Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
File: 4408cd10-0fa6-407f-adbc-3a7a668523d6.roa (raw, json)
Hash identifier: C0OjOVtK+uE9FzJJMETE/aNwojo+j8swWrM+E+EefPE=
Subject key identifier: AD:A2:33:4F:A8:A8:DD:C7:67:36:95:97:14:98:94:51:79:F7:DF:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5852CE9672EC339F6ED09AB6F78AF506C4324800
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
Signing time: Mon 16 Jun 2025 19:40:19 +0000
ROA not before: Mon 16 Jun 2025 19:40:19 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:52:ce:96:72:ec:33:9f:6e:d0:9a:b6:f7:8a:f5:06:c4:32:48:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:40:19 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=b68914ec99c0bc4677bc1679fcc44ad916b912f2016a312694f7e8e8908e50ad, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f0:be:4f:55:ca:0e:67:9a:38:86:47:9d:27:
f2:e4:01:03:26:dc:22:85:ca:ea:a6:ee:de:83:de:
4c:64:17:bc:30:31:1f:10:54:7f:9f:ac:95:5d:13:
fd:4a:f3:22:75:63:5a:af:6a:d6:da:5d:d8:24:de:
2a:8b:15:ac:75:9d:cb:03:b8:e8:6a:9b:22:52:06:
e9:98:d5:3a:97:cc:79:1d:29:9e:06:d3:46:dd:45:
18:7e:db:cc:9e:69:bc:46:63:cd:b0:83:21:88:ce:
1b:18:2e:1c:28:83:89:cd:e2:8a:3b:bb:15:34:e9:
98:b0:9c:92:27:9c:b4:df:c6:e0:dd:ad:f7:c7:51:
44:dd:04:2b:86:9c:66:2a:ac:65:dd:63:72:fd:2b:
1a:26:a4:e9:6c:fa:ef:ef:28:5b:65:57:1c:87:1e:
92:79:ad:5b:de:8a:12:22:15:4e:cb:a0:b5:d5:eb:
e4:57:0c:ab:59:0d:e5:4b:0c:49:ee:96:49:4a:14:
a6:f9:6a:74:9e:3a:d0:5c:08:39:30:70:67:1a:59:
2c:5d:43:11:73:c4:55:d6:be:1e:d0:3d:2d:b1:dd:
49:1e:93:9c:2b:50:7b:f8:5e:dc:c5:f5:36:dc:d5:
88:2a:e9:5c:a5:dc:3f:c1:e5:0d:7d:e3:bb:90:6f:
5c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A2:33:4F:A8:A8:DD:C7:67:36:95:97:14:98:94:51:79:F7:DF:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1040::/48
Signature Algorithm: sha256WithRSAEncryption
68:ab:f0:32:9e:18:aa:c0:f8:40:b4:11:75:e7:10:ad:e1:52:
c4:d2:e6:c5:6f:43:c7:b2:19:ee:e2:fe:a8:75:4c:b2:88:22:
57:4f:85:af:5c:b7:ae:ce:ba:5d:ac:3d:a3:c0:f4:01:74:01:
17:73:5c:ea:29:d4:e0:55:40:a4:d2:6c:b4:53:66:b9:b6:09:
e2:59:b1:3f:1d:7b:02:27:a4:63:13:fd:5b:d0:d2:4c:e8:42:
1f:97:c9:b7:5d:c6:bb:2b:ee:46:4c:2d:4b:69:68:b1:cb:2d:
43:7b:56:67:51:ae:3b:25:6c:24:96:9b:81:5b:65:1e:8d:92:
92:01:9b:2a:07:68:93:37:01:0f:4b:af:a8:15:b1:f3:0b:da:
18:d1:0f:03:33:60:f9:69:f1:19:cf:48:38:d1:a4:9b:fb:24:
ca:7b:68:5a:10:80:cb:7b:43:1a:bf:45:3e:1f:4a:f3:21:a6:
c5:9d:ef:81:f7:85:ad:90:21:fb:41:fd:ee:33:b0:a8:45:1c:
36:d0:ac:f3:ac:a9:e5:e0:b9:5f:2d:fb:ca:04:f7:74:15:62:
fe:b8:ce:5c:48:9d:2b:ad:17:26:b8:0d:ab:6f:4e:f7:58:0a:
c9:ec:82:74:22:8a:db:6b:fe:31:7c:be:42:86:8e:7e:f4:9c:
1c:d7:49:f9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWFLOlnLsM59u0Jq294r1BsQySAAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTQwMTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2ODkxNGVjOTljMGJjNDY3N2JjMTY3OWZjYzQ0YWQ5MTZiOTEyZjIwMTZh
MzEyNjk0ZjdlOGU4OTA4ZTUwYWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzwvk9Vyg5nmjiGR50n8uQBAybcIoXK6qbu3oPeTGQXvDAxHxBUf5+slV0T
/UrzInVjWq9q1tpd2CTeKosVrHWdywO46GqbIlIG6ZjVOpfMeR0pngbTRt1FGH7b
zJ5pvEZjzbCDIYjOGxguHCiDic3iiju7FTTpmLCckiectN/G4N2t98dRRN0EK4ac
ZiqsZd1jcv0rGiak6Wz67+8oW2VXHIceknmtW96KEiIVTsugtdXr5FcMq1kN5UsM
Se6WSUoUpvlqdJ460FwIOTBwZxpZLF1DEXPEVda+HtA9LbHdSR6TnCtQe/he3MX1
NtzViCrpXKXcP8HlDX3ju5BvXLMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBStojNP
qKjdx2c2lZcUmJRRefffpDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQwOGNkMTAtMGZhNi00MDdmLWFkYmMtM2E3YTY2ODUyM2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAaKvwMp4YqsD4QLQRdecQreFSxNLmxW9Dx7IZ
7uL+qHVMsogiV0+Fr1y3rs66Xaw9o8D0AXQBF3Nc6inU4FVApNJstFNmubYJ4lmx
Px17AiekYxP9W9DSTOhCH5fJt13GuyvuRkwtS2loscstQ3tWZ1GuOyVsJJabgVtl
Ho2SkgGbKgdokzcBD0uvqBWx8wvaGNEPAzNg+WnxGc9IONGkm/skyntoWhCAy3tD
Gr9FPh9K8yGmxZ3vgfeFrZAh+0H97jOwqEUcNtCs86yp5eC5Xy37ygT3dBVi/rjO
XEidK60XJrgNq29O91gKyeyCdCKK22v+MXy+QoaOfvScHNdJ+Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:36:45 2025 by rpki-client