Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6d14d01-1a1b-448e-bb4a-73279a06c540.roa
File: a6d14d01-1a1b-448e-bb4a-73279a06c540.roa (raw, json)
Hash identifier: 9JdC4vbt1A3Y9TUJhDjBjN18ff/J66u1lf4NiBGogns=
Subject key identifier: B2:1A:5D:78:17:9C:67:7B:F5:91:59:0E:BF:C4:2C:10:53:C2:EB:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6FCD18BC5327B8D96AD80AF626AD66E976FB6727
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6d14d01-1a1b-448e-bb4a-73279a06c540.roa
Signing time: Mon 16 Jun 2025 19:50:16 +0000
ROA not before: Mon 16 Jun 2025 19:50:16 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:cd:18:bc:53:27:b8:d9:6a:d8:0a:f6:26:ad:66:e9:76:fb:67:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:50:16 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=c4f0f7c414c25bce48b6eb617ee6efba543597ea96888bc7a5d2e7c4cc33e409, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f1:2a:6f:0a:4b:87:67:95:4e:c8:a5:21:83:
25:f1:16:37:9b:fb:ad:26:27:4a:43:da:73:7c:81:
5e:72:5d:8b:51:b3:07:5c:f4:d1:f5:66:d3:db:ba:
de:89:63:7d:ab:52:ec:6f:8f:a9:47:ba:e1:74:db:
b0:61:99:0d:24:d3:d6:cc:d9:84:0b:2a:75:c1:0e:
3e:45:28:ce:0c:84:b8:bd:3a:68:85:69:25:14:2f:
f3:d7:d9:2b:0d:ba:9e:85:be:79:92:04:f7:d2:ff:
20:8e:e8:a4:90:e1:a4:9d:7c:6b:8b:8a:67:c8:e1:
20:98:34:f4:66:8b:30:ac:63:af:b4:9d:f8:67:e3:
39:53:2d:07:67:f3:68:b1:35:14:3d:86:20:f1:b8:
db:e8:e8:35:0a:04:3e:75:a3:d0:08:2b:de:e2:0d:
e5:0f:3a:8a:74:1f:5e:d3:77:8d:48:7f:29:cc:b9:
ce:f0:fd:68:36:e1:f1:16:e8:ba:60:b4:06:fd:f4:
be:75:7d:a8:78:8b:9b:68:7b:99:5d:46:f0:7a:1d:
70:86:36:f9:47:77:e0:37:27:cc:0f:05:e7:c0:78:
b0:83:a2:a2:44:f0:de:60:a3:31:d8:5e:0b:3e:64:
1e:dd:92:ee:b2:97:eb:3d:82:35:63:4f:c6:e9:d0:
19:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:1A:5D:78:17:9C:67:7B:F5:91:59:0E:BF:C4:2C:10:53:C2:EB:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6d14d01-1a1b-448e-bb4a-73279a06c540.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:5040::/48
Signature Algorithm: sha256WithRSAEncryption
48:67:97:25:b0:76:7b:0c:e2:d1:15:d9:20:9f:8e:77:14:23:
1c:f8:df:6e:4b:78:ce:08:2d:ad:e5:53:e6:a4:cd:90:70:c1:
ea:58:bd:95:04:7e:db:66:57:2f:8c:ab:f4:0f:14:c5:02:c3:
e2:2b:8f:e7:53:4a:9c:9a:15:fb:1d:b3:3d:e4:28:39:98:b5:
b0:82:34:38:9e:25:fb:fe:b2:3f:56:ac:4f:c7:a7:14:83:58:
bf:a0:24:4b:65:6b:21:d8:54:6e:07:71:2b:d4:cc:0e:b6:62:
fc:9e:a1:6b:b9:a2:50:a3:f0:65:c0:4e:c7:1b:7d:56:d5:f8:
0f:8f:a7:aa:b5:81:55:89:15:a3:82:1d:ea:76:1a:2b:c2:24:
9d:f5:32:8f:65:ab:04:87:74:c4:a5:e5:f0:b6:04:39:58:32:
96:0d:09:85:f6:c1:a4:46:ca:d2:f4:56:31:54:22:49:51:30:
a4:b9:94:7c:2b:ae:76:f6:a5:32:1a:52:13:51:87:7d:bf:b0:
76:ec:01:fb:1e:34:18:29:db:a3:88:59:e1:2a:ca:b6:fc:21:
b6:1b:20:d2:c5:93:d3:86:a2:e7:90:dd:d0:d1:19:14:34:b8:
44:51:98:ab:b8:3f:70:3e:56:54:ba:c7:fa:97:2a:b3:e2:f1:
48:5b:14:9e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUb80YvFMnuNlq2Ar2Jq1m6Xb7ZycwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUwMTZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0ZjBmN2M0MTRjMjViY2U0OGI2ZWI2MTdlZTZlZmJhNTQzNTk3ZWE5Njg4
OGJjN2E1ZDJlN2M0Y2MzM2U0MDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjxKm8KS4dnlU7IpSGDJfEWN5v7rSYnSkPac3yBXnJdi1GzB1z00fVm09u6
3oljfatS7G+PqUe64XTbsGGZDSTT1szZhAsqdcEOPkUozgyEuL06aIVpJRQv89fZ
Kw26noW+eZIE99L/II7opJDhpJ18a4uKZ8jhIJg09GaLMKxjr7Sd+GfjOVMtB2fz
aLE1FD2GIPG42+joNQoEPnWj0Agr3uIN5Q86inQfXtN3jUh/Kcy5zvD9aDbh8Rbo
umC0Bv30vnV9qHiLm2h7mV1G8HodcIY2+Ud34DcnzA8F58B4sIOiokTw3mCjMdhe
Cz5kHt2S7rKX6z2CNWNPxunQGSECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSyGl14
F5xne/WRWQ6/xCwQU8Lr4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZkMTRkMDEtMWExYi00NDhlLWJiNGEtNzMyNzlhMDZjNTQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJQ
QDANBgkqhkiG9w0BAQsFAAOCAQEASGeXJbB2ewzi0RXZIJ+OdxQjHPjfbkt4zggt
reVT5qTNkHDB6li9lQR+22ZXL4yr9A8UxQLD4iuP51NKnJoV+x2zPeQoOZi1sII0
OJ4l+/6yP1asT8enFINYv6AkS2VrIdhUbgdxK9TMDrZi/J6ha7miUKPwZcBOxxt9
VtX4D4+nqrWBVYkVo4Id6nYaK8IknfUyj2WrBId0xKXl8LYEOVgylg0JhfbBpEbK
0vRWMVQiSVEwpLmUfCuudvalMhpSE1GHfb+wduwB+x40GCnbo4hZ4SrKtvwhthsg
0sWT04ai55Dd0NEZFDS4RFGYq7g/cD5WVLrH+pcqs+LxSFsUng==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:29:00 2025 by rpki-client