K7OE3g8/6YvH77/3dgWcPR/8wHxnWsazhn16sG1Fbuc/UFCfIw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:40 2025 by rpki-client