Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73488a43-875c-415a-9969-c278b245b9fb.roa
File: 73488a43-875c-415a-9969-c278b245b9fb.roa (raw, json)
Hash identifier: qp4u7RYtKebF1FmsE7ZHUcd3b/iowu5QW7Kox+2+9SU=
Subject key identifier: 89:2D:47:CA:F3:B7:63:CD:42:D5:02:5A:72:CC:16:C4:03:BC:EB:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06146B5B5C7317050AF3466C8AB3A1AE205F68B4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73488a43-875c-415a-9969-c278b245b9fb.roa
Signing time: Mon 16 Jun 2025 20:20:19 +0000
ROA not before: Mon 16 Jun 2025 20:20:19 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:14:6b:5b:5c:73:17:05:0a:f3:46:6c:8a:b3:a1:ae:20:5f:68:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:20:19 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=0dd79fbe11bfec72864d43b3d775a0cd742e111cb221cb248161d2a2c453f8ac, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b0:55:e2:d9:d3:63:c7:50:ca:28:d4:df:d7:
27:9c:8c:34:48:6b:d7:df:34:ea:bd:c5:ac:ba:2b:
a1:cc:84:c3:ae:9e:2d:58:13:e2:35:61:e9:ca:f2:
3d:7c:eb:5f:4e:70:a5:a0:bb:6c:cf:25:4f:71:0f:
b9:60:d4:20:5b:8d:ff:5f:5b:51:8a:a7:5f:da:3a:
a8:2a:72:ca:05:ea:e0:be:56:d7:b5:32:b2:b5:79:
c8:33:d8:df:49:01:30:3a:bf:83:69:01:00:6f:46:
1c:39:6c:8c:35:d2:43:d1:52:d8:87:c4:f9:d3:96:
ec:db:d3:72:49:46:32:aa:20:4f:bb:03:3c:2a:ee:
b9:08:d4:60:64:fe:38:e6:f2:e9:65:fe:6f:95:3f:
14:3e:64:a9:c6:4d:2d:4d:2e:75:af:f8:ab:f5:06:
87:a5:93:75:c5:db:b7:36:88:aa:bb:db:f7:73:8c:
14:0c:9c:58:2e:10:03:85:73:ec:67:40:f2:6b:0c:
0f:03:39:8b:e4:89:1a:22:6b:89:e1:14:91:57:74:
f6:7c:6d:ee:8a:b7:e0:cd:c5:98:10:8f:fd:b5:78:
7b:07:64:f8:ae:0c:e8:18:4a:8b:a9:db:9b:56:79:
4e:26:3f:09:bf:a3:23:3a:48:78:5e:6a:b9:e9:dd:
73:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:2D:47:CA:F3:B7:63:CD:42:D5:02:5A:72:CC:16:C4:03:BC:EB:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73488a43-875c-415a-9969-c278b245b9fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e080::/48
Signature Algorithm: sha256WithRSAEncryption
b3:e2:01:c7:99:75:8a:af:07:6e:92:98:73:13:43:6b:4d:aa:
97:cf:f0:e9:aa:1e:e3:bd:a1:6b:11:1a:30:46:8f:87:51:3e:
0a:6b:3d:23:03:54:e8:a5:92:36:32:18:1f:b4:e5:4c:d9:39:
ba:29:8a:33:f6:05:2a:fd:1f:6d:d1:b8:d3:e8:a0:ea:0f:8a:
6a:4b:ef:f3:a0:f2:dd:67:a9:0c:2b:45:1d:42:dc:bd:a3:05:
17:a1:78:a6:99:98:6b:b3:e8:4a:33:9d:51:af:db:fa:5a:cf:
fb:42:bb:46:2e:fa:49:f8:e0:24:bc:42:43:2d:c3:8c:12:3d:
f0:f7:4d:35:ae:88:58:2c:22:77:57:04:8c:0a:01:0f:2b:b0:
13:0a:69:50:ad:00:f5:91:4a:89:8b:3f:cc:34:5e:cd:5c:17:
df:aa:c8:71:3a:da:99:3e:f0:8c:0b:e2:48:02:9a:a6:66:b1:
8b:08:a1:1a:51:1c:38:26:6a:61:d1:5a:00:f7:17:f0:57:d3:
40:79:46:22:59:88:74:f3:9d:37:f6:0c:f3:66:42:f0:f0:e5:
29:d9:3c:cf:ca:bd:58:b3:4c:ee:90:1e:ad:7e:3d:11:ce:32:
f4:b7:49:df:1b:21:a1:26:dd:e1:f4:7e:81:48:ad:93:02:7e:
99:b7:ae:94
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBhRrW1xzFwUK80ZsirOhriBfaLQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIwMTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkZDc5ZmJlMTFiZmVjNzI4NjRkNDNiM2Q3NzVhMGNkNzQyZTExMWNiMjIx
Y2IyNDgxNjFkMmEyYzQ1M2Y4YWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2wVeLZ02PHUMoo1N/XJ5yMNEhr19806r3FrLorocyEw66eLVgT4jVh6cry
PXzrX05wpaC7bM8lT3EPuWDUIFuN/19bUYqnX9o6qCpyygXq4L5W17UysrV5yDPY
30kBMDq/g2kBAG9GHDlsjDXSQ9FS2IfE+dOW7NvTcklGMqogT7sDPCruuQjUYGT+
OOby6WX+b5U/FD5kqcZNLU0uda/4q/UGh6WTdcXbtzaIqrvb93OMFAycWC4QA4Vz
7GdA8msMDwM5i+SJGiJrieEUkVd09nxt7oq34M3FmBCP/bV4ewdk+K4M6BhKi6nb
m1Z5TiY/Cb+jIzpIeF5quendc+kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSJLUfK
87djzULVAlpyzBbEA7zrrDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM0ODhhNDMtODc1Yy00MTVhLTk5NjktYzI3OGIyNDViOWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
gDANBgkqhkiG9w0BAQsFAAOCAQEAs+IBx5l1iq8HbpKYcxNDa02ql8/w6aoe472h
axEaMEaPh1E+Cms9IwNU6KWSNjIYH7TlTNk5uimKM/YFKv0fbdG40+ig6g+Kakvv
86Dy3WepDCtFHULcvaMFF6F4ppmYa7PoSjOdUa/b+lrP+0K7Ri76SfjgJLxCQy3D
jBI98PdNNa6IWCwid1cEjAoBDyuwEwppUK0A9ZFKiYs/zDRezVwX36rIcTramT7w
jAviSAKapmaxiwihGlEcOCZqYdFaAPcX8FfTQHlGIlmIdPOdN/YM82ZC8PDlKdk8
z8q9WLNM7pAerX49Ec4y9LdJ3xshoSbd4fR+gUitkwJ+mbeulA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:26 2025 by rpki-client