Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee98048-5141-4b16-8b8c-269a397f53ce.roa
File: 6ee98048-5141-4b16-8b8c-269a397f53ce.roa (raw, json)
Hash identifier: LBEYRC7F4buvykI/UTkMxnVEpwVK7Dffp6bQcVueX1U=
Subject key identifier: 18:39:F2:CC:F3:45:F8:60:0A:A1:77:91:6A:4A:DD:27:05:F9:77:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7EBC0BB3624251CFC184C11E9D6DA6BC959CD42D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee98048-5141-4b16-8b8c-269a397f53ce.roa
Signing time: Mon 16 Jun 2025 20:00:07 +0000
ROA not before: Mon 16 Jun 2025 20:00:07 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:bc:0b:b3:62:42:51:cf:c1:84:c1:1e:9d:6d:a6:bc:95:9c:d4:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:07 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=c1812a244efea8d6aae6d85fed80ba2d8efc8a632388a9a0c83564bbe5886e65, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8f:bb:df:c5:b2:4c:15:a3:5b:2f:77:49:12:
de:04:26:66:11:56:7e:17:69:1c:23:29:89:34:20:
8e:12:dc:a6:59:d9:2d:be:d3:68:d5:9a:e4:ef:a1:
a7:e9:4d:8e:e8:06:5b:3e:47:dc:2b:36:cb:fa:89:
61:43:a2:fb:b8:94:0e:15:f2:04:e1:cc:1a:91:0c:
36:c0:26:8a:21:69:87:ff:8e:33:24:bb:52:c4:63:
1d:9f:4d:a4:58:2a:b2:84:fd:ef:40:5a:5e:95:88:
53:8d:ed:fc:e8:81:02:7a:3b:6d:8a:9e:db:32:42:
a0:d7:47:ce:e6:fb:f9:6d:e9:80:82:ba:84:e4:3a:
b0:f0:a2:3a:8a:cb:53:26:24:ac:af:17:6c:65:b3:
a6:14:39:36:b8:5d:15:7f:28:bf:37:32:c8:c5:87:
a4:44:e3:2f:6e:f4:cc:71:bf:1c:e3:ea:9a:d0:01:
c8:c8:22:0c:34:18:41:ea:41:96:7b:2e:a8:a9:4e:
c4:c6:09:e0:47:7e:f9:44:92:80:0b:0e:dd:0a:33:
9d:55:c0:3e:e3:14:37:57:98:86:4f:c8:af:2c:b9:
94:8a:14:a1:24:3f:60:99:d9:40:2e:6d:67:f6:ec:
88:23:b8:b3:5f:e0:c6:12:b7:cf:fd:74:98:89:ca:
7c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:39:F2:CC:F3:45:F8:60:0A:A1:77:91:6A:4A:DD:27:05:F9:77:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ee98048-5141-4b16-8b8c-269a397f53ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4080::/48
Signature Algorithm: sha256WithRSAEncryption
1a:8c:f4:6e:7c:d5:3c:8c:9d:d0:39:5d:0b:15:3f:c4:1d:1d:
3c:7b:d4:28:6a:43:d6:25:fd:81:c5:f3:b1:ff:ea:55:3a:01:
fc:27:28:3b:4c:54:87:2f:e6:3b:0c:70:e7:1e:01:f9:2c:78:
38:79:6c:2c:1e:fc:f2:ff:b2:fe:04:69:af:3e:57:73:6b:69:
8f:2d:07:22:0b:01:80:a7:b0:90:ff:1d:e0:e5:52:d4:7d:5e:
e2:3c:cc:c1:af:00:c8:a4:7f:e1:2e:9e:b5:79:4e:44:6e:e9:
b6:ce:20:33:bc:36:9d:cb:93:c9:f6:cc:4f:71:dc:d3:9f:77:
b4:59:7f:b4:70:c7:0f:fb:3b:48:14:75:4a:af:2c:51:52:6d:
e3:40:25:63:8a:d8:c2:34:03:8e:f3:34:e4:05:45:e4:b1:06:
25:81:c3:cf:cb:f7:c2:9c:38:df:ad:1e:2a:f8:e3:d7:b8:e0:
d7:f4:be:73:14:cf:57:d2:91:79:16:cd:08:10:a7:a7:64:fe:
a7:da:73:d5:56:f6:34:ea:78:eb:80:bc:23:93:73:7c:e6:d7:
d3:c8:1e:4c:5c:9d:5c:4e:c8:69:52:88:cc:09:e9:24:de:56:
dc:f9:da:28:2f:eb:01:95:fb:80:e8:b5:b9:54:be:ba:d2:95:
bc:96:51:85
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfrwLs2JCUc/BhMEenW2mvJWc1C0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwMDdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxODEyYTI0NGVmZWE4ZDZhYWU2ZDg1ZmVkODBiYTJkOGVmYzhhNjMyMzg4
YTlhMGM4MzU2NGJiZTU4ODZlNjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaPu9/FskwVo1svd0kS3gQmZhFWfhdpHCMpiTQgjhLcplnZLb7TaNWa5O+h
p+lNjugGWz5H3Cs2y/qJYUOi+7iUDhXyBOHMGpEMNsAmiiFph/+OMyS7UsRjHZ9N
pFgqsoT970BaXpWIU43t/OiBAno7bYqe2zJCoNdHzub7+W3pgIK6hOQ6sPCiOorL
UyYkrK8XbGWzphQ5NrhdFX8ovzcyyMWHpETjL270zHG/HOPqmtAByMgiDDQYQepB
lnsuqKlOxMYJ4Ed++USSgAsO3QoznVXAPuMUN1eYhk/Iryy5lIoUoSQ/YJnZQC5t
Z/bsiCO4s1/gxhK3z/10mInKfIECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQYOfLM
80X4YAqhd5FqSt0nBfl3IjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmVlOTgwNDgtNTE0MS00YjE2LThiOGMtMjY5YTM5N2Y1M2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
gDANBgkqhkiG9w0BAQsFAAOCAQEAGoz0bnzVPIyd0DldCxU/xB0dPHvUKGpD1iX9
gcXzsf/qVToB/CcoO0xUhy/mOwxw5x4B+Sx4OHlsLB788v+y/gRprz5Xc2tpjy0H
IgsBgKewkP8d4OVS1H1e4jzMwa8AyKR/4S6etXlORG7pts4gM7w2ncuTyfbMT3Hc
0593tFl/tHDHD/s7SBR1Sq8sUVJt40AlY4rYwjQDjvM05AVF5LEGJYHDz8v3wpw4
360eKvjj17jg1/S+cxTPV9KReRbNCBCnp2T+p9pz1Vb2NOp464C8I5NzfObX08ge
TFydXE7IaVKIzAnpJN5W3PnaKC/rAZX7gOi1uVS+utKVvJZRhQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:54 2025 by rpki-client