Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f067aa52-ee52-4fb2-867c-8dc79786d43d.roa
File: f067aa52-ee52-4fb2-867c-8dc79786d43d.roa (raw, json)
Hash identifier: cOPlxFHtrvXdbhHLOB/7++ibMV0W7eOsCo3QI6S1ysY=
Subject key identifier: 5B:7E:8F:30:D6:41:6C:84:B9:66:13:27:E5:7A:21:4D:86:A3:6E:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B4F87BB54B43D1BE4FD0D1975810BB01C156B5C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f067aa52-ee52-4fb2-867c-8dc79786d43d.roa
Signing time: Mon 16 Jun 2025 19:51:40 +0000
ROA not before: Mon 16 Jun 2025 19:51:40 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:4f:87:bb:54:b4:3d:1b:e4:fd:0d:19:75:81:0b:b0:1c:15:6b:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:51:40 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=cc678e7e295271306100bc399c42ef76e3c915e4561288ae511c24eaa8d541cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7e:be:53:55:46:35:1d:3a:cb:cc:a3:78:1d:
cf:2a:d6:67:46:ff:59:cb:b2:60:7e:f0:92:1f:82:
7f:81:31:66:e2:9c:d2:e3:ad:fd:98:fa:2d:4c:f5:
c0:48:e1:7a:82:0d:78:c5:12:00:22:2b:2c:3f:4d:
17:b2:a7:33:95:14:d6:94:7e:ef:5c:ff:c4:fe:26:
66:51:9d:42:d6:d5:99:43:33:9d:c3:4b:d0:37:58:
85:54:0c:f9:87:e8:ef:94:08:62:5d:ec:f2:4d:17:
0d:54:84:b3:37:da:9b:a3:31:66:3f:7e:e6:fd:73:
bc:3d:91:31:d6:b5:48:49:40:c4:99:37:a3:a8:09:
85:c5:70:8f:1d:b8:81:ae:bf:00:e3:11:40:b4:03:
3b:48:27:9d:97:d0:64:cd:43:64:bf:23:13:7b:68:
13:bf:ae:7c:39:cf:69:2e:cd:97:3e:c2:7f:0a:b1:
11:b9:3c:14:66:37:c3:53:4e:aa:06:08:bc:5d:b2:
c7:47:34:97:59:2d:0e:dd:f3:ac:08:ac:47:f1:9e:
1f:b7:40:ad:fb:1b:9f:5a:c8:7e:59:45:be:8e:62:
1c:1c:1d:0d:3b:1b:1b:15:40:ee:16:6b:d2:6f:d9:
a6:97:b7:a5:cc:85:d2:92:05:8c:13:24:8d:2c:0c:
fe:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:7E:8F:30:D6:41:6C:84:B9:66:13:27:E5:7A:21:4D:86:A3:6E:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f067aa52-ee52-4fb2-867c-8dc79786d43d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2080::/48
Signature Algorithm: sha256WithRSAEncryption
9a:dc:d8:83:34:70:c2:61:e5:f5:c9:c9:2f:71:b9:82:8e:11:
11:a8:f4:7f:29:05:63:a6:90:b4:85:b4:f6:59:55:fc:85:bd:
a5:d0:46:de:b3:ac:e9:c1:af:14:3c:dc:42:97:ef:7d:01:2c:
aa:fc:15:26:fe:db:73:67:a3:45:60:25:2d:fe:04:0f:e8:08:
bb:b1:de:20:10:97:f7:52:59:24:b8:0b:64:6a:56:d8:9e:87:
15:10:ba:39:43:0c:79:86:e1:bf:3a:30:c3:3c:9e:26:81:1c:
66:bd:51:a8:54:79:c4:a3:45:06:a3:e7:0f:60:6a:f5:a9:57:
ea:5f:81:93:dd:ca:38:7a:91:44:1e:27:74:48:d1:b4:3c:dc:
1f:ef:c1:2f:b0:80:8e:d9:5a:5c:d6:44:8d:27:01:a6:a5:3c:
69:60:59:67:6d:5b:b8:8c:e9:28:f5:43:ae:36:6e:b4:ec:cd:
05:3d:67:d2:d1:53:50:18:95:e4:7b:ea:75:62:d2:2b:ae:9e:
93:e4:9e:1b:a0:85:61:4d:7c:3e:fb:9b:b9:ff:54:f2:dc:8e:
83:cb:f8:15:8c:8a:44:13:1b:4e:a2:00:fe:f0:48:90:d0:ed:
42:23:f1:65:c9:d3:77:b3:f3:67:e3:b0:bc:2c:e4:fe:a8:86:
c9:c9:ae:90
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUC0+Hu1S0PRvk/Q0ZdYELsBwVa1wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUxNDBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjNjc4ZTdlMjk1MjcxMzA2MTAwYmMzOTljNDJlZjc2ZTNjOTE1ZTQ1NjEy
ODhhZTUxMWMyNGVhYThkNTQxY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMR+vlNVRjUdOsvMo3gdzyrWZ0b/WcuyYH7wkh+Cf4ExZuKc0uOt/Zj6LUz1
wEjheoINeMUSACIrLD9NF7KnM5UU1pR+71z/xP4mZlGdQtbVmUMzncNL0DdYhVQM
+Yfo75QIYl3s8k0XDVSEszfam6MxZj9+5v1zvD2RMda1SElAxJk3o6gJhcVwjx24
ga6/AOMRQLQDO0gnnZfQZM1DZL8jE3toE7+ufDnPaS7Nlz7CfwqxEbk8FGY3w1NO
qgYIvF2yx0c0l1ktDt3zrAisR/GeH7dArfsbn1rIfllFvo5iHBwdDTsbGxVA7hZr
0m/Zppe3pcyF0pIFjBMkjSwM/mUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRbfo8w
1kFshLlmEyfleiFNhqNuIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjA2N2FhNTItZWU1Mi00ZmIyLTg2N2MtOGRjNzk3ODZkNDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
gDANBgkqhkiG9w0BAQsFAAOCAQEAmtzYgzRwwmHl9cnJL3G5go4REaj0fykFY6aQ
tIW09llV/IW9pdBG3rOs6cGvFDzcQpfvfQEsqvwVJv7bc2ejRWAlLf4ED+gIu7He
IBCX91JZJLgLZGpW2J6HFRC6OUMMeYbhvzowwzyeJoEcZr1RqFR5xKNFBqPnD2Bq
9alX6l+Bk93KOHqRRB4ndEjRtDzcH+/BL7CAjtlaXNZEjScBpqU8aWBZZ21buIzp
KPVDrjZutOzNBT1n0tFTUBiV5HvqdWLSK66ek+SeG6CFYU18Pvubuf9U8tyOg8v4
FYyKRBMbTqIA/vBIkNDtQiPxZcnTd7PzZ+OwvCzk/qiGycmukA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:20 2025 by rpki-client