Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
File: 699ed05f-92ce-48c3-8186-6564a7373323.roa (raw, json)
Hash identifier: KOIQq+5ogVCuoieBarlz1Vo+RAeS+OaSDpXBv56WpwQ=
Subject key identifier: F2:88:D6:EB:72:1E:12:11:ED:8C:62:E3:F5:4D:56:99:57:EF:E6:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B067A7C5579914CEB3A90FC140DF50A6B7FA216
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
Signing time: Mon 16 Jun 2025 19:40:11 +0000
ROA not before: Mon 16 Jun 2025 19:40:11 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:06:7a:7c:55:79:91:4c:eb:3a:90:fc:14:0d:f5:0a:6b:7f:a2:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:40:11 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=a90dbdbba9876739de48767732f9d288eb647301c65f335374d4494eb37ac7fd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:07:84:18:7b:19:69:10:fe:3d:f7:25:6d:f9:
c6:ea:41:f9:7a:5e:41:be:06:2c:0c:fc:26:48:f2:
54:28:d0:43:ff:4e:48:32:34:9b:73:b3:05:1a:ab:
1b:6c:f3:97:68:b5:d2:90:51:88:95:be:e2:a0:e3:
2d:39:28:46:06:56:58:35:9b:fa:30:4f:8d:d7:5f:
15:07:b4:5a:40:08:50:2a:58:04:ec:61:1c:b1:3d:
18:8e:c5:a2:d8:81:76:6a:43:e6:94:3f:6f:f7:0a:
c7:a9:43:0a:40:f8:2e:55:0e:f6:46:19:b8:c3:26:
8d:00:a8:f2:9c:13:4a:6b:06:1e:89:79:77:fe:99:
8b:69:50:6e:5c:92:50:82:c3:51:99:85:f4:4f:3d:
a7:29:63:6d:77:2b:40:16:d6:a9:66:57:96:be:28:
40:ee:52:ca:46:16:5c:3a:98:26:aa:6d:f2:b0:ee:
68:32:a8:5d:4a:0a:18:c2:4c:2e:18:15:1b:e1:08:
71:f9:09:89:78:56:d2:6c:f8:7b:92:8e:52:1a:1e:
d1:c5:34:8c:f7:d4:45:92:ee:e2:5a:eb:67:46:d1:
8c:55:90:19:e0:49:a7:47:3e:12:75:0e:f4:7f:f9:
f8:27:b2:db:70:4d:c5:a5:28:aa:dd:76:f6:0f:49:
e5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:88:D6:EB:72:1E:12:11:ED:8C:62:E3:F5:4D:56:99:57:EF:E6:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c040::/48
Signature Algorithm: sha256WithRSAEncryption
b0:f4:fe:64:30:b7:80:dd:5e:c4:fe:78:af:ba:d9:fe:1b:50:
c3:5b:aa:82:90:43:34:fe:a9:8b:0f:9e:b0:8a:11:ff:64:85:
c8:7e:61:3a:8d:e3:29:7c:22:13:18:72:03:fb:c3:a4:51:17:
a7:96:5e:24:94:5e:58:d9:02:3e:dc:e5:ee:4d:b8:09:65:d0:
59:3e:79:ff:2b:93:fd:94:53:13:dc:32:38:4f:08:32:8f:23:
9e:fb:c2:99:43:7b:70:47:f7:cd:68:05:38:8b:7a:fe:16:d1:
29:d8:df:79:39:58:b1:ac:1a:7d:65:4f:b0:f7:12:2b:5b:57:
7d:db:1c:53:4a:8f:49:72:24:97:a8:80:6d:69:2a:fb:87:f3:
b3:8f:97:22:56:5a:b1:51:8c:10:75:87:7a:65:86:ff:84:a3:
ba:fe:0e:1b:a7:4d:bf:ce:42:e2:bc:8e:60:7e:e1:ac:cd:a5:
fb:c9:52:cd:72:62:e3:80:56:32:68:48:c6:81:68:d3:58:b2:
83:b8:dd:43:7a:84:e0:d4:72:1d:88:13:f6:5b:97:02:b7:fe:
3e:ca:e3:c5:3b:11:b1:11:21:74:97:5a:3a:e9:34:c8:93:f0:
2c:e0:76:5a:20:9d:bc:14:2a:85:fa:8b:bf:8c:30:b3:c6:da:
4a:c4:34:4a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKwZ6fFV5kUzrOpD8FA31Cmt/ohYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTQwMTFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5MGRiZGJiYTk4NzY3MzlkZTQ4NzY3NzMyZjlkMjg4ZWI2NDczMDFjNjVm
MzM1Mzc0ZDQ0OTRlYjM3YWM3ZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJEHhBh7GWkQ/j33JW35xupB+XpeQb4GLAz8JkjyVCjQQ/9OSDI0m3OzBRqr
G2zzl2i10pBRiJW+4qDjLTkoRgZWWDWb+jBPjddfFQe0WkAIUCpYBOxhHLE9GI7F
otiBdmpD5pQ/b/cKx6lDCkD4LlUO9kYZuMMmjQCo8pwTSmsGHol5d/6Zi2lQblyS
UILDUZmF9E89pyljbXcrQBbWqWZXlr4oQO5SykYWXDqYJqpt8rDuaDKoXUoKGMJM
LhgVG+EIcfkJiXhW0mz4e5KOUhoe0cU0jPfURZLu4lrrZ0bRjFWQGeBJp0c+EnUO
9H/5+Cey23BNxaUoqt129g9J5TECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTyiNbr
ch4SEe2MYuP1TVaZV+/mjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njk5ZWQwNWYtOTJjZS00OGMzLTgxODYtNjU2NGE3MzczMzIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
QDANBgkqhkiG9w0BAQsFAAOCAQEAsPT+ZDC3gN1exP54r7rZ/htQw1uqgpBDNP6p
iw+esIoR/2SFyH5hOo3jKXwiExhyA/vDpFEXp5ZeJJReWNkCPtzl7k24CWXQWT55
/yuT/ZRTE9wyOE8IMo8jnvvCmUN7cEf3zWgFOIt6/hbRKdjfeTlYsawafWVPsPcS
K1tXfdscU0qPSXIkl6iAbWkq+4fzs4+XIlZasVGMEHWHemWG/4Sjuv4OG6dNv85C
4ryOYH7hrM2l+8lSzXJi44BWMmhIxoFo01iyg7jdQ3qE4NRyHYgT9luXArf+Psrj
xTsRsREhdJdaOuk0yJPwLOB2WiCdvBQqhfqLv4wws8baSsQ0Sg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:02:53 2025 by rpki-client