Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/944adc0b-c1b8-474a-8753-f9751b6122ff.roa
File: 944adc0b-c1b8-474a-8753-f9751b6122ff.roa (raw, json)
Hash identifier: lDrFsp/tKvdmF0VLJzevOO9WmLwRcc8JTtVFzkklwm4=
Subject key identifier: DD:AF:17:99:3E:2A:93:5D:79:0D:4C:99:86:E9:93:6A:22:16:93:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F006CEDF5648859F143F25BA136EA6542413689
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/944adc0b-c1b8-474a-8753-f9751b6122ff.roa
Signing time: Mon 16 Jun 2025 20:41:26 +0000
ROA not before: Mon 16 Jun 2025 20:41:26 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:8020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:00:6c:ed:f5:64:88:59:f1:43:f2:5b:a1:36:ea:65:42:41:36:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:41:26 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=cfa4371c385ef53ae5dcc4b42294ab254959a309f9ba33ecc057e0ba35ef6b47, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9c:f9:ca:f8:46:47:8a:b5:ae:b0:5a:43:ba:
30:ff:da:66:89:d4:ae:cc:7a:7d:7b:5c:af:ce:bb:
54:bc:1b:97:f8:26:36:64:05:f8:41:c0:96:8f:65:
c4:c5:a7:be:15:6f:b9:3b:29:c9:dc:8b:f3:c9:b3:
64:38:d3:6e:e7:36:67:75:6e:26:4c:6d:62:c1:00:
a5:08:cb:7e:50:3b:fe:7d:8c:03:12:97:19:d4:2b:
d3:60:45:55:0f:a7:64:47:99:4e:ee:8f:31:50:8c:
9b:bd:0d:70:3f:fb:33:92:7c:76:c9:a6:ad:42:78:
41:9b:8a:16:08:ff:eb:c6:31:35:a8:43:12:97:65:
ff:f1:f3:35:8f:06:42:68:1a:05:b8:a1:11:e1:ac:
da:6c:64:25:3b:0e:65:a6:4f:20:26:9a:da:f0:85:
6d:31:ee:37:40:0b:35:25:7a:90:31:04:f9:37:53:
bb:57:65:79:bd:5c:a1:fd:8b:24:33:af:23:db:87:
f7:f9:a1:d3:0f:43:45:c3:55:a4:13:9b:d8:27:db:
c0:46:7d:2f:74:c4:61:7b:0b:36:d6:f7:30:e0:7a:
92:0e:57:18:83:99:60:f2:5b:28:4a:e1:a6:32:e2:
8c:a6:a9:ab:3a:0f:d9:97:85:16:6b:c5:4f:b7:8d:
c4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:AF:17:99:3E:2A:93:5D:79:0D:4C:99:86:E9:93:6A:22:16:93:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/944adc0b-c1b8-474a-8753-f9751b6122ff.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:8020::/46
Signature Algorithm: sha256WithRSAEncryption
a0:42:c5:63:47:4d:0b:8c:a6:4f:5e:20:15:ee:53:2d:e8:66:
39:5c:0c:f7:24:9a:7a:9a:4c:a6:07:61:96:58:ac:ad:88:c4:
92:db:db:ff:ac:22:fd:05:b0:59:c0:f2:a1:71:6c:d7:2d:87:
f1:e8:eb:d1:d2:fa:19:8d:ca:3b:be:30:80:5d:40:79:a3:82:
b3:b2:7b:8a:ab:e1:3d:c5:ae:df:fc:bb:26:b1:d1:58:74:ab:
12:53:bd:22:42:f9:e3:01:f7:8e:50:d6:1b:cb:22:10:c4:c1:
3f:b5:d4:3d:8b:1e:3a:8c:84:4b:fb:47:77:ea:aa:29:6b:f9:
f1:56:64:7a:55:d9:6e:80:2e:e9:83:e1:1d:3f:ad:e6:5f:d4:
89:bc:f4:ea:57:11:66:b9:ba:9d:d2:9d:bf:2a:06:e3:44:93:
ee:86:5b:a0:db:0f:ab:ea:0d:d5:5c:3b:58:24:4c:b6:54:27:
e5:5c:3f:a4:24:b7:59:5b:77:12:08:1d:f6:bb:08:b0:61:e5:
04:e0:77:d0:fa:a7:0d:2a:9d:8c:5b:ff:60:62:71:8b:55:f8:
f4:21:ca:7f:d1:a8:e5:13:6f:c5:c9:52:0a:4e:58:3c:bc:3c:
92:23:68:ac:a1:af:7a:b8:53:24:20:d3:28:50:76:19:e3:4a:
f1:4e:5d:52
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbwBs7fVkiFnxQ/JboTbqZUJBNokwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDQxMjZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmYTQzNzFjMzg1ZWY1M2FlNWRjYzRiNDIyOTRhYjI1NDk1OWEzMDlmOWJh
MzNlY2MwNTdlMGJhMzVlZjZiNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGc+cr4RkeKta6wWkO6MP/aZonUrsx6fXtcr867VLwbl/gmNmQF+EHAlo9l
xMWnvhVvuTspydyL88mzZDjTbuc2Z3VuJkxtYsEApQjLflA7/n2MAxKXGdQr02BF
VQ+nZEeZTu6PMVCMm70NcD/7M5J8dsmmrUJ4QZuKFgj/68YxNahDEpdl//HzNY8G
QmgaBbihEeGs2mxkJTsOZaZPICaa2vCFbTHuN0ALNSV6kDEE+TdTu1dleb1cof2L
JDOvI9uH9/mh0w9DRcNVpBOb2CfbwEZ9L3TEYXsLNtb3MOB6kg5XGIOZYPJbKErh
pjLijKapqzoP2ZeFFmvFT7eNxAUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTdrxeZ
PiqTXXkNTJmG6ZNqIhaTkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTQ0YWRjMGItYzFiOC00NzRhLTg3NTMtZjk3NTFiNjEyMmZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HuA
IDANBgkqhkiG9w0BAQsFAAOCAQEAoELFY0dNC4ymT14gFe5TLehmOVwM9ySaeppM
pgdhllisrYjEktvb/6wi/QWwWcDyoXFs1y2H8ejr0dL6GY3KO74wgF1AeaOCs7J7
iqvhPcWu3/y7JrHRWHSrElO9IkL54wH3jlDWG8siEMTBP7XUPYseOoyES/tHd+qq
KWv58VZkelXZboAu6YPhHT+t5l/Uibz06lcRZrm6ndKdvyoG40ST7oZboNsPq+oN
1Vw7WCRMtlQn5Vw/pCS3WVt3Eggd9rsIsGHlBOB30PqnDSqdjFv/YGJxi1X49CHK
f9Go5RNvxclSCk5YPLw8kiNorKGverhTJCDTKFB2GeNK8U5dUg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:29 2025 by rpki-client