Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
File: 55ba2d71-c4db-41f1-a648-b39b354abfa6.roa (raw, json)
Hash identifier: Tf6NA+eQxvKLU280btTp8q/QWvKwUNzUX081Drm04+Q=
Subject key identifier: EA:1D:06:EC:47:66:53:66:25:B4:5D:FB:A5:A9:C3:30:37:F7:15:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E0D01207693182880946F18CC488B62146F079F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
Signing time: Mon 16 Jun 2025 21:10:53 +0000
ROA not before: Mon 16 Jun 2025 21:10:53 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:0d:01:20:76:93:18:28:80:94:6f:18:cc:48:8b:62:14:6f:07:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:10:53 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=b867d875a37ddcbaaedd35ab2028f7ecd3a47215c6ef8d3703ac56e3da6e7a3e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:cd:86:8e:07:a0:32:64:c8:aa:0d:7f:fb:39:
02:63:1a:19:c5:45:b7:11:ed:29:47:dc:73:54:5f:
a4:f8:f9:d2:8e:d0:2f:60:cb:04:3c:ac:da:b4:09:
e0:51:88:23:d2:36:75:75:fd:fb:53:75:8f:51:51:
53:cf:28:39:f4:5f:51:05:e9:a1:d7:79:d9:67:b5:
44:26:f2:39:08:44:bc:54:f8:db:b6:4b:c1:11:31:
1a:18:e6:32:6e:4e:54:91:75:f2:bd:e1:ba:61:e4:
e9:51:e2:9d:a9:df:7e:80:34:a5:89:64:50:87:20:
33:45:e3:32:31:0b:31:05:2c:e0:b8:03:ce:b4:65:
4f:03:89:f0:25:f7:08:cb:7f:12:2c:b5:0e:ad:cf:
e7:1e:c6:3d:c9:55:df:9e:54:0b:db:17:6e:56:a7:
a3:5f:72:b4:45:71:cc:b8:b7:53:35:6f:95:fe:e7:
9a:cc:47:34:9d:2b:d7:4f:2c:9d:c1:69:e9:07:01:
f1:0b:af:34:0f:97:b6:1d:b5:d1:4c:a8:1c:05:2f:
9a:6d:42:dc:1c:9b:30:7d:de:c1:e7:c7:c8:13:62:
8a:ca:53:0c:15:17:fc:e7:d5:40:47:a3:69:56:49:
5e:9b:98:b9:a1:09:80:2e:a3:ca:47:fe:c0:48:f4:
37:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:1D:06:EC:47:66:53:66:25:B4:5D:FB:A5:A9:C3:30:37:F7:15:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:8000::/40
Signature Algorithm: sha256WithRSAEncryption
1f:ee:63:68:85:a1:61:e1:e4:fa:d7:40:59:2b:a9:1a:05:2a:
bc:67:b8:e5:d3:01:82:6f:54:1f:64:ad:cd:e2:96:fe:b6:86:
5d:14:63:f9:32:1e:c0:ea:49:86:ad:a1:dc:b7:ec:96:b1:b4:
15:89:23:25:b5:cf:03:2a:d4:1a:03:14:6d:c2:57:ec:64:b2:
7f:41:47:90:f2:43:fa:4e:db:7c:2f:7a:ca:ba:90:96:8e:2e:
dd:fd:c6:d5:64:4b:8b:46:f8:60:65:df:19:5c:74:80:70:7d:
d7:05:56:fb:15:92:49:06:44:e6:63:17:d8:aa:31:c1:11:d4:
1a:2d:f9:81:63:e6:57:20:7f:92:35:22:20:1b:81:95:f3:33:
1f:33:ac:b2:c5:ba:6d:ba:4b:0a:07:e0:59:98:8d:ac:3c:4e:
9b:c9:6d:aa:54:1b:9e:4b:6a:13:42:1a:05:d4:42:1d:b1:85:
29:69:91:72:09:63:73:79:18:28:57:29:4e:82:db:b9:6c:fc:
41:71:6f:2b:28:35:19:05:37:fc:74:8d:39:2b:d6:53:46:2a:
39:4a:26:87:04:fc:44:09:13:8d:80:df:c4:25:15:1a:61:a9:
0a:ed:60:99:14:d9:93:ae:a0:2f:27:42:64:3c:f6:7a:c0:12:
7c:ef:00:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHg0BIHaTGCiAlG8YzEiLYhRvB58wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTEwNTNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4NjdkODc1YTM3ZGRjYmFhZWRkMzVhYjIwMjhmN2VjZDNhNDcyMTVjNmVm
OGQzNzAzYWM1NmUzZGE2ZTdhM2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJTNho4HoDJkyKoNf/s5AmMaGcVFtxHtKUfcc1RfpPj50o7QL2DLBDys2rQJ
4FGII9I2dXX9+1N1j1FRU88oOfRfUQXpodd52We1RCbyOQhEvFT427ZLwRExGhjm
Mm5OVJF18r3humHk6VHinanffoA0pYlkUIcgM0XjMjELMQUs4LgDzrRlTwOJ8CX3
CMt/Eiy1Dq3P5x7GPclV355UC9sXblano19ytEVxzLi3UzVvlf7nmsxHNJ0r108s
ncFp6QcB8QuvNA+Xth210UyoHAUvmm1C3BybMH3ewefHyBNiispTDBUX/OfVQEej
aVZJXpuYuaEJgC6jykf+wEj0N3ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTqHQbs
R2ZTZiW0XfulqcMwN/cVqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTViYTJkNzEtYzRkYi00MWYxLWE2NDgtYjM5YjM1NGFiZmE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FiA
MA0GCSqGSIb3DQEBCwUAA4IBAQAf7mNohaFh4eT610BZK6kaBSq8Z7jl0wGCb1Qf
ZK3N4pb+toZdFGP5Mh7A6kmGraHct+yWsbQViSMltc8DKtQaAxRtwlfsZLJ/QUeQ
8kP6Ttt8L3rKupCWji7d/cbVZEuLRvhgZd8ZXHSAcH3XBVb7FZJJBkTmYxfYqjHB
EdQaLfmBY+ZXIH+SNSIgG4GV8zMfM6yyxbptuksKB+BZmI2sPE6byW2qVBueS2oT
QhoF1EIdsYUpaZFyCWNzeRgoVylOgtu5bPxBcW8rKDUZBTf8dI05K9ZTRio5SiaH
BPxECRONgN/EJRUaYakK7WCZFNmTrqAvJ0JkPPZ6wBJ87wDQ
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:48:57 2025 by rpki-client