Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
File: b7d242ad-482b-4700-888a-b677a178a4bf.roa (raw, json)
Hash identifier: Eighchpuk3uLzymNKY1ErnxSskU47Au9372GRo4w+pM=
Subject key identifier: FD:02:E3:93:3D:64:85:12:8D:FA:8D:D3:9A:DF:30:AD:FC:7B:81:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13C4B76CD527C82D345D298BDE9DB0D5FF2D7EEF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
Signing time: Mon 16 Jun 2025 20:10:59 +0000
ROA not before: Mon 16 Jun 2025 20:10:59 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:c4:b7:6c:d5:27:c8:2d:34:5d:29:8b:de:9d:b0:d5:ff:2d:7e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:10:59 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=ddbfb8483d94433d21362b5b205425c2bd19246cc4dc812a6d90656becc09b9c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bd:ac:c9:e6:76:16:91:5d:09:27:8f:0c:52:
7d:85:93:a1:ad:c9:75:7b:12:7b:e7:9c:fe:44:10:
77:e7:e6:f6:aa:37:71:6e:58:ee:36:8b:e0:f5:c1:
9a:73:08:ce:ad:c3:e8:ef:95:ad:78:7e:11:12:fc:
6f:78:ae:b5:b4:83:21:f9:6a:26:da:aa:b2:da:67:
38:fa:7e:6c:b3:1d:65:2d:13:a0:9a:1a:7c:0a:93:
fe:64:11:a7:12:ba:4d:24:c7:4e:47:c1:4a:4c:b6:
13:78:25:1b:23:09:dd:58:37:5e:e6:45:68:64:16:
c5:7b:85:09:8f:9f:29:1c:5d:f4:b6:06:24:a9:80:
24:64:b2:82:ae:04:ea:4d:33:3d:18:71:4f:f6:a6:
ff:fe:0a:f6:e1:5a:ab:50:18:c0:98:86:3a:fc:7a:
69:75:a1:76:53:23:f3:2f:7f:2b:00:09:ac:a3:9c:
92:9c:88:49:55:01:da:05:a4:25:89:95:54:24:36:
e3:79:a3:de:d6:d2:9c:8e:d3:4e:ba:a4:17:42:00:
6d:d2:8b:a0:eb:14:39:89:d3:19:ba:ee:6b:cb:6d:
34:d4:6e:2b:34:ee:7f:af:85:fd:27:e4:21:71:f5:
e3:e7:d6:e7:98:8c:7e:f8:68:63:22:e7:30:5e:b2:
b2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:02:E3:93:3D:64:85:12:8D:FA:8D:D3:9A:DF:30:AD:FC:7B:81:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6080::/48
Signature Algorithm: sha256WithRSAEncryption
2c:cd:76:04:c1:40:5b:5d:ca:ac:59:a5:80:06:62:fc:21:c2:
2a:1c:72:54:18:74:8d:1e:6d:99:1f:a6:df:6c:c3:ad:46:19:
fc:d0:e4:5b:40:f9:85:24:b3:54:a5:37:9c:62:32:90:97:e1:
b7:fd:b5:5e:72:c5:61:93:a9:f5:23:8d:29:6e:7d:ec:4b:6d:
03:58:ff:4d:56:17:72:05:7c:98:d8:f2:f1:80:65:7e:2c:61:
ef:1b:5f:6e:22:5e:5b:c9:68:a8:a1:45:67:0b:6a:73:cd:7f:
f6:cd:d1:e5:64:fb:d5:2a:4e:74:b7:7c:30:30:cc:60:48:f3:
5e:72:9f:cf:ca:38:73:a7:6f:76:c9:e1:1d:8b:47:1c:f3:f5:
b2:d3:84:ed:a9:a5:7f:c7:22:62:e3:51:7f:2d:17:23:88:88:
93:26:a8:c4:6d:9a:2c:02:5b:56:41:70:1f:ab:19:f5:98:55:
a6:f1:ef:0f:21:4a:d8:13:5a:05:1b:c2:4a:44:0e:c2:75:c8:
60:2e:73:5f:27:1c:8e:17:66:39:98:56:02:12:e5:f9:44:fd:
fd:32:6e:04:6a:59:54:3e:71:8e:c3:58:8c:de:8a:00:5f:04:
41:24:a8:43:7e:a2:13:84:58:37:46:43:7f:cb:23:3b:e5:dd:
2a:5a:87:e6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUE8S3bNUnyC00XSmL3p2w1f8tfu8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDEwNTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkYmZiODQ4M2Q5NDQzM2QyMTM2MmI1YjIwNTQyNWMyYmQxOTI0NmNjNGRj
ODEyYTZkOTA2NTZiZWNjMDliOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL29rMnmdhaRXQknjwxSfYWToa3JdXsSe+ec/kQQd+fm9qo3cW5Y7jaL4PXB
mnMIzq3D6O+VrXh+ERL8b3iutbSDIflqJtqqstpnOPp+bLMdZS0ToJoafAqT/mQR
pxK6TSTHTkfBSky2E3glGyMJ3Vg3XuZFaGQWxXuFCY+fKRxd9LYGJKmAJGSygq4E
6k0zPRhxT/am//4K9uFaq1AYwJiGOvx6aXWhdlMj8y9/KwAJrKOckpyISVUB2gWk
JYmVVCQ243mj3tbSnI7TTrqkF0IAbdKLoOsUOYnTGbrua8ttNNRuKzTuf6+F/Sfk
IXH14+fW55iMfvhoYyLnMF6ystsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT9AuOT
PWSFEo36jdOa3zCt/HuBXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjdkMjQyYWQtNDgyYi00NzAwLTg4OGEtYjY3N2ExNzhhNGJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJg
gDANBgkqhkiG9w0BAQsFAAOCAQEALM12BMFAW13KrFmlgAZi/CHCKhxyVBh0jR5t
mR+m32zDrUYZ/NDkW0D5hSSzVKU3nGIykJfht/21XnLFYZOp9SONKW597EttA1j/
TVYXcgV8mNjy8YBlfixh7xtfbiJeW8loqKFFZwtqc81/9s3R5WT71SpOdLd8MDDM
YEjzXnKfz8o4c6dvdsnhHYtHHPP1stOE7amlf8ciYuNRfy0XI4iIkyaoxG2aLAJb
VkFwH6sZ9ZhVpvHvDyFK2BNaBRvCSkQOwnXIYC5zXyccjhdmOZhWAhLl+UT9/TJu
BGpZVD5xjsNYjN6KAF8EQSSoQ36iE4RYN0ZDf8sjO+XdKlqH5g==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:52:33 2025 by rpki-client