Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6ca14a4-0087-442a-b673-75cc23375cdf.roa
File: a6ca14a4-0087-442a-b673-75cc23375cdf.roa (raw, json)
Hash identifier: iqzXRqtL8nDcxiV9c9cz+MbF2cj+tVE1jBk+h9wka8I=
Subject key identifier: 1C:7B:A3:46:8F:58:EE:31:A5:6A:59:15:8E:20:49:8F:A6:14:FA:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2827BE3F9E2AA8DD03EF999A9D38AE34335993AC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6ca14a4-0087-442a-b673-75cc23375cdf.roa
Signing time: Mon 16 Jun 2025 20:41:24 +0000
ROA not before: Mon 16 Jun 2025 20:41:24 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:9080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:27:be:3f:9e:2a:a8:dd:03:ef:99:9a:9d:38:ae:34:33:59:93:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:41:24 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=7f09db741c149b55494be431b631d440d93b4ad5e1d30e294c1631a6e77a565e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:c1:6c:52:69:1e:ec:4c:18:5e:e3:e7:58:33:
e2:6c:2c:a0:94:cb:47:a0:f8:ef:6b:ce:bb:a5:64:
45:6d:e4:15:94:45:15:3e:51:3c:57:fe:ec:b7:e1:
a4:50:e2:61:e8:5d:e7:e3:69:ed:d9:26:80:c8:0b:
a3:97:76:79:8a:80:15:b9:05:2c:f7:92:a6:42:9c:
89:23:93:1a:50:f7:0d:20:bc:6c:93:11:db:7a:dd:
a7:7d:6c:48:b4:0b:a9:30:13:86:78:9a:7a:24:db:
9d:8c:5b:5b:79:ef:18:b1:8b:66:de:68:17:1e:9e:
c6:9a:7e:a9:04:61:27:50:e4:88:40:de:06:f0:71:
2e:d9:66:eb:3d:5c:f9:4f:3e:33:61:12:d6:55:30:
8d:8c:c7:95:d6:b8:8d:16:c7:7a:c5:ca:d7:f0:76:
c0:f2:b8:ac:24:37:39:37:59:30:af:44:77:3c:24:
ed:ea:c9:28:cf:bc:fe:f4:81:ba:7d:5f:1a:6a:e4:
53:f4:e2:be:b0:b3:b0:fe:c2:7a:93:66:24:b2:05:
53:d9:0e:f3:e8:86:1f:1c:8a:1a:23:f7:81:4d:1d:
4e:b6:35:87:16:39:21:7b:a2:6d:a3:30:5c:d6:93:
20:3e:3f:7d:2d:83:f8:4b:fb:57:3d:c0:b4:b1:c8:
55:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:7B:A3:46:8F:58:EE:31:A5:6A:59:15:8E:20:49:8F:A6:14:FA:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6ca14a4-0087-442a-b673-75cc23375cdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:9080::/46
Signature Algorithm: sha256WithRSAEncryption
87:1f:f2:74:21:a2:49:b3:ec:15:c8:e6:a3:84:cc:d9:3b:3a:
30:bc:63:9d:ff:59:9c:24:24:79:1a:01:f0:52:e5:ba:9c:30:
e7:e5:63:75:68:c0:37:f8:ff:e8:5c:35:83:f3:67:a1:fa:84:
17:14:dc:a6:81:bf:fb:48:28:19:66:26:00:14:b9:d7:30:a3:
6d:62:ee:09:b8:3c:61:8c:94:0f:f6:7c:6b:40:eb:c6:04:56:
9c:94:b4:1b:ad:ca:bd:d1:b3:57:2e:7f:d8:5d:cc:54:68:f8:
aa:f4:70:7d:2d:d4:08:ac:a3:6a:71:75:10:3f:f2:cd:a5:85:
5f:bb:73:6a:9a:7f:6e:99:5a:c3:63:d5:98:3c:3c:09:c3:fc:
33:34:e7:91:4a:59:65:2c:21:bc:bf:2f:c2:aa:3c:a6:7b:6f:
f1:49:60:c0:56:ee:58:cb:6d:d4:a4:b3:be:d7:36:e2:3e:f3:
ce:e5:17:f2:4d:96:e0:ea:e9:31:6d:54:08:4f:22:d8:0b:33:
5f:26:43:4d:80:cb:63:1a:3e:c4:b5:a9:d8:34:00:d7:98:6a:
db:72:76:bc:1d:cc:9f:2d:0d:c8:12:0a:9d:e9:7c:1a:72:5e:
0a:ad:68:76:00:b5:1b:7d:83:f8:75:66:51:45:8b:c0:3e:ed:
e0:b4:96:c4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKCe+P54qqN0D75manTiuNDNZk6wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDQxMjRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmMDlkYjc0MWMxNDliNTU0OTRiZTQzMWI2MzFkNDQwZDkzYjRhZDVlMWQz
MGUyOTRjMTYzMWE2ZTc3YTU2NWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAP3BbFJpHuxMGF7j51gz4mwsoJTLR6D472vOu6VkRW3kFZRFFT5RPFf+7Lfh
pFDiYehd5+Np7dkmgMgLo5d2eYqAFbkFLPeSpkKciSOTGlD3DSC8bJMR23rdp31s
SLQLqTAThniaeiTbnYxbW3nvGLGLZt5oFx6expp+qQRhJ1DkiEDeBvBxLtlm6z1c
+U8+M2ES1lUwjYzHlda4jRbHesXK1/B2wPK4rCQ3OTdZMK9Edzwk7erJKM+8/vSB
un1fGmrkU/TivrCzsP7CepNmJLIFU9kO8+iGHxyKGiP3gU0dTrY1hxY5IXuibaMw
XNaTID4/fS2D+Ev7Vz3AtLHIVYsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQce6NG
j1juMaVqWRWOIEmPphT6xDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZjYTE0YTQtMDA4Ny00NDJhLWI2NzMtNzVjYzIzMzc1Y2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAhx/ydCGiSbPsFcjmo4TM2Ts6MLxjnf9ZnCQk
eRoB8FLlupww5+VjdWjAN/j/6Fw1g/NnofqEFxTcpoG/+0goGWYmABS51zCjbWLu
Cbg8YYyUD/Z8a0DrxgRWnJS0G63KvdGzVy5/2F3MVGj4qvRwfS3UCKyjanF1ED/y
zaWFX7tzapp/bplaw2PVmDw8CcP8MzTnkUpZZSwhvL8vwqo8pntv8UlgwFbuWMtt
1KSzvtc24j7zzuUX8k2W4OrpMW1UCE8i2AszXyZDTYDLYxo+xLWp2DQA15hq23J2
vB3Mny0NyBIKnel8GnJeCq1odgC1G32D+HVmUUWLwD7t4LSWxA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:07:57 2025 by rpki-client