Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ecd857ec-bcff-41df-b23a-19087481169e.roa
File: ecd857ec-bcff-41df-b23a-19087481169e.roa (raw, json)
Hash identifier: dfW5N0rvhnw5RjfMMgx9L5xynaOfbvbdcH2xmywtWlE=
Subject key identifier: B9:3B:28:43:7D:72:56:F0:F5:65:16:72:22:DA:CE:EA:E4:FE:93:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 453E516B44055FA8FA6D21364D6764ED7C6ECBB6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ecd857ec-bcff-41df-b23a-19087481169e.roa
Signing time: Mon 16 Jun 2025 21:31:39 +0000
ROA not before: Mon 16 Jun 2025 21:31:39 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:3e:51:6b:44:05:5f:a8:fa:6d:21:36:4d:67:64:ed:7c:6e:cb:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:39 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=3514632cccd944e20996d0450cb9f3a84af8bfde4a1f7676f5c8d0251b32ee3b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:00:cf:90:78:34:29:bd:6c:c3:32:1b:d0:a1:
f4:5e:cc:44:da:41:c1:7f:52:fe:ab:7d:fa:0c:39:
83:55:64:e0:2a:97:88:e5:18:f3:cf:60:67:50:71:
96:cd:14:11:63:21:eb:ad:96:64:f3:27:09:b9:a2:
e9:61:a9:eb:fa:0a:99:f8:7f:21:37:c6:c3:bb:78:
a2:fd:6d:e5:6f:2d:60:c1:d7:b1:78:9d:26:11:6f:
a2:73:94:59:dc:c0:3f:5d:a8:a2:d7:da:03:36:30:
22:bc:8e:22:27:85:d9:37:10:0f:68:59:ed:4d:85:
69:81:6a:7c:d8:07:3d:eb:20:5e:75:b4:23:68:ed:
f9:e6:36:6a:9d:d4:e2:60:4e:13:bd:c3:1e:56:25:
63:55:6b:69:6b:f5:10:31:f8:c3:22:8b:97:00:42:
7d:ae:f8:1d:99:bb:92:35:93:f9:06:a2:b1:8b:d3:
43:f3:3f:29:c9:ea:3d:c8:83:21:d1:c0:34:52:a6:
1e:0c:70:2d:4b:a1:8b:fd:79:a4:00:dc:ac:7f:cd:
e6:86:2e:d9:bf:24:0d:9e:df:94:ed:a4:fb:a5:08:
f3:0c:7c:67:25:f0:76:62:e4:62:34:08:42:94:7b:
84:d5:44:ad:73:4f:09:0c:b3:dd:d9:4a:09:c6:02:
f0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:3B:28:43:7D:72:56:F0:F5:65:16:72:22:DA:CE:EA:E4:FE:93:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ecd857ec-bcff-41df-b23a-19087481169e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:5000::/40
Signature Algorithm: sha256WithRSAEncryption
55:09:35:92:29:2c:2f:90:f1:de:ab:d2:21:64:6c:69:78:fa:
95:1e:fa:0d:36:60:9b:fc:b1:b0:a8:30:df:06:eb:eb:31:5a:
71:ef:47:58:6d:0b:48:68:51:32:b8:87:64:32:05:d6:8d:70:
4d:1c:5c:1e:7d:5d:8a:40:87:cd:f0:bc:63:ea:be:40:02:b8:
03:0f:68:45:b2:46:5d:98:91:af:da:37:c5:0a:42:88:33:07:
0c:6e:27:b7:1d:14:ac:e1:f5:10:24:3e:0c:57:d5:4c:6f:88:
f6:c1:27:a3:5c:86:af:5c:b3:75:b7:ce:fc:43:72:03:9c:52:
28:7d:04:57:f9:cd:06:3f:50:87:01:ae:c7:72:4b:3c:94:f5:
d0:c3:3f:c6:fb:54:74:3d:3d:a3:d8:8a:ce:84:18:17:6a:7f:
44:43:1a:1d:58:47:06:35:58:43:55:9b:6d:8d:cc:15:d3:0f:
74:73:92:b5:e2:04:c4:79:de:98:2a:4c:dc:79:62:7e:54:ce:
77:c5:33:fa:76:81:de:df:c9:0c:1d:7e:d5:da:aa:6b:96:d4:
af:59:63:a2:25:94:52:b8:36:40:00:7f:02:3e:82:8b:83:a5:
23:3c:e8:41:83:68:c7:d9:7e:05:8f:57:c2:2f:4c:9a:1c:b0:
27:39:58:60
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURT5Ra0QFX6j6bSE2TWdk7Xxuy7YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxMzlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1MTQ2MzJjY2NkOTQ0ZTIwOTk2ZDA0NTBjYjlmM2E4NGFmOGJmZGU0YTFm
NzY3NmY1YzhkMDI1MWIzMmVlM2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwAz5B4NCm9bMMyG9Ch9F7MRNpBwX9S/qt9+gw5g1Vk4CqXiOUY889gZ1Bx
ls0UEWMh662WZPMnCbmi6WGp6/oKmfh/ITfGw7t4ov1t5W8tYMHXsXidJhFvonOU
WdzAP12ootfaAzYwIryOIieF2TcQD2hZ7U2FaYFqfNgHPesgXnW0I2jt+eY2ap3U
4mBOE73DHlYlY1VraWv1EDH4wyKLlwBCfa74HZm7kjWT+QaisYvTQ/M/KcnqPciD
IdHANFKmHgxwLUuhi/15pADcrH/N5oYu2b8kDZ7flO2k+6UI8wx8ZyXwdmLkYjQI
QpR7hNVErXNPCQyz3dlKCcYC8JcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS5OyhD
fXJW8PVlFnIi2s7q5P6TMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWNkODU3ZWMtYmNmZi00MWRmLWIyM2EtMTkwODc0ODExNjllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBVCTWSKSwvkPHeq9IhZGxpePqVHvoNNmCb/LGw
qDDfBuvrMVpx70dYbQtIaFEyuIdkMgXWjXBNHFwefV2KQIfN8Lxj6r5AArgDD2hF
skZdmJGv2jfFCkKIMwcMbie3HRSs4fUQJD4MV9VMb4j2wSejXIavXLN1t878Q3ID
nFIofQRX+c0GP1CHAa7Hcks8lPXQwz/G+1R0PT2j2IrOhBgXan9EQxodWEcGNVhD
VZttjcwV0w90c5K14gTEed6YKkzceWJ+VM53xTP6doHe38kMHX7V2qprltSvWWOi
JZRSuDZAAH8CPoKLg6UjPOhBg2jH2X4Fj1fCL0yaHLAnOVhg
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:00:20 2025 by rpki-client