Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
File: bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa (raw, json)
Hash identifier: ZzXzWHQmyjLUuYgP5dWtBVpEpUXUS/vxH63A68kOofQ=
Subject key identifier: FE:10:F1:57:AF:77:BD:21:8F:AB:FA:14:B1:36:6C:E5:E5:52:61:8B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4CFE73DD8A33C2DE2589721E3A338A5C42CBD7E4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
Signing time: Mon 16 Jun 2025 21:20:22 +0000
ROA not before: Mon 16 Jun 2025 21:20:22 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:fe:73:dd:8a:33:c2:de:25:89:72:1e:3a:33:8a:5c:42:cb:d7:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:20:22 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=df01f6389d062b36be6a8e9affdc4f022fbf039b487879f6a925de9af0a89b32, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3f:d5:c0:ee:4e:f3:46:45:93:77:b8:ab:b5:
2c:f0:77:37:51:54:46:3e:cf:15:a8:e6:aa:72:86:
13:d5:1e:6c:2b:bd:d2:63:3f:6b:db:d2:42:b9:81:
38:ab:7e:78:46:92:27:84:26:44:a1:2a:bb:5c:ee:
15:49:fd:29:1f:d3:33:be:0c:a3:f1:c6:60:03:ca:
a3:16:8c:c5:d6:27:dc:11:ec:1d:d4:8b:df:f0:f4:
05:68:3e:e1:40:3b:41:e7:53:7e:1a:87:94:75:8b:
01:3d:f3:3e:09:39:79:3e:1f:47:86:6d:dc:ce:10:
d2:5b:14:70:a4:11:38:ec:e8:b4:ed:91:93:4f:9b:
83:ca:2e:9e:a7:fe:46:90:c0:84:d5:8c:d0:86:0f:
f7:93:ee:d0:ba:16:49:df:cb:a0:e9:93:a6:8c:fc:
fc:6f:b7:29:64:b2:5e:d6:ed:26:b0:41:75:ca:d4:
4e:fd:0e:ce:b0:b3:fe:b0:4c:0a:7b:27:9c:b8:1f:
aa:40:d3:ee:a6:2e:04:13:39:28:c7:ec:eb:db:e3:
02:17:21:25:72:e0:21:23:21:a7:4d:45:93:74:b6:
8e:03:8e:5a:37:a4:35:43:26:93:88:25:28:8f:90:
ea:76:2f:aa:01:21:1b:30:d1:59:a9:af:95:9e:3a:
dc:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:10:F1:57:AF:77:BD:21:8F:AB:FA:14:B1:36:6C:E5:E5:52:61:8B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:5000::/40
Signature Algorithm: sha256WithRSAEncryption
b9:f3:c5:fb:0e:40:71:d4:18:19:f1:08:ce:03:d4:40:b8:0e:
9f:4e:d9:70:2a:e0:02:11:71:3c:16:18:da:98:3a:8e:11:7f:
f0:d3:9a:49:51:30:bb:5f:ca:28:07:a7:a6:1e:b8:86:b1:f0:
07:1c:2e:0c:91:05:48:ac:41:e2:58:b4:59:44:51:e7:68:d7:
02:32:49:10:56:24:21:5d:a5:33:fa:c2:75:73:04:30:0b:e9:
34:db:61:e2:94:a7:8b:0f:58:f5:11:34:3c:36:0e:26:b7:b1:
d8:76:b6:e5:d3:c4:3b:2d:93:45:cc:22:fb:15:d2:48:8f:23:
91:c5:22:39:18:51:47:9b:56:1b:e0:26:76:18:44:e5:ea:f7:
39:d5:0d:7b:13:be:5d:bb:95:ec:92:c3:de:bc:a2:84:f6:9a:
67:d8:bd:89:be:87:ac:a5:d0:0e:4d:17:73:6a:a4:27:c6:69:
9d:87:94:43:67:6d:ae:d3:35:bb:1e:5e:cc:fd:5f:44:a5:80:
95:b8:74:e3:a5:7f:3d:7d:f6:76:22:c1:8e:b7:16:46:c9:0d:
84:4f:84:be:cb:a7:36:b6:97:6f:23:18:f4:c9:97:69:03:13:
3f:58:91:7f:82:50:6d:a6:7d:8e:19:b6:45:d4:12:2d:8c:fc:
26:48:aa:7a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTP5z3Yozwt4liXIeOjOKXELL1+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIwMjJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmMDFmNjM4OWQwNjJiMzZiZTZhOGU5YWZmZGM0ZjAyMmZiZjAzOWI0ODc4
NzlmNmE5MjVkZTlhZjBhODliMzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALo/1cDuTvNGRZN3uKu1LPB3N1FURj7PFajmqnKGE9UebCu90mM/a9vSQrmB
OKt+eEaSJ4QmRKEqu1zuFUn9KR/TM74Mo/HGYAPKoxaMxdYn3BHsHdSL3/D0BWg+
4UA7QedTfhqHlHWLAT3zPgk5eT4fR4Zt3M4Q0lsUcKQROOzotO2Rk0+bg8ounqf+
RpDAhNWM0IYP95Pu0LoWSd/LoOmTpoz8/G+3KWSyXtbtJrBBdcrUTv0OzrCz/rBM
CnsnnLgfqkDT7qYuBBM5KMfs69vjAhchJXLgISMhp01Fk3S2jgOOWjekNUMmk4gl
KI+Q6nYvqgEhGzDRWamvlZ463A0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT+EPFX
r3e9IY+r+hSxNmzl5VJhizAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmM2OWY4ZjYtMDNjOC00NDY4LWE5OGEtZjIzZmU0MGVlYWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC588X7DkBx1BgZ8QjOA9RAuA6fTtlwKuACEXE8
FhjamDqOEX/w05pJUTC7X8ooB6emHriGsfAHHC4MkQVIrEHiWLRZRFHnaNcCMkkQ
ViQhXaUz+sJ1cwQwC+k022HilKeLD1j1ETQ8Ng4mt7HYdrbl08Q7LZNFzCL7FdJI
jyORxSI5GFFHm1Yb4CZ2GETl6vc51Q17E75du5XsksPevKKE9ppn2L2JvoespdAO
TRdzaqQnxmmdh5RDZ22u0zW7Hl7M/V9EpYCVuHTjpX89ffZ2IsGOtxZGyQ2ET4S+
y6c2tpdvIxj0yZdpAxM/WJF/glBtpn2OGbZF1BItjPwmSKp6
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:34 2025 by rpki-client