Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
File: eb69b216-60d5-4f56-b2b8-3401f331f31e.roa (raw, json)
Hash identifier: wjcNnHgrfwb2MDqKDLJfAnzroRPJubIzjtSX154n0R0=
Subject key identifier: A2:9D:82:BB:D3:01:8F:95:19:22:33:2B:11:9F:BF:B2:F3:FA:B3:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 128F683923A95B801FCE6CFA8CA0CE1B42741025
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
Signing time: Mon 16 Jun 2025 21:21:12 +0000
ROA not before: Mon 16 Jun 2025 21:21:12 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:8f:68:39:23:a9:5b:80:1f:ce:6c:fa:8c:a0:ce:1b:42:74:10:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:21:12 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=2b6b043fceef474aa5f418d422001d12277e927704bf54cba604c4b4ce9e1a60, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:88:f7:09:4f:fd:29:0f:0a:ee:76:34:e4:d0:
0d:e0:30:8e:b6:a4:ab:c0:53:a7:15:4e:2b:d9:96:
96:19:e2:d7:8c:b2:64:80:28:37:00:46:aa:7f:65:
c4:0f:83:97:c2:7a:35:52:56:5d:6f:de:df:25:4a:
94:01:e6:af:a4:3f:de:0e:8d:58:64:8d:fb:48:49:
39:12:41:d4:0a:ad:9b:f6:96:cb:d3:4c:5f:05:e5:
d7:18:d5:d9:31:a7:65:cc:a8:8e:bf:f8:a6:6a:9d:
bb:da:d8:c0:9b:0f:3d:23:58:15:11:fc:e1:27:63:
7d:38:92:f2:b1:76:ef:e8:b8:4f:36:02:de:1c:14:
af:e9:90:12:5b:8a:31:de:ab:ac:48:e9:2c:4d:5e:
a2:f6:f9:f8:36:c1:8d:e8:16:28:97:9e:dd:41:59:
7a:65:25:1f:de:42:7b:61:8e:ba:5c:c5:68:2c:2a:
cc:02:35:ec:19:9d:ac:19:43:a1:7b:b4:40:82:2f:
66:04:a9:60:41:73:06:22:f0:a6:8c:56:a5:7a:9c:
9e:95:64:33:10:cb:2b:c0:46:e9:6b:86:84:55:d8:
69:8d:e4:a8:a2:96:b1:d5:19:a1:5a:39:33:8b:0a:
93:32:e4:0e:dc:d7:84:1c:11:cc:3c:57:5c:a6:a4:
0e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:9D:82:BB:D3:01:8F:95:19:22:33:2B:11:9F:BF:B2:F3:FA:B3:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
8d:87:05:9a:16:34:a0:60:15:a3:09:15:98:69:1f:25:ac:80:
7e:85:ab:5c:47:bc:79:87:43:ca:fc:e8:47:19:06:3f:da:5c:
3b:07:83:c7:3d:be:99:e0:e1:17:b7:c6:6f:d7:7e:ee:66:0f:
9c:22:e6:b6:02:35:96:10:ef:60:36:f7:08:ae:f7:b8:74:bb:
a6:00:71:b0:75:3d:3a:49:fa:d7:08:46:e5:0b:05:24:a5:ed:
bf:cd:f3:7b:b4:92:20:9a:d1:67:06:32:71:27:05:9c:f9:ef:
77:25:8d:fa:1b:d6:03:39:8a:6e:5f:15:d5:e5:47:2e:65:5f:
bf:a1:0b:99:74:f2:c1:d9:54:42:36:77:25:3e:b3:95:5a:0e:
5d:c3:88:34:ac:cc:67:8e:c2:93:6a:7c:ff:53:8e:2a:64:5e:
fc:9a:f3:e2:ec:fc:ab:a2:07:aa:91:4b:ed:e2:fb:5a:47:48:
6c:82:23:1f:f4:24:7f:b8:16:75:ce:e2:8b:c6:3e:69:08:0a:
36:6f:fe:2b:e3:fd:4d:8d:b6:1f:73:1c:c0:3f:83:3e:64:8a:
a9:bc:36:ac:cc:b5:5c:79:45:25:e1:83:fd:6a:df:d1:9d:01:
01:ab:67:c9:f3:25:01:42:8b:13:2d:d6:7b:dc:f1:d9:6c:dc:
7b:f1:46:a9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEo9oOSOpW4Afzmz6jKDOG0J0ECUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIxMTJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiNmIwNDNmY2VlZjQ3NGFhNWY0MThkNDIyMDAxZDEyMjc3ZTkyNzcwNGJm
NTRjYmE2MDRjNGI0Y2U5ZTFhNjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiI9wlP/SkPCu52NOTQDeAwjrakq8BTpxVOK9mWlhni14yyZIAoNwBGqn9l
xA+Dl8J6NVJWXW/e3yVKlAHmr6Q/3g6NWGSN+0hJORJB1Aqtm/aWy9NMXwXl1xjV
2TGnZcyojr/4pmqdu9rYwJsPPSNYFRH84SdjfTiS8rF27+i4TzYC3hwUr+mQEluK
Md6rrEjpLE1eovb5+DbBjegWKJee3UFZemUlH95Ce2GOulzFaCwqzAI17BmdrBlD
oXu0QIIvZgSpYEFzBiLwpoxWpXqcnpVkMxDLK8BG6WuGhFXYaY3kqKKWsdUZoVo5
M4sKkzLkDtzXhBwRzDxXXKakDoMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSinYK7
0wGPlRkiMysRn7+y8/qzMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWI2OWIyMTYtNjBkNS00ZjU2LWIyYjgtMzQwMWYzMzFmMzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HpA
MA0GCSqGSIb3DQEBCwUAA4IBAQCNhwWaFjSgYBWjCRWYaR8lrIB+hatcR7x5h0PK
/OhHGQY/2lw7B4PHPb6Z4OEXt8Zv137uZg+cIua2AjWWEO9gNvcIrve4dLumAHGw
dT06SfrXCEblCwUkpe2/zfN7tJIgmtFnBjJxJwWc+e93JY36G9YDOYpuXxXV5Ucu
ZV+/oQuZdPLB2VRCNnclPrOVWg5dw4g0rMxnjsKTanz/U44qZF78mvPi7Pyrogeq
kUvt4vtaR0hsgiMf9CR/uBZ1zuKLxj5pCAo2b/4r4/1NjbYfcxzAP4M+ZIqpvDas
zLVceUUl4YP9at/RnQEBq2fJ8yUBQosTLdZ73PHZbNx78Uap
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:58:31 2025 by rpki-client