Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/becace4c-6c39-4717-a2f1-594859d36d53.roa
File: becace4c-6c39-4717-a2f1-594859d36d53.roa (raw, json)
Hash identifier: /EZXblEJE56Zmv804mVwwSw6WreRM3JmIY/Zxh48UMU=
Subject key identifier: 6B:30:7C:D3:3D:72:BB:8D:B5:B3:2C:0D:71:9B:6D:1C:2C:20:CB:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6547DD15C77A37C1CCA2AAA5A0A1E4DE39641BA1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/becace4c-6c39-4717-a2f1-594859d36d53.roa
Signing time: Mon 16 Jun 2025 21:01:17 +0000
ROA not before: Mon 16 Jun 2025 21:01:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:10c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:47:dd:15:c7:7a:37:c1:cc:a2:aa:a5:a0:a1:e4:de:39:64:1b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:01:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f4a8d3146c8b002562779edd71db3fd61f39b82062246ea4c9a57f228714148d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0c:7a:4f:e2:dd:cd:74:1b:1a:a5:84:69:cf:
c7:1b:17:4e:65:e5:84:df:77:4c:42:c3:6c:d0:70:
d4:6e:2b:67:7e:c1:ae:d0:30:53:ab:7d:fc:49:2c:
e8:ee:b4:f8:6c:a1:d8:b4:9c:47:5b:d4:db:47:94:
53:2d:9b:44:e4:1e:f8:0d:bb:86:c7:0f:58:fa:c2:
f8:d3:65:73:30:19:fe:73:69:57:02:f9:53:25:fc:
1d:98:7d:67:cc:20:c5:3a:b8:b3:fe:0b:04:60:c1:
53:6e:6b:bb:49:49:2d:38:d3:06:48:f3:d1:99:dc:
c7:08:e3:90:98:9c:4e:6d:b2:2f:bc:c2:fd:82:56:
72:e0:10:0a:9a:8c:9f:09:29:82:b3:0c:a1:1b:ae:
4c:eb:75:f6:40:a6:da:53:7d:8b:ba:e4:1b:2f:47:
51:a6:b2:94:bb:20:dc:b5:d4:4d:ab:71:40:7e:82:
ac:3e:2e:39:39:7d:20:5a:2e:86:cc:1b:48:48:92:
c3:a1:c6:3c:29:14:16:d4:4d:7c:e5:0f:91:6d:9e:
df:11:2a:99:d9:59:04:29:28:5a:fb:20:d9:99:f3:
df:f0:ec:0e:e3:09:d6:85:f7:7b:0a:ed:c0:8d:d4:
d7:ab:05:9d:e3:84:49:fd:ea:c6:6b:ac:41:7f:a6:
6a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:30:7C:D3:3D:72:BB:8D:B5:B3:2C:0D:71:9B:6D:1C:2C:20:CB:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/becace4c-6c39-4717-a2f1-594859d36d53.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:10c0::/46
Signature Algorithm: sha256WithRSAEncryption
b2:55:37:32:2b:97:d5:2f:63:de:ea:9c:68:b1:d5:df:13:c8:
cd:4a:9f:d9:a1:17:24:54:0b:63:86:30:71:c2:95:95:84:6a:
89:da:70:72:c9:b3:79:c1:49:9f:7d:7e:1a:2c:53:a4:d5:d8:
57:a6:42:aa:c8:41:d1:94:07:1c:4b:9c:a6:41:f4:57:ee:f8:
c9:3b:54:4a:89:bd:19:9c:55:95:07:62:ac:33:db:b6:5b:c9:
66:85:c8:93:5a:a7:ab:ea:28:40:c6:d3:e6:08:ca:25:37:b0:
c6:90:49:ae:50:4b:8f:3d:a2:e9:ad:f4:97:98:6a:ae:31:69:
9a:78:d3:fd:8f:e1:95:9c:df:2b:0c:b8:03:b3:e6:80:a5:97:
8b:9a:9e:24:93:65:d4:1c:22:2b:ce:e7:24:85:58:0e:50:27:
c3:7c:02:62:cc:2e:fe:0b:b9:4e:84:5f:4e:c8:ac:5b:d2:fd:
df:46:c6:d7:f6:87:db:0b:12:e1:0f:4d:80:17:c9:0d:80:bc:
26:87:20:a2:66:aa:e3:8b:18:bb:b5:ae:d2:57:dd:04:13:b1:
cf:92:41:2e:23:d6:86:7c:72:85:14:4f:99:d5:e1:9e:c5:ea:
89:d8:3f:97:7e:95:83:ea:15:4c:94:7b:cb:fc:1c:5d:2c:58:
6f:8a:1f:d2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZUfdFcd6N8HMoqqloKHk3jlkG6EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTAxMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0YThkMzE0NmM4YjAwMjU2Mjc3OWVkZDcxZGIzZmQ2MWYzOWI4MjA2MjI0
NmVhNGM5YTU3ZjIyODcxNDE0OGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwMek/i3c10GxqlhGnPxxsXTmXlhN93TELDbNBw1G4rZ37BrtAwU6t9/Eks
6O60+Gyh2LScR1vU20eUUy2bROQe+A27hscPWPrC+NNlczAZ/nNpVwL5UyX8HZh9
Z8wgxTq4s/4LBGDBU25ru0lJLTjTBkjz0ZncxwjjkJicTm2yL7zC/YJWcuAQCpqM
nwkpgrMMoRuuTOt19kCm2lN9i7rkGy9HUaaylLsg3LXUTatxQH6CrD4uOTl9IFou
hswbSEiSw6HGPCkUFtRNfOUPkW2e3xEqmdlZBCkoWvsg2Znz3/DsDuMJ1oX3ewrt
wI3U16sFneOESf3qxmusQX+maq0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRrMHzT
PXK7jbWzLA1xm20cLCDLeTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmVjYWNlNGMtNmMzOS00NzE3LWEyZjEtNTk0ODU5ZDM2ZDUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HcQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAslU3MiuX1S9j3uqcaLHV3xPIzUqf2aEXJFQL
Y4YwccKVlYRqidpwcsmzecFJn31+GixTpNXYV6ZCqshB0ZQHHEucpkH0V+74yTtU
Som9GZxVlQdirDPbtlvJZoXIk1qnq+ooQMbT5gjKJTewxpBJrlBLjz2i6a30l5hq
rjFpmnjT/Y/hlZzfKwy4A7PmgKWXi5qeJJNl1BwiK87nJIVYDlAnw3wCYswu/gu5
ToRfTsisW9L930bG1/aH2wsS4Q9NgBfJDYC8Jocgomaq44sYu7Wu0lfdBBOxz5JB
LiPWhnxyhRRPmdXhnsXqidg/l36Vg+oVTJR7y/wcXSxYb4of0g==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:31:04 2025 by rpki-client