Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
File: bba6d1fd-8b29-4481-a568-7018abbd9103.roa (raw, json)
Hash identifier: Ef8+/vyiOsA3yJjD41BopPgKp2Df8uJcNpEcKGJZD6U=
Subject key identifier: 3C:5C:F7:BE:79:4B:04:C6:F1:49:38:F8:C3:92:9D:BD:CF:2B:97:6E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7912B9AFE685C59AF47B75E336723CF5A381FB91
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
Signing time: Mon 16 Jun 2025 20:20:15 +0000
ROA not before: Mon 16 Jun 2025 20:20:15 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:12:b9:af:e6:85:c5:9a:f4:7b:75:e3:36:72:3c:f5:a3:81:fb:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:20:15 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=978a996d7adaeace278b50bdb7aa93eda459ea626faf4df3bd7854f0294c124f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:df:d1:74:07:3a:6a:4d:b5:15:0c:10:c9:71:
54:32:d6:c0:ba:db:20:3f:88:c8:f4:fc:08:56:c7:
71:f9:32:29:40:d8:82:01:0c:9d:f7:df:23:d7:e8:
e9:8e:f7:55:fc:0b:e3:47:8b:08:02:dc:c7:01:3a:
07:a7:07:d3:d9:8b:78:26:30:fd:41:ff:1e:a2:94:
cd:a6:aa:cf:a7:3c:ac:01:a7:08:64:11:3b:fe:12:
25:cd:b4:f3:8e:72:e1:67:c7:e4:83:49:b3:ae:07:
84:cf:8f:30:d6:d0:e8:e4:82:bf:fe:0c:c2:2b:18:
3a:4f:e1:f5:18:70:8b:69:98:55:2a:69:8f:ed:8a:
96:b5:6f:ea:e0:76:16:2e:5f:73:72:40:e9:d2:97:
7c:18:2a:59:17:2a:12:2b:ae:05:4e:d4:07:11:bf:
a7:7d:d9:b8:ed:e2:df:87:61:5d:25:ae:f2:15:73:
6a:d0:25:ac:e9:19:b1:a7:2f:b3:e6:30:8d:84:97:
75:5b:83:3b:6f:5f:06:65:35:81:e0:bf:93:1a:bf:
a8:2c:9f:b2:80:24:a5:98:b8:c5:56:ef:a6:cb:47:
d7:76:a9:3f:b0:3a:07:af:45:22:0b:2f:cd:af:d1:
63:8d:57:d8:c6:b9:0f:87:f7:70:f9:ec:f1:a7:52:
f7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:5C:F7:BE:79:4B:04:C6:F1:49:38:F8:C3:92:9D:BD:CF:2B:97:6E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:9080::/48
Signature Algorithm: sha256WithRSAEncryption
ba:e2:f0:f3:97:ed:35:7a:8b:68:9b:67:d5:8f:6b:73:47:fd:
4b:65:4d:1f:68:de:97:12:d4:e2:93:ec:a6:da:4f:9b:07:88:
4a:d4:7c:99:a9:48:ae:9e:c7:27:bb:ba:06:b5:a6:17:95:1e:
fb:27:81:3c:b6:24:85:9b:3d:8d:ac:c5:fc:ee:9b:07:b4:5a:
a9:fd:ea:40:4b:f6:9d:78:46:98:f5:6f:f4:26:26:00:21:f2:
fe:b6:6e:11:50:cf:0c:f3:52:38:62:2c:15:db:15:c1:b2:b8:
1e:19:53:1a:f3:96:53:51:05:4d:d9:cc:d3:27:43:a3:b8:c1:
d1:1b:84:df:cc:fb:89:c6:df:c1:0c:0c:39:2e:08:7f:35:4c:
01:79:05:56:38:13:4f:fc:0a:8e:39:e4:21:b6:37:66:d4:82:
52:12:71:56:c1:76:4b:47:f3:bd:27:b9:2b:8e:d1:bd:d5:0a:
32:b9:2e:72:67:17:66:5a:ce:2c:a8:08:74:38:bf:5d:9f:a0:
57:ac:40:22:b5:ad:2a:fd:37:9b:be:7d:36:cd:7f:94:4a:c6:
0d:29:e8:21:18:de:45:b9:bf:c3:e8:39:cc:c5:94:2b:b5:93:
91:6d:4a:38:64:3f:21:95:42:1e:78:e6:e6:60:0e:95:66:ec:
dd:04:90:57
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeRK5r+aFxZr0e3XjNnI89aOB+5EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIwMTVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3OGE5OTZkN2FkYWVhY2UyNzhiNTBiZGI3YWE5M2VkYTQ1OWVhNjI2ZmFm
NGRmM2JkNzg1NGYwMjk0YzEyNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANff0XQHOmpNtRUMEMlxVDLWwLrbID+IyPT8CFbHcfkyKUDYggEMnfffI9fo
6Y73VfwL40eLCALcxwE6B6cH09mLeCYw/UH/HqKUzaaqz6c8rAGnCGQRO/4SJc20
845y4WfH5INJs64HhM+PMNbQ6OSCv/4MwisYOk/h9Rhwi2mYVSppj+2KlrVv6uB2
Fi5fc3JA6dKXfBgqWRcqEiuuBU7UBxG/p33ZuO3i34dhXSWu8hVzatAlrOkZsacv
s+YwjYSXdVuDO29fBmU1geC/kxq/qCyfsoAkpZi4xVbvpstH13apP7A6B69FIgsv
za/RY41X2Ma5D4f3cPns8adS90cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ8XPe+
eUsExvFJOPjDkp29zyuXbjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmJhNmQxZmQtOGIyOS00NDgxLWE1NjgtNzAxOGFiYmQ5MTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAuuLw85ftNXqLaJtn1Y9rc0f9S2VNH2jelxLU
4pPsptpPmweIStR8malIrp7HJ7u6BrWmF5Ue+yeBPLYkhZs9jazF/O6bB7Raqf3q
QEv2nXhGmPVv9CYmACHy/rZuEVDPDPNSOGIsFdsVwbK4HhlTGvOWU1EFTdnM0ydD
o7jB0RuE38z7icbfwQwMOS4IfzVMAXkFVjgTT/wKjjnkIbY3ZtSCUhJxVsF2S0fz
vSe5K47RvdUKMrkucmcXZlrOLKgIdDi/XZ+gV6xAIrWtKv03m759Ns1/lErGDSno
IRjeRbm/w+g5zMWUK7WTkW1KOGQ/IZVCHnjm5mAOlWbs3QSQVw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:00:00 2025 by rpki-client