Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/730c632c-0510-4eef-8649-b29c7a1d089b.roa
File: 730c632c-0510-4eef-8649-b29c7a1d089b.roa (raw, json)
Hash identifier: TU7NIn95+UhCgM5jc766eWoC+3/shs+0lQ0/47bhrFw=
Subject key identifier: EE:BC:1A:45:FF:DF:0C:62:81:2D:F4:75:81:F6:BB:34:A7:56:07:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69E3BF9234F32781537E2087BCBA26EB89007B16
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/730c632c-0510-4eef-8649-b29c7a1d089b.roa
Signing time: Mon 16 Jun 2025 19:41:08 +0000
ROA not before: Mon 16 Jun 2025 19:41:08 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:e3:bf:92:34:f3:27:81:53:7e:20:87:bc:ba:26:eb:89:00:7b:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:41:08 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=6b3ee4339a459bf2fe2623db46bf224328bd9178eb8da7cfdbc1c6674451310d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2a:b2:c9:3b:1e:44:3b:fe:62:61:cc:a6:22:
be:a5:44:1d:9a:a9:e0:75:2b:e8:a8:f8:51:ac:52:
c5:30:fb:1b:33:ea:2c:7e:30:7a:2b:43:21:f7:de:
f6:6f:7a:33:2a:9e:f5:b5:9a:3f:c7:de:d2:3b:c1:
01:8e:d2:48:4d:66:1c:9d:05:28:ad:dc:d8:30:0d:
65:c0:40:34:da:e7:8f:05:e4:38:a1:8d:68:71:bd:
80:3a:a2:7a:6d:20:04:f9:ce:18:ea:38:d2:90:6c:
1e:46:33:b6:c7:06:17:26:dc:55:91:ae:e6:89:a3:
2d:1e:79:71:8f:3c:a7:82:8c:c7:cc:3f:5d:f1:59:
7e:9f:4b:40:a9:9c:90:22:6b:b0:f0:6f:0c:b3:2a:
0a:b2:26:6a:4d:d7:89:66:dc:f5:5a:fc:10:1c:06:
12:fa:20:29:a3:a8:c2:05:2f:5c:15:bb:1d:65:fa:
91:d0:0f:c5:d6:0c:c3:6d:ad:02:02:6b:33:56:49:
f0:8c:d2:41:0c:47:ba:eb:c3:5b:4c:3b:98:c9:e7:
bc:0b:16:b1:ae:52:69:41:57:00:dd:9d:18:28:50:
22:09:92:2a:ef:2f:30:68:15:7f:62:be:13:8a:b0:
14:b1:c6:eb:76:af:65:49:5c:c9:6e:28:1f:4e:50:
51:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:BC:1A:45:FF:DF:0C:62:81:2D:F4:75:81:F6:BB:34:A7:56:07:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/730c632c-0510-4eef-8649-b29c7a1d089b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:2040::/48
Signature Algorithm: sha256WithRSAEncryption
35:fb:e9:47:81:71:ca:b0:6a:16:0b:aa:09:fe:0c:1a:fb:72:
3b:fd:11:4e:6a:78:b2:3b:b8:99:34:db:79:36:8c:0f:44:74:
f2:1b:b9:1c:8f:b7:53:20:f2:0e:09:6e:0a:86:47:a2:f8:64:
03:22:ea:4e:c3:f5:dc:7b:cd:2e:04:6a:9a:7f:89:81:c9:b8:
15:78:2f:c8:11:73:b8:3b:d1:40:92:77:e3:be:e2:b8:61:77:
4b:1b:c2:5c:34:39:4f:bd:f3:dc:90:98:03:2f:8e:9d:7b:2f:
26:e3:93:ae:c2:06:c7:cb:2a:37:b4:59:88:a6:aa:d5:d2:47:
45:94:36:0f:db:3f:8c:ae:df:0c:c1:55:6d:14:26:4f:1a:8b:
69:4d:28:64:19:65:9f:17:7b:c6:93:18:ee:36:15:0a:80:13:
0b:87:81:17:a9:97:59:92:4f:a8:9c:37:ed:ab:a1:b6:a3:55:
4d:cc:dc:e8:b8:6a:77:b4:2c:9d:a4:31:1e:00:d2:90:a6:55:
52:a1:a0:c8:5c:67:d4:8b:78:b9:0d:06:29:eb:0a:a8:41:d9:
6a:a5:be:d4:49:37:fa:27:f6:bd:db:30:9b:22:67:3d:c7:db:
56:dd:61:1f:78:bc:e3:8a:f1:c2:5b:6e:ea:91:a9:ce:1e:2b:
32:6b:48:9b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaeO/kjTzJ4FTfiCHvLom64kAexYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTQxMDhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiM2VlNDMzOWE0NTliZjJmZTI2MjNkYjQ2YmYyMjQzMjhiZDkxNzhlYjhk
YTdjZmRiYzFjNjY3NDQ1MTMxMGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUqssk7HkQ7/mJhzKYivqVEHZqp4HUr6Kj4UaxSxTD7GzPqLH4weitDIffe
9m96Myqe9bWaP8fe0jvBAY7SSE1mHJ0FKK3c2DANZcBANNrnjwXkOKGNaHG9gDqi
em0gBPnOGOo40pBsHkYztscGFybcVZGu5omjLR55cY88p4KMx8w/XfFZfp9LQKmc
kCJrsPBvDLMqCrImak3XiWbc9Vr8EBwGEvogKaOowgUvXBW7HWX6kdAPxdYMw22t
AgJrM1ZJ8IzSQQxHuuvDW0w7mMnnvAsWsa5SaUFXAN2dGChQIgmSKu8vMGgVf2K+
E4qwFLHG63avZUlcyW4oH05QUfMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTuvBpF
/98MYoEt9HWB9rs0p1YHATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzMwYzYzMmMtMDUxMC00ZWVmLTg2NDktYjI5YzdhMWQwODliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEg
QDANBgkqhkiG9w0BAQsFAAOCAQEANfvpR4FxyrBqFguqCf4MGvtyO/0RTmp4sju4
mTTbeTaMD0R08hu5HI+3UyDyDgluCoZHovhkAyLqTsP13HvNLgRqmn+Jgcm4FXgv
yBFzuDvRQJJ3477iuGF3SxvCXDQ5T73z3JCYAy+OnXsvJuOTrsIGx8sqN7RZiKaq
1dJHRZQ2D9s/jK7fDMFVbRQmTxqLaU0oZBllnxd7xpMY7jYVCoATC4eBF6mXWZJP
qJw37auhtqNVTczc6Lhqd7QsnaQxHgDSkKZVUqGgyFxn1It4uQ0GKesKqEHZaqW+
1Ek3+if2vdswmyJnPcfbVt1hH3i844rxwltu6pGpzh4rMmtImw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:39 2025 by rpki-client