Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
File: 76a60505-d74d-4741-a42e-97a09bb6b2a1.roa (raw, json)
Hash identifier: BEHXlbuDQ9B3r7k1OpOS94mjDxRlX5k5pH7D2Ymy5Hs=
Subject key identifier: 48:B9:87:BB:03:38:E9:10:50:C4:55:FB:BC:20:00:8F:DE:AF:52:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 18546D3314296607FA18F85712D1EB8FA4FF49BD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
Signing time: Mon 16 Jun 2025 20:10:03 +0000
ROA not before: Mon 16 Jun 2025 20:10:03 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:54:6d:33:14:29:66:07:fa:18:f8:57:12:d1:eb:8f:a4:ff:49:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:10:03 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=d65c8a4668cdc2ee83d186e7fc729d7a0e7d1c120386371b6a4c6f4e8997c7a0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:6c:c8:87:fa:ec:a9:ec:d2:77:87:27:b4:f2:
a2:e8:a3:00:3b:5d:b6:ab:1d:58:ac:5c:29:ac:72:
21:2f:26:8d:57:7d:60:b9:16:02:b4:8e:fb:8e:6c:
ac:36:0d:5b:c0:1f:9a:d7:4c:9d:02:74:f6:e5:9d:
dd:2f:c1:a1:4e:71:26:df:c1:2b:7d:e6:11:69:5a:
19:aa:98:5d:39:92:1c:10:a7:8a:ce:17:d0:9e:99:
91:6b:f7:38:9f:02:49:db:ba:78:97:0b:ef:7e:82:
a4:03:8c:e3:58:c9:07:5d:87:a5:5e:d2:fd:89:f4:
dd:53:e7:2c:96:c4:2a:8e:fe:77:cd:e7:17:37:ba:
8c:40:fe:8e:27:e9:b1:5c:f7:ed:c1:89:0f:2c:70:
2e:f0:25:70:b8:eb:d3:c8:03:42:fc:17:ad:d2:01:
c8:68:09:b3:ff:d7:25:99:19:70:2d:f1:5d:d0:83:
9e:93:bd:64:48:ab:6e:62:d4:a0:42:b4:d8:cb:c6:
91:4e:85:85:2d:aa:9d:02:95:3f:5a:91:20:2e:47:
e3:64:71:06:da:26:3e:23:97:21:b0:2d:fd:84:01:
5f:21:05:7f:af:1b:42:31:80:21:0d:81:e5:f1:b8:
98:3e:07:85:35:e8:c8:ba:49:bd:62:c4:92:eb:0d:
ef:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:B9:87:BB:03:38:E9:10:50:C4:55:FB:BC:20:00:8F:DE:AF:52:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8080::/48
Signature Algorithm: sha256WithRSAEncryption
b2:7f:98:7f:7a:89:40:cd:52:fc:6f:52:59:ab:74:1b:e4:69:
1c:37:35:59:5d:2e:7c:aa:11:a3:92:17:f0:9d:a0:41:67:6b:
ee:e6:a2:32:8b:e1:5b:33:70:04:48:23:57:d6:4a:df:48:27:
fb:fa:65:f7:6b:30:d8:e9:2c:0d:2d:25:d4:c1:39:e8:f8:eb:
1d:a4:61:ee:d8:e6:fa:aa:c2:61:21:ac:a8:01:b0:aa:ee:4d:
73:1b:0a:65:de:e9:29:80:31:ba:3e:8e:78:7b:42:94:e2:16:
e1:df:d6:d8:b7:39:eb:da:42:69:d4:f3:40:52:64:a4:71:0e:
4c:73:59:bb:a1:75:09:6b:67:82:e8:5a:9a:e8:13:73:3c:c1:
14:e7:5c:ba:fa:81:84:c5:35:6d:16:16:b8:94:4e:ef:c0:04:
22:22:70:74:52:14:13:16:fa:64:f2:a1:b5:93:22:2a:9d:9c:
85:e2:5f:19:0e:bf:4d:ec:0c:8c:3b:60:43:96:b1:1d:a7:d6:
d3:bf:ff:14:c7:b8:29:ee:35:b5:ea:e6:83:53:c8:87:35:7e:
8c:3e:a1:54:fb:a1:f1:eb:e8:fe:00:be:1b:54:e1:61:6f:f1:
64:d4:51:37:fc:97:d6:70:16:6b:36:3a:fd:76:bf:35:a4:39:
73:86:30:bd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGFRtMxQpZgf6GPhXEtHrj6T/Sb0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDEwMDNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2NWM4YTQ2NjhjZGMyZWU4M2QxODZlN2ZjNzI5ZDdhMGU3ZDFjMTIwMzg2
MzcxYjZhNGM2ZjRlODk5N2M3YTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN5syIf67Kns0neHJ7TyouijADtdtqsdWKxcKaxyIS8mjVd9YLkWArSO+45s
rDYNW8AfmtdMnQJ09uWd3S/BoU5xJt/BK33mEWlaGaqYXTmSHBCnis4X0J6ZkWv3
OJ8CSdu6eJcL736CpAOM41jJB12HpV7S/Yn03VPnLJbEKo7+d83nFze6jED+jifp
sVz37cGJDyxwLvAlcLjr08gDQvwXrdIByGgJs//XJZkZcC3xXdCDnpO9ZEirbmLU
oEK02MvGkU6FhS2qnQKVP1qRIC5H42RxBtomPiOXIbAt/YQBXyEFf68bQjGAIQ2B
5fG4mD4HhTXoyLpJvWLEkusN7zsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRIuYe7
AzjpEFDEVfu8IACP3q9SkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzZhNjA1MDUtZDc0ZC00NzQxLWE0MmUtOTdhMDliYjZiMmExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
gDANBgkqhkiG9w0BAQsFAAOCAQEAsn+Yf3qJQM1S/G9SWat0G+RpHDc1WV0ufKoR
o5IX8J2gQWdr7uaiMovhWzNwBEgjV9ZK30gn+/pl92sw2OksDS0l1ME56PjrHaRh
7tjm+qrCYSGsqAGwqu5NcxsKZd7pKYAxuj6OeHtClOIW4d/W2Lc569pCadTzQFJk
pHEOTHNZu6F1CWtnguhamugTczzBFOdcuvqBhMU1bRYWuJRO78AEIiJwdFIUExb6
ZPKhtZMiKp2cheJfGQ6/TewMjDtgQ5axHafW07//FMe4Ke41termg1PIhzV+jD6h
VPuh8evo/gC+G1ThYW/xZNRRN/yX1nAWazY6/Xa/NaQ5c4YwvQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:07 2025 by rpki-client