Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4389554a-4652-4758-9554-9b33b823e094.roa
File: 4389554a-4652-4758-9554-9b33b823e094.roa (raw, json)
Hash identifier: o4RGfJcbljXB970ZrAnE+V2aDSSHbW4S9TgDCCcv4IM=
Subject key identifier: 16:27:23:87:FE:D9:AC:EC:CD:AB:C8:F3:62:EF:74:A1:11:25:1F:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1263AFC95DBB80AF14B1F315A71696644425051E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4389554a-4652-4758-9554-9b33b823e094.roa
Signing time: Thu 26 Jun 2025 19:51:58 +0000
ROA not before: Thu 26 Jun 2025 19:51:58 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:c020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:63:af:c9:5d:bb:80:af:14:b1:f3:15:a7:16:96:64:44:25:05:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:51:58 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=9961a57b563d717ce55d66c4d793c93125e5665b55ae87a1d114a1e728ba73ef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3a:5f:b4:d9:1c:c9:53:be:a9:80:c1:71:ac:
db:c0:b8:7c:a3:b5:d8:eb:25:e5:4f:2a:f9:7c:5c:
bb:cf:8b:28:3d:0a:0a:b2:40:57:49:ae:5d:de:23:
e5:57:60:64:45:7f:f0:1b:08:24:16:f8:1a:f3:02:
09:14:07:3b:17:97:96:2a:a1:06:ae:bd:ea:c8:27:
e4:ab:8f:44:1b:91:ca:44:b8:30:68:a4:bd:2c:bd:
58:16:a5:eb:82:31:fd:31:48:9f:74:ee:6c:e9:d6:
18:3e:f9:54:fd:af:68:d0:dd:16:a3:72:b3:5c:7d:
b9:7c:7d:66:20:47:1d:58:0f:7f:b5:9c:86:ff:55:
60:fb:32:5a:1f:7f:40:51:d9:4e:b9:43:d4:dd:b5:
18:8c:38:d8:c5:96:75:81:36:8f:4b:6a:89:df:39:
a9:cf:31:f9:33:e1:12:6c:66:95:5f:92:ba:5d:2d:
f3:4f:8b:c7:d7:3d:50:d7:c7:f5:37:ee:c6:56:f4:
28:54:cb:59:26:03:63:48:68:a4:51:c3:73:dd:d0:
66:16:52:14:55:85:1c:0c:c9:d3:0f:3d:ad:c0:c2:
3d:29:0b:73:47:b8:52:97:f6:b2:da:7d:ce:f6:84:
18:85:b1:6d:88:cf:e4:fe:22:4c:cb:70:83:30:7e:
ef:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:27:23:87:FE:D9:AC:EC:CD:AB:C8:F3:62:EF:74:A1:11:25:1F:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4389554a-4652-4758-9554-9b33b823e094.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:c020::/46
Signature Algorithm: sha256WithRSAEncryption
0c:2b:46:6f:1e:92:cf:b3:69:be:86:c5:11:08:43:8d:9b:96:
ca:24:42:a9:5c:72:b0:93:59:e8:fe:3a:44:11:34:07:0d:b9:
06:d0:c7:19:ee:6c:c3:92:9d:ad:fd:1b:27:42:2d:60:ec:7f:
85:fd:38:26:fa:82:07:da:29:5c:d7:cf:67:98:e3:e7:ef:44:
17:50:53:db:f0:6e:a1:05:49:28:83:12:ae:a0:d2:a0:38:09:
ae:db:8d:da:22:48:64:46:eb:eb:f2:e3:f5:47:eb:4c:47:c2:
52:2e:36:5f:6f:c8:63:10:87:14:86:62:ce:9e:d7:91:c4:eb:
de:5a:2b:80:48:f6:1f:5d:ab:5d:5b:5e:10:d0:77:28:e0:fb:
40:28:ab:b2:08:ac:19:36:ae:d7:a9:2e:55:e4:e2:e8:4c:e4:
df:0b:48:83:d8:7f:cb:7e:eb:8e:f3:43:f9:f1:43:1c:1d:db:
39:39:f6:98:a3:7a:a4:b0:7a:9d:15:7c:cd:cc:38:45:a3:04:
b4:01:ee:87:8a:2c:1c:e8:d3:db:39:89:13:7a:01:3c:b9:c7:
0d:c2:dd:94:1e:4c:15:6d:47:31:4f:e2:2b:e9:f5:cf:8f:3f:
3d:19:61:43:71:8f:d9:c9:75:1a:62:2c:dc:38:19:3e:cb:63:
4e:1d:b4:ea
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEmOvyV27gK8UsfMVpxaWZEQlBR4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTUxNThaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5NjFhNTdiNTYzZDcxN2NlNTVkNjZjNGQ3OTNjOTMxMjVlNTY2NWI1NWFl
ODdhMWQxMTRhMWU3MjhiYTczZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMw6X7TZHMlTvqmAwXGs28C4fKO12Osl5U8q+Xxcu8+LKD0KCrJAV0muXd4j
5VdgZEV/8BsIJBb4GvMCCRQHOxeXliqhBq696sgn5KuPRBuRykS4MGikvSy9WBal
64Ix/TFIn3TubOnWGD75VP2vaNDdFqNys1x9uXx9ZiBHHVgPf7Wchv9VYPsyWh9/
QFHZTrlD1N21GIw42MWWdYE2j0tqid85qc8x+TPhEmxmlV+Sul0t80+Lx9c9UNfH
9Tfuxlb0KFTLWSYDY0hopFHDc93QZhZSFFWFHAzJ0w89rcDCPSkLc0e4Upf2stp9
zvaEGIWxbYjP5P4iTMtwgzB+7wcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQWJyOH
/tms7M2ryPNi73ShESUfojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDM4OTU1NGEtNDY1Mi00NzU4LTk1NTQtOWIzM2I4MjNlMDk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HvA
IDANBgkqhkiG9w0BAQsFAAOCAQEADCtGbx6Sz7NpvobFEQhDjZuWyiRCqVxysJNZ
6P46RBE0Bw25BtDHGe5sw5Kdrf0bJ0ItYOx/hf04JvqCB9opXNfPZ5jj5+9EF1BT
2/BuoQVJKIMSrqDSoDgJrtuN2iJIZEbr6/Lj9UfrTEfCUi42X2/IYxCHFIZizp7X
kcTr3lorgEj2H12rXVteENB3KOD7QCirsgisGTau16kuVeTi6Ezk3wtIg9h/y37r
jvND+fFDHB3bOTn2mKN6pLB6nRV8zcw4RaMEtAHuh4osHOjT2zmJE3oBPLnHDcLd
lB5MFW1HMU/iK+n1z48/PRlhQ3GP2cl1GmIs3DgZPstjTh206g==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:12:01 2025 by rpki-client