Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
File: 44d8b686-7db5-4309-8f09-3af611be3753.roa (raw, json)
Hash identifier: 7OtvavgT7c5dl+2S3iRpn3dg3q+PIsQ/RVSDA8Ug9UE=
Subject key identifier: 60:8D:83:14:F6:7B:F4:3E:29:A4:2F:28:43:08:A3:28:E4:73:01:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 26FC6FA4CA2F11A7D725FC618FFF3DE588F2175A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
Signing time: Mon 16 Jun 2025 21:01:28 +0000
ROA not before: Mon 16 Jun 2025 21:01:28 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:fc:6f:a4:ca:2f:11:a7:d7:25:fc:61:8f:ff:3d:e5:88:f2:17:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:01:28 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=49768e0cca83a46ab674de9f9ab1722cc9ba5c52a87363a8c1036a2415046691, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:d7:24:25:cb:5c:7f:a7:d2:7c:95:9a:b6:08:
23:a2:59:ef:1f:9f:9f:40:76:85:94:f2:1c:51:9c:
ae:c9:02:36:23:9f:f3:97:1d:36:8a:00:a0:29:d7:
f8:02:5f:a5:63:c1:21:dc:5c:d8:98:f2:c6:b8:f0:
e4:24:0b:a1:4e:08:9d:ba:53:aa:d5:9b:9e:f7:b1:
64:93:59:79:65:36:c8:9f:68:ca:32:f9:47:3e:fd:
0c:5c:2e:4a:78:f5:af:8d:2f:1f:2e:e6:ff:ee:d8:
70:87:77:df:6a:3c:2e:3c:6e:89:0f:c2:f5:b1:46:
79:6b:59:6a:d4:7b:da:3f:28:39:0b:67:b0:18:0c:
a1:ee:04:a7:59:39:05:c8:f7:34:ed:bc:75:78:02:
72:0d:07:99:d9:83:5d:5f:ba:6d:5a:e8:c3:6b:8f:
dd:5f:28:8f:d9:86:d5:cc:43:32:f5:49:a0:21:f5:
34:45:c5:cb:4f:36:b5:84:9e:78:25:07:37:38:88:
51:0d:db:66:7a:8c:d8:a2:1e:9a:02:b3:43:a4:64:
00:2e:be:16:67:cc:66:e9:2d:a5:42:14:e7:1c:ab:
65:67:79:1f:1f:b2:45:bb:6f:dd:27:ac:50:11:39:
f9:17:2d:90:27:88:85:1f:3a:93:84:8a:ac:68:04:
ff:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:8D:83:14:F6:7B:F4:3E:29:A4:2F:28:43:08:A3:28:E4:73:01:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:c000::/40
Signature Algorithm: sha256WithRSAEncryption
1d:c5:af:cc:f7:9a:68:40:7c:5d:ce:32:f9:45:3a:d3:69:58:
e1:9c:e6:65:f8:88:50:53:2e:2a:f0:be:1b:d3:fc:df:07:4f:
a3:fe:6f:0c:85:7f:09:62:2e:40:e1:aa:b8:46:1f:7f:36:1f:
3c:ff:ef:39:28:fb:a7:d7:9d:56:4e:ae:ff:21:6d:b3:b9:4c:
74:ba:a4:c7:95:a7:14:52:e3:8b:08:c4:28:31:05:99:4d:f8:
99:28:e6:70:1a:52:96:2e:2d:76:7b:0b:c9:9e:02:39:dd:ae:
fd:74:ec:30:9d:e8:f5:33:25:41:15:ef:17:f7:c3:22:9e:a4:
1a:2f:d4:36:72:3a:f4:a4:3e:76:a5:b6:5e:45:ad:37:cf:fa:
25:ad:94:5f:9f:2f:e8:11:c7:a2:7d:43:c3:78:52:b9:ea:30:
db:74:73:ae:e0:37:eb:12:a0:bb:87:3a:dc:91:eb:e7:c9:c6:
c7:6c:cf:50:cc:8e:99:a7:58:12:19:ee:0a:91:08:ee:b2:33:
2b:fe:fe:b1:55:14:c0:79:52:08:7a:0a:eb:df:f2:fc:9a:70:
81:9d:fa:20:a3:a3:cc:1f:4b:27:0f:e2:a4:ad:93:0a:8f:d2:
d6:8f:c5:bc:49:ba:f2:3b:3d:d8:b1:11:3d:84:96:f4:2e:c9:
33:c4:d8:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJvxvpMovEafXJfxhj/895YjyF1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTAxMjhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5NzY4ZTBjY2E4M2E0NmFiNjc0ZGU5ZjlhYjE3MjJjYzliYTVjNTJhODcz
NjNhOGMxMDM2YTI0MTUwNDY2OTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOvXJCXLXH+n0nyVmrYII6JZ7x+fn0B2hZTyHFGcrskCNiOf85cdNooAoCnX
+AJfpWPBIdxc2Jjyxrjw5CQLoU4InbpTqtWbnvexZJNZeWU2yJ9oyjL5Rz79DFwu
Snj1r40vHy7m/+7YcId332o8LjxuiQ/C9bFGeWtZatR72j8oOQtnsBgMoe4Ep1k5
Bcj3NO28dXgCcg0HmdmDXV+6bVrow2uP3V8oj9mG1cxDMvVJoCH1NEXFy082tYSe
eCUHNziIUQ3bZnqM2KIemgKzQ6RkAC6+FmfMZuktpUIU5xyrZWd5Hx+yRbtv3Ses
UBE5+RctkCeIhR86k4SKrGgE/zECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRgjYMU
9nv0PimkLyhDCKMo5HMBxzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDRkOGI2ODYtN2RiNS00MzA5LThmMDktM2FmNjExYmUzNzUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HrA
MA0GCSqGSIb3DQEBCwUAA4IBAQAdxa/M95poQHxdzjL5RTrTaVjhnOZl+IhQUy4q
8L4b0/zfB0+j/m8MhX8JYi5A4aq4Rh9/Nh88/+85KPun151WTq7/IW2zuUx0uqTH
lacUUuOLCMQoMQWZTfiZKOZwGlKWLi12ewvJngI53a79dOwwnej1MyVBFe8X98Mi
nqQaL9Q2cjr0pD52pbZeRa03z/olrZRfny/oEceifUPDeFK56jDbdHOu4DfrEqC7
hzrckevnycbHbM9QzI6Zp1gSGe4KkQjusjMr/v6xVRTAeVIIegrr3/L8mnCBnfog
o6PMH0snD+KkrZMKj9LWj8W8SbryOz3YsRE9hJb0LskzxNjQ
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:58:09 2025 by rpki-client