Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7649a8-cae4-4d67-90f1-f01144285a2f.roa
File: dd7649a8-cae4-4d67-90f1-f01144285a2f.roa (raw, json)
Hash identifier: RaGldeRvz7EvpG0y/rmBv2+f0yDYcpAdmw77myB00S8=
Subject key identifier: 80:C6:57:D0:A3:80:BE:48:80:AF:C1:8E:9D:60:18:38:1B:34:CE:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39C4752DB8E110209D51DC91B2D1C3C15DA7E60C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7649a8-cae4-4d67-90f1-f01144285a2f.roa
Signing time: Mon 16 Jun 2025 19:40:44 +0000
ROA not before: Mon 16 Jun 2025 19:40:44 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:c4:75:2d:b8:e1:10:20:9d:51:dc:91:b2:d1:c3:c1:5d:a7:e6:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:40:44 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=b904146b354a058773e6f744e0ab90202a211b1206e4eef87147ec86c9b147a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5e:81:1f:86:1a:69:6e:ad:20:a1:68:3e:c2:
88:d4:3b:b5:5e:4c:77:5a:36:67:a0:df:c2:4a:3e:
f1:83:45:7e:25:4d:97:93:8e:e3:22:59:ff:c7:49:
dc:66:66:7a:2d:d7:db:e5:33:64:24:ed:80:e2:b8:
9a:b0:ee:4c:d4:86:4f:88:91:27:75:fb:58:b7:08:
df:16:98:d9:d8:66:01:66:d1:ac:6d:17:ba:2b:e7:
b6:3f:c2:fc:d2:f0:28:c9:17:7e:48:44:a4:e9:ad:
02:dc:c5:65:e9:02:cc:70:66:3c:3e:13:29:e1:e7:
44:bf:51:ae:5c:02:3a:9f:4c:25:23:c5:0f:60:c1:
a1:c7:fb:94:74:f6:cc:ea:a1:c9:21:7a:f4:41:d6:
15:31:e1:2f:36:fc:fa:f8:85:a3:74:a6:4f:e7:cf:
6e:b6:21:9a:cb:ab:8a:ac:90:2f:bd:21:43:b3:06:
91:73:a5:b0:b6:4b:96:6a:da:1c:11:8d:3b:69:4f:
b2:08:05:68:17:42:15:41:f3:52:b0:c4:33:c7:f6:
36:14:9b:11:70:ab:d3:44:7a:85:f2:17:43:e9:57:
26:ad:70:fd:94:17:71:7c:0e:67:4b:ba:ba:02:34:
42:d6:ff:fd:48:2c:68:71:50:ba:e0:1f:cb:cd:ce:
aa:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:C6:57:D0:A3:80:BE:48:80:AF:C1:8E:9D:60:18:38:1B:34:CE:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7649a8-cae4-4d67-90f1-f01144285a2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4040::/48
Signature Algorithm: sha256WithRSAEncryption
3b:ae:16:1b:c0:1d:55:c8:f4:e5:4a:75:2f:84:6a:a9:c3:6c:
27:f0:bb:7f:a0:4d:21:48:3e:a4:69:80:6e:4a:2c:4c:71:0b:
7f:84:7a:e6:4e:f5:ef:7c:60:06:44:cf:08:6e:05:df:09:5b:
6e:1e:c2:88:8d:6a:52:75:81:da:cd:3a:c0:10:47:1b:eb:70:
29:cd:e6:2e:40:86:dc:2a:8d:de:df:b1:bc:5d:eb:29:01:7d:
58:34:5e:f8:f9:b9:40:ca:c3:54:cd:0f:f4:f1:80:80:a0:fe:
72:81:ce:f2:bd:fe:20:ac:ca:6f:cb:47:59:82:87:df:99:5e:
7a:1e:6e:d3:d6:3b:e5:de:6b:1e:97:93:35:0d:42:f4:94:63:
3a:8f:e3:c0:3b:4b:36:d9:96:83:34:6f:65:06:e1:a2:60:fd:
a5:ad:52:2a:7e:5d:d6:51:cf:09:5e:09:f4:9b:c2:2b:1c:ff:
34:92:60:30:90:95:d0:0f:89:5f:e9:f7:94:f1:1c:ba:06:8a:
eb:67:c2:71:f7:55:36:dd:f7:1c:c7:f6:fb:e8:8f:08:65:9c:
8b:9b:8e:1d:dc:a0:81:b3:49:35:e7:e1:eb:41:74:a2:67:da:
1d:c3:ad:e4:0e:76:39:4b:2d:a2:e8:ad:c8:fc:5b:b0:01:c5:
81:8e:8c:97
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOcR1LbjhECCdUdyRstHDwV2n5gwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTQwNDRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5MDQxNDZiMzU0YTA1ODc3M2U2Zjc0NGUwYWI5MDIwMmEyMTFiMTIwNmU0
ZWVmODcxNDdlYzg2YzliMTQ3YTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRegR+GGmlurSChaD7CiNQ7tV5Md1o2Z6Dfwko+8YNFfiVNl5OO4yJZ/8dJ
3GZmei3X2+UzZCTtgOK4mrDuTNSGT4iRJ3X7WLcI3xaY2dhmAWbRrG0Xuivntj/C
/NLwKMkXfkhEpOmtAtzFZekCzHBmPD4TKeHnRL9RrlwCOp9MJSPFD2DBocf7lHT2
zOqhySF69EHWFTHhLzb8+viFo3SmT+fPbrYhmsuriqyQL70hQ7MGkXOlsLZLlmra
HBGNO2lPsggFaBdCFUHzUrDEM8f2NhSbEXCr00R6hfIXQ+lXJq1w/ZQXcXwOZ0u6
ugI0Qtb//UgsaHFQuuAfy83Oqh0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSAxlfQ
o4C+SICvwY6dYBg4GzTOZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGQ3NjQ5YTgtY2FlNC00ZDY3LTkwZjEtZjAxMTQ0Mjg1YTJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
QDANBgkqhkiG9w0BAQsFAAOCAQEAO64WG8AdVcj05Up1L4RqqcNsJ/C7f6BNIUg+
pGmAbkosTHELf4R65k7173xgBkTPCG4F3wlbbh7CiI1qUnWB2s06wBBHG+twKc3m
LkCG3CqN3t+xvF3rKQF9WDRe+Pm5QMrDVM0P9PGAgKD+coHO8r3+IKzKb8tHWYKH
35leeh5u09Y75d5rHpeTNQ1C9JRjOo/jwDtLNtmWgzRvZQbhomD9pa1SKn5d1lHP
CV4J9JvCKxz/NJJgMJCV0A+JX+n3lPEcugaK62fCcfdVNt33HMf2++iPCGWci5uO
HdyggbNJNefh60F0omfaHcOt5A52OUstouityPxbsAHFgY6Mlw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:05 2025 by rpki-client