Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa
File: e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa (raw, json)
Hash identifier: eaVyEw7WCu8X9dVarvifwZD4B15bVFWCIhhfnRLPaR0=
Subject key identifier: C4:2B:B2:2E:46:8D:A6:03:B3:07:B3:F8:65:5B:B9:CC:08:BA:A1:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 652602191966B06A99B9D0F015F2C811E3CC0720
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa
Signing time: Mon 16 Jun 2025 21:00:17 +0000
ROA not before: Mon 16 Jun 2025 21:00:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:26:02:19:19:66:b0:6a:99:b9:d0:f0:15:f2:c8:11:e3:cc:07:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:00:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=821ed0e2b7cbd9d8ff89b959a31b8c0f9a7ef18513d1d71b6e3454fda6dcb4e8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6e:3d:95:83:1d:6e:b0:6c:37:9a:d3:69:e1:
97:f2:01:7a:51:3b:a6:79:31:01:cf:3a:ce:95:5e:
5e:eb:15:e2:dc:33:dd:42:f1:93:69:34:b5:f0:29:
7b:08:04:ee:9c:ba:82:99:77:58:f3:b0:c1:b0:cc:
2a:42:ca:11:43:08:82:20:fe:a7:80:a5:dd:81:2e:
f3:93:6e:10:ec:77:39:d8:7e:39:d3:aa:f8:54:74:
8d:93:45:02:c6:9e:46:b5:79:c5:44:73:cb:f4:09:
60:a0:98:c2:88:ff:fd:6e:73:ab:2c:ea:bc:78:54:
ae:a7:33:93:77:80:78:bb:d4:0a:86:e2:24:9b:c5:
33:9e:d1:d2:fc:3b:6b:03:5c:e7:7f:b5:c9:39:b6:
d4:2f:bb:e9:94:d4:f0:11:bd:41:a6:b6:27:03:6f:
89:78:9d:de:fc:a1:1f:23:6a:0c:17:83:92:61:df:
7d:e7:e2:13:e8:28:d3:67:f4:61:f5:21:e3:34:1f:
6b:9b:b1:f0:28:3a:02:a4:cc:e2:fa:96:12:cf:25:
44:8f:d9:2f:f6:e2:d1:a4:35:b4:8b:41:83:20:93:
3a:60:35:7e:27:f5:8f:26:44:66:92:b4:8a:50:c3:
68:91:cf:3c:00:39:be:fd:3e:63:d7:15:5f:f1:6d:
15:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:2B:B2:2E:46:8D:A6:03:B3:07:B3:F8:65:5B:B9:CC:08:BA:A1:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:c000::/40
Signature Algorithm: sha256WithRSAEncryption
4d:a9:df:ee:be:20:56:ad:e9:36:ec:11:d2:00:c1:bc:2e:07:
e4:ab:1c:49:a6:d9:ce:2e:51:94:97:8b:77:ec:ec:77:9e:d7:
ee:f9:51:3e:8c:11:0b:6e:31:e0:42:65:54:47:0f:26:31:b7:
34:f2:d8:f6:90:36:a3:c3:fa:e6:c5:ba:4d:d9:72:43:ce:95:
ab:7d:88:3c:ca:42:cb:fd:e2:c6:4f:0d:9d:a4:e5:e2:0d:f4:
27:64:83:3a:c8:f6:64:7b:0a:9d:9c:02:30:4d:78:12:15:64:
f5:ff:68:3a:ff:e3:67:bc:d6:02:b8:6d:3f:06:54:df:13:56:
35:01:85:a8:5b:9e:62:68:f9:29:3f:cc:df:8a:1f:ab:25:e9:
b1:23:74:52:47:5e:3d:f2:c7:70:d4:2c:08:64:d1:3d:c2:8c:
b1:ef:3e:55:08:ec:e0:89:e7:89:76:c7:62:a5:a4:9a:01:d8:
c6:c8:65:ed:eb:f1:d4:cd:33:e6:00:83:4a:9b:fe:00:f6:de:
32:05:0b:78:ff:da:30:89:e9:42:b8:08:53:6e:31:4d:d6:28:
42:31:58:cf:5f:69:64:a2:f9:36:56:81:62:d7:02:54:47:92:
36:bd:1c:a7:64:f9:53:0a:32:a3:90:ed:61:fa:6a:7d:94:9f:
2c:b8:8c:40
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZSYCGRlmsGqZudDwFfLIEePMByAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTAwMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyMWVkMGUyYjdjYmQ5ZDhmZjg5Yjk1OWEzMWI4YzBmOWE3ZWYxODUxM2Qx
ZDcxYjZlMzQ1NGZkYTZkY2I0ZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZuPZWDHW6wbDea02nhl/IBelE7pnkxAc86zpVeXusV4twz3ULxk2k0tfAp
ewgE7py6gpl3WPOwwbDMKkLKEUMIgiD+p4Cl3YEu85NuEOx3Odh+OdOq+FR0jZNF
AsaeRrV5xURzy/QJYKCYwoj//W5zqyzqvHhUrqczk3eAeLvUCobiJJvFM57R0vw7
awNc53+1yTm21C+76ZTU8BG9Qaa2JwNviXid3vyhHyNqDBeDkmHffefiE+go02f0
YfUh4zQfa5ux8Cg6AqTM4vqWEs8lRI/ZL/bi0aQ1tItBgyCTOmA1fif1jyZEZpK0
ilDDaJHPPAA5vv0+Y9cVX/FtFbUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTEK7Iu
Ro2mA7MHs/hlW7nMCLqhXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTZhYzBkZWYtODMzZi00ZTFiLWE3NWQtMmQxZmIzYjhjM2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H7A
MA0GCSqGSIb3DQEBCwUAA4IBAQBNqd/uviBWrek27BHSAMG8LgfkqxxJptnOLlGU
l4t37Ox3ntfu+VE+jBELbjHgQmVURw8mMbc08tj2kDajw/rmxbpN2XJDzpWrfYg8
ykLL/eLGTw2dpOXiDfQnZIM6yPZkewqdnAIwTXgSFWT1/2g6/+NnvNYCuG0/BlTf
E1Y1AYWoW55iaPkpP8zfih+rJemxI3RSR1498sdw1CwIZNE9woyx7z5VCOzgieeJ
dsdipaSaAdjGyGXt6/HUzTPmAINKm/4A9t4yBQt4/9owielCuAhTbjFN1ihCMVjP
X2lkovk2VoFi1wJUR5I2vRynZPlTCjKjkO1h+mp9lJ8suIxA
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:12 2025 by rpki-client