Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa
File: decd4459-2e9b-442e-a3bd-6633fdd0250b.roa (raw, json)
Hash identifier: XyLxfX3cMDE3QOndFWHpLNW19lcIimtIabz4CwqVgps=
Subject key identifier: 59:48:95:FA:87:78:5A:7D:AA:2C:2B:73:DD:D8:3D:C0:01:FD:E2:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4635348506402FDC96B912A79C314175719183DA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa
Signing time: Mon 16 Jun 2025 19:51:53 +0000
ROA not before: Mon 16 Jun 2025 19:51:53 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:35:34:85:06:40:2f:dc:96:b9:12:a7:9c:31:41:75:71:91:83:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:51:53 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=9afae0428528c645048342c3f79e6fa64cd58d38acc74bff156be1dcf710e681, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:bb:11:e4:2b:48:b5:04:5b:a2:c6:04:4b:00:
94:98:8a:b4:8b:a6:35:22:dd:1f:23:1b:a9:ae:18:
e8:c1:9c:d8:a6:2d:f6:d1:4e:8c:1c:09:17:05:8b:
c9:d0:7f:4e:bc:8b:1d:23:54:b5:22:04:e6:0d:29:
50:a7:92:7c:a8:1f:7f:6d:84:26:24:9e:72:d6:41:
ec:1d:88:f7:7d:8b:11:dc:09:0a:06:f6:b8:f5:8d:
11:06:1e:a6:32:df:bf:10:3b:d0:e8:d8:14:d8:db:
9d:35:32:c2:82:6a:13:12:c8:d2:3b:a4:56:f2:55:
cb:70:bc:6a:be:36:48:0d:69:ad:a4:11:95:e0:cb:
12:e8:c3:9b:42:e1:aa:2c:3e:67:2a:d3:58:40:e0:
b3:47:1c:60:d4:db:1e:b3:5f:41:7f:06:f0:af:39:
20:8a:23:8e:48:73:4a:fa:82:99:f8:12:17:9b:1e:
7c:ae:a8:ac:79:ed:11:11:1a:d0:c0:58:5c:88:c8:
8b:c4:66:79:10:b6:31:06:3a:e9:3e:c0:01:a0:17:
1f:a3:9c:b7:ea:ef:33:bd:5b:4c:e3:6c:6b:07:dd:
dd:6c:d8:c9:70:e7:2c:fd:1e:67:17:d9:89:a9:92:
67:3f:eb:0c:78:e0:fd:84:61:3d:5c:ce:6b:dc:fc:
bd:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:48:95:FA:87:78:5A:7D:AA:2C:2B:73:DD:D8:3D:C0:01:FD:E2:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a000::/40
Signature Algorithm: sha256WithRSAEncryption
a3:e2:12:3c:0d:19:64:ea:a2:6c:81:61:59:b6:90:c9:61:97:
45:e2:ac:de:d4:9f:ca:71:d6:d2:e6:13:f8:7a:71:51:f0:56:
7a:7c:8b:f3:b4:6e:2a:7c:79:04:8a:de:8b:f2:e7:98:bf:93:
0f:ba:fc:a0:e4:22:77:4e:c2:b2:f0:c9:54:b3:99:2b:d4:86:
a0:18:ea:c5:4d:00:11:01:35:99:8e:4a:e3:e0:dc:a4:5c:06:
a3:70:a3:cb:91:b5:01:8a:d2:00:e2:f8:44:43:1d:c9:0d:76:
c7:5c:25:79:b4:ca:bd:29:22:8d:eb:96:f4:fa:36:80:38:9e:
3b:f4:54:85:04:5e:eb:3a:31:dd:a2:80:c8:69:57:55:11:f3:
bd:24:33:18:87:4e:bb:9c:c4:d2:08:2c:a9:10:af:ba:dd:db:
17:63:0f:a8:d6:69:35:27:4b:2c:39:5d:66:c1:5a:6a:ad:e7:
ea:e6:e4:be:91:01:d2:fc:18:4b:b0:4a:f6:20:4c:d3:87:01:
b8:67:e2:ef:e8:4c:89:2f:f5:ed:08:aa:41:9c:13:3b:48:d2:
0f:17:d5:17:64:9a:e7:03:90:da:36:bc:45:91:fa:25:df:2a:
cb:e0:1b:ed:f3:01:7c:d3:46:07:7c:6a:40:9b:24:7f:50:c2:
fa:9c:f7:fe
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURjU0hQZAL9yWuRKnnDFBdXGRg9owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUxNTNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhZmFlMDQyODUyOGM2NDUwNDgzNDJjM2Y3OWU2ZmE2NGNkNThkMzhhY2M3
NGJmZjE1NmJlMWRjZjcxMGU2ODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMS7EeQrSLUEW6LGBEsAlJiKtIumNSLdHyMbqa4Y6MGc2KYt9tFOjBwJFwWL
ydB/TryLHSNUtSIE5g0pUKeSfKgff22EJiSectZB7B2I932LEdwJCgb2uPWNEQYe
pjLfvxA70OjYFNjbnTUywoJqExLI0jukVvJVy3C8ar42SA1praQRleDLEujDm0Lh
qiw+ZyrTWEDgs0ccYNTbHrNfQX8G8K85IIojjkhzSvqCmfgSF5sefK6orHntEREa
0MBYXIjIi8RmeRC2MQY66T7AAaAXH6Oct+rvM71bTONsawfd3WzYyXDnLP0eZxfZ
iamSZz/rDHjg/YRhPVzOa9z8vRUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRZSJX6
h3hafaosK3Pd2D3AAf3iJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGVjZDQ0NTktMmU5Yi00NDJlLWEzYmQtNjYzM2ZkZDAyNTBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKg
MA0GCSqGSIb3DQEBCwUAA4IBAQCj4hI8DRlk6qJsgWFZtpDJYZdF4qze1J/KcdbS
5hP4enFR8FZ6fIvztG4qfHkEit6L8ueYv5MPuvyg5CJ3TsKy8MlUs5kr1IagGOrF
TQARATWZjkrj4NykXAajcKPLkbUBitIA4vhEQx3JDXbHXCV5tMq9KSKN65b0+jaA
OJ479FSFBF7rOjHdooDIaVdVEfO9JDMYh067nMTSCCypEK+63dsXYw+o1mk1J0ss
OV1mwVpqrefq5uS+kQHS/BhLsEr2IEzThwG4Z+Lv6EyJL/XtCKpBnBM7SNIPF9UX
ZJrnA5DaNrxFkfol3yrL4Bvt8wF800YHfGpAmyR/UML6nPf+
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:26:35 2025 by rpki-client