Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9cee224-c41f-451e-ba80-f0bceb6623bc.roa
File: c9cee224-c41f-451e-ba80-f0bceb6623bc.roa (raw, json)
Hash identifier: OMAJfoLaxDNIfgKn5x0ME5yHC380Cj2i+NAE7X4CPNU=
Subject key identifier: 06:54:7D:0D:56:EA:49:18:46:33:8C:CB:90:49:C4:5B:49:6A:F2:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E0EAAF0957F3BD8F913C0B40DEEDCFD5CCB017E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9cee224-c41f-451e-ba80-f0bceb6623bc.roa
Signing time: Thu 26 Jun 2025 19:37:11 +0000
ROA not before: Thu 26 Jun 2025 19:37:11 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:4080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:0e:aa:f0:95:7f:3b:d8:f9:13:c0:b4:0d:ee:dc:fd:5c:cb:01:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:37:11 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=3421a5d57b347ee48f646b245fc6ba24e74f2109f5f99a92ee80c4a02cfdfbe2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:89:f9:33:83:57:3d:cd:40:d4:11:36:7c:39:
ad:71:f2:6d:ee:11:50:9b:7d:3c:eb:46:89:9f:b5:
70:3a:90:dc:21:c7:6d:29:77:70:59:d9:bd:c5:49:
9e:ff:07:ef:b3:80:5b:f1:00:0a:1e:42:c2:c5:2d:
66:cf:18:cb:90:2d:5d:71:dc:8a:1b:22:20:e0:77:
d6:0e:86:29:1f:4d:e3:68:f9:2e:c2:74:00:cc:1b:
75:f3:7a:71:e7:b0:18:0d:e2:3e:85:08:13:50:63:
71:a2:0a:9d:d2:57:1b:dc:0b:41:5a:53:48:ae:86:
94:8a:bd:8f:f8:2a:05:25:cf:e9:1b:4d:77:f6:2b:
e9:52:2e:d8:37:ec:56:7a:fe:53:65:37:79:c6:a7:
c8:86:e3:6a:b0:d8:e3:ac:b1:e3:23:34:96:01:19:
65:96:e2:2d:6f:f0:5f:42:1c:0f:d4:45:11:37:c0:
2e:a8:53:c8:da:1e:ae:01:79:6d:eb:68:7e:de:37:
59:88:26:09:84:9e:48:06:be:4b:b0:b1:18:72:fe:
35:99:89:1c:9f:27:da:af:16:2d:f5:9e:bf:26:17:
a4:04:71:da:4e:b5:0c:6c:d7:ac:85:2e:54:48:fa:
26:7e:50:b6:b2:14:94:32:22:1d:92:53:2b:3e:cf:
69:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:54:7D:0D:56:EA:49:18:46:33:8C:CB:90:49:C4:5B:49:6A:F2:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9cee224-c41f-451e-ba80-f0bceb6623bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:4080::/46
Signature Algorithm: sha256WithRSAEncryption
a5:38:f9:5d:e5:e2:f9:bd:df:78:e6:75:c4:66:0a:50:e4:99:
d2:c5:7c:9d:df:f2:c3:34:c6:17:2a:0f:79:93:bb:78:9d:2e:
60:bd:9b:5b:7c:06:ee:e1:bc:18:7c:25:28:64:c2:dc:82:46:
c1:96:87:58:75:3d:2d:f6:0e:a3:dc:1f:aa:0f:5e:23:4c:29:
8d:ac:f8:d0:f9:c1:35:50:62:91:cd:bb:67:9a:e1:89:c4:d6:
85:12:8b:28:75:48:38:78:89:e7:13:19:62:d9:33:50:26:b9:
a4:e4:4e:e3:13:0e:e3:8f:1e:42:82:72:e3:8f:03:00:cf:39:
f1:ca:c9:53:36:60:ae:d0:47:52:bf:ec:be:1c:ef:56:9f:f7:
5b:2f:7b:4b:a7:8b:45:fc:93:27:ba:01:ee:e6:a6:3d:95:36:
f1:68:e1:1b:04:d8:24:77:de:d0:ad:13:80:8b:c8:c3:b2:55:
93:9f:02:4d:14:e2:dc:2d:04:b0:31:d9:13:cb:e5:06:a8:85:
b2:18:6a:d4:50:a0:31:fe:88:5e:67:f2:01:4d:02:55:80:45:
df:63:bf:cf:94:c1:50:57:3f:5d:21:32:8d:47:bd:13:5f:a1:
60:c2:6a:00:f6:d1:b2:e5:11:e0:0b:77:da:c7:1b:ac:11:a1:
10:93:7b:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTg6q8JV/O9j5E8C0De7c/VzLAX4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM3MTFaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0MjFhNWQ1N2IzNDdlZTQ4ZjY0NmIyNDVmYzZiYTI0ZTc0ZjIxMDlmNWY5
OWE5MmVlODBjNGEwMmNmZGZiZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeJ+TODVz3NQNQRNnw5rXHybe4RUJt9POtGiZ+1cDqQ3CHHbSl3cFnZvcVJ
nv8H77OAW/EACh5CwsUtZs8Yy5AtXXHcihsiIOB31g6GKR9N42j5LsJ0AMwbdfN6
ceewGA3iPoUIE1BjcaIKndJXG9wLQVpTSK6GlIq9j/gqBSXP6RtNd/Yr6VIu2Dfs
Vnr+U2U3ecanyIbjarDY46yx4yM0lgEZZZbiLW/wX0IcD9RFETfALqhTyNoergF5
betoft43WYgmCYSeSAa+S7CxGHL+NZmJHJ8n2q8WLfWevyYXpARx2k61DGzXrIUu
VEj6Jn5QtrIUlDIiHZJTKz7PaekCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQGVH0N
VupJGEYzjMuQScRbSWryvDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzljZWUyMjQtYzQxZi00NTFlLWJhODAtZjBiY2ViNjYyM2JjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNA
gDANBgkqhkiG9w0BAQsFAAOCAQEApTj5XeXi+b3feOZ1xGYKUOSZ0sV8nd/ywzTG
FyoPeZO7eJ0uYL2bW3wG7uG8GHwlKGTC3IJGwZaHWHU9LfYOo9wfqg9eI0wpjaz4
0PnBNVBikc27Z5rhicTWhRKLKHVIOHiJ5xMZYtkzUCa5pORO4xMO448eQoJy448D
AM858crJUzZgrtBHUr/svhzvVp/3Wy97S6eLRfyTJ7oB7uamPZU28WjhGwTYJHfe
0K0TgIvIw7JVk58CTRTi3C0EsDHZE8vlBqiFshhq1FCgMf6IXmfyAU0CVYBF32O/
z5TBUFc/XSEyjUe9E1+hYMJqAPbRsuUR4At32scbrBGhEJN7jw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:18 2025 by rpki-client