Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
File: b0fb422a-c1ce-4269-b503-2c8145fc798a.roa (raw, json)
Hash identifier: voTsHQtcDIvb5mNpuPyljj70wTAOCAu6/qwZIqilN6w=
Subject key identifier: EE:66:18:03:8A:B0:96:DA:A1:70:34:22:32:23:8C:07:70:68:C6:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1EAD207323EC6EDA237AB8352144018452590CF1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
Signing time: Mon 16 Jun 2025 20:21:15 +0000
ROA not before: Mon 16 Jun 2025 20:21:15 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:ad:20:73:23:ec:6e:da:23:7a:b8:35:21:44:01:84:52:59:0c:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:21:15 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=c6b98cd3d313cd23bca8d1c6dc4e0c4e9a83f433caae8db109bfbc1711f24ba0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f5:d5:8d:19:1c:10:45:ed:ea:ce:5c:95:06:
8f:5e:a2:e8:3b:67:1e:df:7c:69:5e:ac:d9:9a:16:
71:8f:91:aa:da:1c:a6:eb:d3:0a:97:49:6a:a1:cf:
e0:c6:0a:f6:cd:7d:99:c3:8a:17:bd:29:02:6e:18:
69:15:8e:02:44:e4:c6:40:5c:88:a4:d7:5c:25:32:
47:44:8f:6e:74:11:d1:c2:c0:c7:fc:fc:4c:ee:ce:
59:3f:74:f2:c2:ea:5c:22:a7:2d:5b:82:c7:87:73:
3e:fb:fb:03:9c:0c:4b:6d:7a:71:d0:0d:91:0d:53:
8e:6e:db:c5:24:ea:75:e6:cd:16:dd:f7:0b:75:6f:
20:ff:81:72:03:88:5a:68:cd:62:c4:b8:ca:a8:aa:
5c:51:01:43:49:59:2c:22:c2:7f:3b:cf:5f:d4:31:
b3:ad:7a:ff:ba:18:ad:e9:c2:54:be:8e:4c:7c:45:
4f:32:c4:36:f2:4c:f5:f8:16:9d:64:66:73:f3:ce:
5a:d7:d2:5e:63:d3:d9:9a:63:98:73:cf:55:8a:9d:
d1:84:7b:ff:0e:5c:3d:16:f3:00:06:19:74:32:26:
a9:b7:be:19:0c:8d:c2:d6:79:00:8e:29:7b:2f:51:
fc:34:f9:92:1f:e5:21:58:bd:4d:9a:bd:71:62:75:
aa:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:66:18:03:8A:B0:96:DA:A1:70:34:22:32:23:8C:07:70:68:C6:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a020::/48
Signature Algorithm: sha256WithRSAEncryption
30:01:a4:11:28:89:ff:56:e6:7e:cb:08:aa:b4:09:87:e8:09:
92:e6:d6:64:58:d4:b8:12:a7:94:7e:a7:2d:53:0b:ef:a7:b0:
ac:69:88:79:27:dd:78:1b:77:51:ee:76:60:55:bb:cb:3f:81:
e1:4d:95:06:7d:69:dd:31:54:26:37:1a:78:9a:19:52:78:22:
b7:56:21:02:92:cf:35:c5:3a:87:c1:52:2d:c6:d9:73:a5:35:
72:2c:50:de:5c:48:da:d0:cb:e9:34:c3:41:f0:42:c0:14:8c:
a1:55:62:93:1c:e7:76:26:a6:fd:b5:ee:c0:30:05:d5:db:92:
77:40:67:c4:27:c0:6e:54:83:5d:a7:c2:7e:12:0a:0d:ad:f1:
79:bb:d9:b7:81:33:ee:02:90:9e:50:38:c9:f8:67:51:01:23:
ef:2c:34:9a:f5:4c:e0:54:89:2b:95:94:86:c2:a3:50:66:52:
85:be:c3:c5:37:9e:a0:8d:2d:61:98:90:5f:0e:3e:67:57:c7:
ae:83:01:a4:0f:bd:9d:90:a7:d4:41:0a:75:94:18:b2:fe:02:
9c:f0:92:ae:d2:4e:ec:e3:f4:16:7d:db:32:54:3e:c8:64:3e:
71:42:5a:39:a0:07:69:f7:05:b5:4c:cd:39:dd:b7:28:c6:ac:
94:8e:58:fd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHq0gcyPsbtojerg1IUQBhFJZDPEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIxMTVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2Yjk4Y2QzZDMxM2NkMjNiY2E4ZDFjNmRjNGUwYzRlOWE4M2Y0MzNjYWFl
OGRiMTA5YmZiYzE3MTFmMjRiYTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIf11Y0ZHBBF7erOXJUGj16i6DtnHt98aV6s2ZoWcY+RqtocpuvTCpdJaqHP
4MYK9s19mcOKF70pAm4YaRWOAkTkxkBciKTXXCUyR0SPbnQR0cLAx/z8TO7OWT90
8sLqXCKnLVuCx4dzPvv7A5wMS216cdANkQ1Tjm7bxSTqdebNFt33C3VvIP+BcgOI
WmjNYsS4yqiqXFEBQ0lZLCLCfzvPX9Qxs616/7oYrenCVL6OTHxFTzLENvJM9fgW
nWRmc/POWtfSXmPT2ZpjmHPPVYqd0YR7/w5cPRbzAAYZdDImqbe+GQyNwtZ5AI4p
ey9R/DT5kh/lIVi9TZq9cWJ1qhECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTuZhgD
irCW2qFwNCIyI4wHcGjGnTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjBmYjQyMmEtYzFjZS00MjY5LWI1MDMtMmM4MTQ1ZmM3OThhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
IDANBgkqhkiG9w0BAQsFAAOCAQEAMAGkESiJ/1bmfssIqrQJh+gJkubWZFjUuBKn
lH6nLVML76ewrGmIeSfdeBt3Ue52YFW7yz+B4U2VBn1p3TFUJjcaeJoZUngit1Yh
ApLPNcU6h8FSLcbZc6U1cixQ3lxI2tDL6TTDQfBCwBSMoVVikxzndiam/bXuwDAF
1duSd0BnxCfAblSDXafCfhIKDa3xebvZt4Ez7gKQnlA4yfhnUQEj7yw0mvVM4FSJ
K5WUhsKjUGZShb7DxTeeoI0tYZiQXw4+Z1fHroMBpA+9nZCn1EEKdZQYsv4CnPCS
rtJO7OP0Fn3bMlQ+yGQ+cUJaOaAHafcFtUzNOd23KMaslI5Y/Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:58:09 2025 by rpki-client