Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa
File: 68ece0e7-075e-4bcd-873e-0c74882a8546.roa (raw, json)
Hash identifier: jl9nz316LIGFTPAE8o72jcicXOrJ6elTBl0C7aOBRBA=
Subject key identifier: 38:DF:B3:7C:F4:6C:46:ED:95:96:5D:FF:1B:77:33:EB:52:DC:EB:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10B817436F9F355AE4FA58BD35D6EBB1BB697E12
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa
Signing time: Mon 16 Jun 2025 20:21:13 +0000
ROA not before: Mon 16 Jun 2025 20:21:13 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:b8:17:43:6f:9f:35:5a:e4:fa:58:bd:35:d6:eb:b1:bb:69:7e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:21:13 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=640c5f6f86a08c64504dc7fb0456697010c6876791a0d6be97a21fcf62667a4e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:67:6e:77:3e:04:c9:68:fe:a3:4d:25:87:71:
bb:49:1c:3d:3f:1c:2e:4d:c6:74:86:6c:f5:7e:2e:
59:02:53:f0:0a:ef:9b:cf:24:f5:3f:85:a7:c4:0e:
9a:37:eb:ef:50:86:d2:1e:dd:f7:90:05:fe:6b:7d:
7a:9f:b6:e1:2d:73:e6:45:87:a2:d1:3d:1e:60:a4:
06:a6:d6:0a:9b:87:1c:2f:c0:24:50:93:0c:01:99:
13:0c:bd:4c:95:55:34:93:25:42:96:4e:94:f5:df:
c7:1d:a6:fb:32:6f:43:2e:37:bc:91:0a:0c:e6:fc:
86:84:66:c2:2a:18:3d:81:6c:17:8c:52:29:4a:28:
4a:59:72:c4:3b:d6:9e:5b:20:ff:97:27:32:3b:73:
60:95:13:10:76:22:e1:62:d8:1b:b0:6e:9d:47:0a:
0e:a5:16:28:cd:98:ef:a7:29:73:43:f9:1f:df:61:
a3:0b:e9:b4:3d:82:4b:3c:02:d4:05:6c:f2:7f:02:
57:a4:47:c7:73:fa:17:e8:25:38:ca:b1:e3:de:38:
e4:ca:bf:03:be:45:81:4d:38:5e:5a:7b:60:17:5b:
37:ba:e0:75:97:ac:73:d7:23:21:5a:97:08:8d:06:
74:22:ac:d2:bf:91:95:6a:50:fd:cf:c2:6d:7a:88:
6f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:DF:B3:7C:F4:6C:46:ED:95:96:5D:FF:1B:77:33:EB:52:DC:EB:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8080::/48
Signature Algorithm: sha256WithRSAEncryption
22:88:3f:e8:91:d0:f9:d4:73:93:42:97:50:dc:1e:56:9b:62:
74:24:ff:84:30:4f:1c:77:f3:80:48:b3:8e:cc:5a:9c:99:35:
38:0b:6f:de:12:99:bf:a4:75:55:5e:ef:fb:60:96:98:ee:99:
12:72:72:5a:6b:39:2c:65:b9:2e:d1:48:6f:dd:24:b3:d0:87:
ca:1b:98:cd:da:0d:e9:ee:24:f3:7e:70:82:96:10:0d:16:c3:
1d:8e:b7:a5:2b:c2:90:a9:ec:05:f5:9c:a5:49:bd:19:dd:bd:
e9:0c:e3:31:3d:4d:40:0f:26:11:e0:a8:1c:8e:8b:1c:f6:f9:
3b:4e:7b:16:e4:47:20:ee:6b:ed:29:95:59:03:d6:1d:ee:0c:
f7:a0:55:0c:8d:0a:7a:fe:c6:5f:36:89:91:a1:c7:ea:34:67:
61:b2:fb:5b:ad:b7:fd:d7:34:7a:34:a9:8d:86:be:55:9c:31:
b1:90:91:fd:53:c2:c7:9b:b0:fb:2d:44:93:27:23:59:89:48:
fa:ae:57:9d:8a:08:ea:cb:a9:e4:f1:3b:5f:23:66:ac:b9:44:
16:fd:70:30:96:d4:1e:da:aa:87:ce:14:85:1b:b5:f7:12:4e:
f0:de:e7:70:84:1f:de:57:d1:45:1a:0e:3b:4f:f9:ba:49:e8:
5d:f9:50:d5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUELgXQ2+fNVrk+li9NdbrsbtpfhIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIxMTNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0MGM1ZjZmODZhMDhjNjQ1MDRkYzdmYjA0NTY2OTcwMTBjNjg3Njc5MWEw
ZDZiZTk3YTIxZmNmNjI2NjdhNGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1nbnc+BMlo/qNNJYdxu0kcPT8cLk3GdIZs9X4uWQJT8Arvm88k9T+Fp8QO
mjfr71CG0h7d95AF/mt9ep+24S1z5kWHotE9HmCkBqbWCpuHHC/AJFCTDAGZEwy9
TJVVNJMlQpZOlPXfxx2m+zJvQy43vJEKDOb8hoRmwioYPYFsF4xSKUooSllyxDvW
nlsg/5cnMjtzYJUTEHYi4WLYG7BunUcKDqUWKM2Y76cpc0P5H99howvptD2CSzwC
1AVs8n8CV6RHx3P6F+glOMqx49445Mq/A75FgU04Xlp7YBdbN7rgdZesc9cjIVqX
CI0GdCKs0r+RlWpQ/c/CbXqIbxsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ437N8
9GxG7ZWWXf8bdzPrUtzrAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhlY2UwZTctMDc1ZS00YmNkLTg3M2UtMGM3NDg4MmE4NTQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
gDANBgkqhkiG9w0BAQsFAAOCAQEAIog/6JHQ+dRzk0KXUNweVptidCT/hDBPHHfz
gEizjsxanJk1OAtv3hKZv6R1VV7v+2CWmO6ZEnJyWms5LGW5LtFIb90ks9CHyhuY
zdoN6e4k835wgpYQDRbDHY63pSvCkKnsBfWcpUm9Gd296QzjMT1NQA8mEeCoHI6L
HPb5O057FuRHIO5r7SmVWQPWHe4M96BVDI0Kev7GXzaJkaHH6jRnYbL7W623/dc0
ejSpjYa+VZwxsZCR/VPCx5uw+y1EkycjWYlI+q5XnYoI6sup5PE7XyNmrLlEFv1w
MJbUHtqqh84UhRu19xJO8N7ncIQf3lfRRRoOO0/5uknoXflQ1Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:10 2025 by rpki-client