Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa
File: b8a24699-2493-4e45-8227-bd2ec32f88ab.roa (raw, json)
Hash identifier: 2uCuwV9r3Wy2x3034+3ThaNiiporb4MQEFTcj4yfg+4=
Subject key identifier: 1A:CC:25:A6:79:37:C2:7A:68:67:70:8F:D1:09:C6:51:76:6C:41:EE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77FA2E887BE355DDD063F68B2330F0097C0921B0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa
Signing time: Mon 16 Jun 2025 20:20:48 +0000
ROA not before: Mon 16 Jun 2025 20:20:48 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:fa:2e:88:7b:e3:55:dd:d0:63:f6:8b:23:30:f0:09:7c:09:21:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:20:48 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=4625d03182680fd03a5f1f1eef5d61c3360e6a2d8163b5a58df97f9d9abf52f4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1c:21:33:c2:42:da:c8:95:6a:f5:12:b0:ce:
ea:05:ff:3f:78:82:44:59:64:42:df:48:48:65:e2:
d6:ad:48:9e:b6:fb:a6:fd:1e:df:1d:cc:d5:0d:5f:
00:d8:6b:d0:c9:5a:7e:b0:2e:11:b1:43:5d:96:07:
73:c5:14:ec:96:e2:39:b8:9b:e9:23:ba:f0:ef:25:
32:11:13:0f:90:d1:98:fb:c4:84:63:4a:0b:bb:00:
bc:bb:3a:f7:d5:66:8d:f1:9b:94:a6:8c:af:90:04:
67:03:f8:8e:9d:21:c3:ff:9b:49:25:3e:9c:89:cf:
89:e0:02:0b:04:d0:cb:ab:7e:24:60:b5:a2:ef:70:
df:b7:60:3d:cf:d2:63:38:92:08:2b:5c:54:9a:5b:
f4:7b:48:f5:df:dd:a0:34:dc:9c:2b:73:25:c9:1a:
f2:e5:61:47:31:c8:be:2f:e2:85:ed:16:fc:d8:b2:
5c:e1:8f:b4:d2:ee:f6:6c:53:11:41:79:a6:d0:26:
61:16:70:4d:aa:03:77:ea:59:20:21:58:c7:15:c4:
0d:89:5b:0d:40:56:fe:2e:6f:43:aa:f1:b4:10:1c:
99:99:ca:9f:39:ce:fb:ab:7f:fe:d6:50:ac:00:78:
7d:a4:0f:5a:59:f6:8a:0b:03:f1:7f:82:a1:e0:5b:
a7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:CC:25:A6:79:37:C2:7A:68:67:70:8F:D1:09:C6:51:76:6C:41:EE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
1a:02:45:e4:e9:5e:eb:a4:e6:18:c4:0c:d3:49:68:67:de:26:
7d:df:7b:de:01:51:e4:94:e0:b2:39:68:c7:3b:ce:ed:f5:94:
6d:33:a2:d0:3a:0e:43:3d:31:a7:00:c8:17:04:b1:c9:d2:3f:
0a:57:ae:f1:03:c4:1f:45:0f:5c:dc:eb:40:f1:0f:7b:f4:46:
9d:48:42:bb:28:c0:af:c1:56:9c:41:15:38:f1:fd:f0:79:4f:
66:c2:99:88:89:48:79:34:96:b8:56:aa:e5:9a:e3:42:96:98:
13:dc:fd:ce:cc:5b:ee:9c:fa:a9:b7:6c:e0:6f:bc:ab:15:c0:
13:ef:7d:de:9d:c8:6f:f4:db:e6:95:65:d6:5e:47:25:6c:64:
cd:e8:e6:be:cf:08:d7:60:75:0c:6e:4d:c5:b8:3d:68:96:9f:
17:ba:93:a0:a1:f4:2c:73:95:d4:38:44:58:8c:90:c7:12:14:
59:0e:6b:0e:bb:f3:78:09:ed:27:b5:48:9b:8e:8e:3f:38:1f:
ea:09:10:e9:ef:aa:87:8b:5b:ce:22:05:e9:19:38:36:c8:77:
b1:36:c1:bf:37:b6:69:2f:13:2c:ef:c2:09:51:84:c3:5e:90:
c9:4e:01:d5:fa:40:bc:6a:8f:8c:51:71:f9:65:cd:57:98:08:
d9:ab:00:8d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUd/ouiHvjVd3QY/aLIzDwCXwJIbAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIwNDhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2MjVkMDMxODI2ODBmZDAzYTVmMWYxZWVmNWQ2MWMzMzYwZTZhMmQ4MTYz
YjVhNThkZjk3ZjlkOWFiZjUyZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkcITPCQtrIlWr1ErDO6gX/P3iCRFlkQt9ISGXi1q1Inrb7pv0e3x3M1Q1f
ANhr0MlafrAuEbFDXZYHc8UU7JbiObib6SO68O8lMhETD5DRmPvEhGNKC7sAvLs6
99VmjfGblKaMr5AEZwP4jp0hw/+bSSU+nInPieACCwTQy6t+JGC1ou9w37dgPc/S
YziSCCtcVJpb9HtI9d/doDTcnCtzJcka8uVhRzHIvi/ihe0W/NiyXOGPtNLu9mxT
EUF5ptAmYRZwTaoDd+pZICFYxxXEDYlbDUBW/i5vQ6rxtBAcmZnKnznO+6t//tZQ
rAB4faQPWln2igsD8X+CoeBbpykCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQazCWm
eTfCemhncI/RCcZRdmxB7jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjhhMjQ2OTktMjQ5My00ZTQ1LTgyMjctYmQyZWMzMmY4OGFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
wDANBgkqhkiG9w0BAQsFAAOCAQEAGgJF5Ole66TmGMQM00loZ94mfd973gFR5JTg
sjloxzvO7fWUbTOi0DoOQz0xpwDIFwSxydI/Cleu8QPEH0UPXNzrQPEPe/RGnUhC
uyjAr8FWnEEVOPH98HlPZsKZiIlIeTSWuFaq5ZrjQpaYE9z9zsxb7pz6qbds4G+8
qxXAE+993p3Ib/Tb5pVl1l5HJWxkzejmvs8I12B1DG5Nxbg9aJafF7qToKH0LHOV
1DhEWIyQxxIUWQ5rDrvzeAntJ7VIm46OPzgf6gkQ6e+qh4tbziIF6Rk4Nsh3sTbB
vze2aS8TLO/CCVGEw16QyU4B1fpAvGqPjFFx+WXNV5gI2asAjQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:28 2025 by rpki-client