Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f53e7156-ca49-453e-98bc-54364e6eb008.roa
File: f53e7156-ca49-453e-98bc-54364e6eb008.roa (raw, json)
Hash identifier: vYl07a6WMGVS3MB4w80dmBWEduKmATznbDdkuIKexg4=
Subject key identifier: B7:93:C3:24:9C:50:A4:C6:51:9B:39:63:01:24:6E:8F:2A:A6:19:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 246A62637645D7C86F3DAF97DDC637D627E609AD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f53e7156-ca49-453e-98bc-54364e6eb008.roa
Signing time: Mon 16 Jun 2025 21:01:01 +0000
ROA not before: Mon 16 Jun 2025 21:01:01 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:8040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:6a:62:63:76:45:d7:c8:6f:3d:af:97:dd:c6:37:d6:27:e6:09:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:01:01 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=9c80086d825c0caf37b62af3562ab3624f3bef9d5036b83e7ab4bb04a7f2d928, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a6:67:d4:0d:18:be:c1:e6:7f:ff:0e:a6:fa:
f4:ad:65:20:60:ff:2d:ee:77:23:56:56:33:f2:23:
31:7b:3e:f0:59:11:0c:c4:84:0e:84:3d:99:0c:3c:
7d:6c:7b:ea:fa:0f:fd:7d:c8:67:b0:59:ab:4a:5b:
8f:40:0c:d1:d6:8e:14:5b:cb:b2:53:fe:ad:3a:51:
b4:0b:bb:43:d1:88:0e:d7:11:1e:ff:e9:13:1f:da:
1e:e0:49:e7:0f:05:16:18:2f:4c:da:cb:c6:19:c7:
dc:ca:6e:20:f8:37:b2:ef:04:12:b8:82:cb:04:a0:
fb:e2:aa:c2:c0:47:45:a6:50:69:d4:c7:85:fd:a4:
7b:91:57:20:ab:0f:f4:44:38:f6:c7:10:a2:75:aa:
21:dd:dd:8b:ab:55:ec:a1:c1:00:d8:a5:ec:04:34:
8d:80:67:c7:18:92:c7:35:1b:c8:cc:3c:d7:a3:38:
d6:d9:c8:6f:d2:c4:7f:a0:59:08:e3:0c:6d:02:5b:
11:98:da:8c:91:d6:f7:86:60:88:2e:9c:66:fb:a3:
9f:35:7c:a2:c3:d7:b5:3b:53:a2:6f:95:85:f1:d0:
4d:32:50:c9:a0:de:c2:9d:bc:6a:27:43:14:3e:73:
ad:d2:c3:5a:64:26:6e:8f:f0:db:50:46:3d:02:56:
98:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:93:C3:24:9C:50:A4:C6:51:9B:39:63:01:24:6E:8F:2A:A6:19:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f53e7156-ca49-453e-98bc-54364e6eb008.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:8040::/46
Signature Algorithm: sha256WithRSAEncryption
6f:e1:95:51:4e:43:62:bb:19:7b:a6:9e:d3:28:c9:36:4a:4f:
b0:80:b0:5b:02:a2:4e:59:cd:39:35:56:f1:fa:f1:66:b4:f8:
b5:f3:2a:fd:fe:fc:e2:f2:9e:de:b9:f2:99:fc:6d:ee:ff:1d:
51:55:fa:27:ec:7c:a2:8a:72:6c:fe:17:90:65:a6:11:d7:c1:
50:18:9d:aa:4f:f4:1f:17:33:94:2a:52:4b:de:63:50:57:71:
03:2d:79:11:4a:b7:be:f9:c1:ed:ca:2d:5b:07:60:88:b5:40:
54:33:29:38:5b:47:97:34:08:73:f4:a3:d0:c9:11:79:1d:45:
b4:9c:93:5c:72:97:83:41:f2:4e:12:28:30:bb:08:90:7d:b5:
35:ef:85:82:f5:8f:de:ea:1c:62:9b:fe:c2:f4:62:7e:21:b5:
6c:0e:09:15:bd:da:18:27:6f:3c:52:21:28:79:7b:87:2c:05:
09:00:d8:34:b2:a8:dc:6a:ec:da:69:9c:53:7a:1d:b6:14:6c:
29:5b:46:2d:e1:15:d7:05:cc:83:64:e7:27:dd:50:21:f6:fd:
d0:8b:48:1e:a3:a1:90:a1:93:16:0b:71:33:9e:87:70:a1:86:
11:8b:e2:e8:b6:68:3e:74:08:19:72:da:47:43:bc:b0:26:84:
97:9a:93:cb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJGpiY3ZF18hvPa+X3cY31ifmCa0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTAxMDFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDljODAwODZkODI1YzBjYWYzN2I2MmFmMzU2MmFiMzYyNGYzYmVmOWQ1MDM2
YjgzZTdhYjRiYjA0YTdmMmQ5MjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMimZ9QNGL7B5n//Dqb69K1lIGD/Le53I1ZWM/IjMXs+8FkRDMSEDoQ9mQw8
fWx76voP/X3IZ7BZq0pbj0AM0daOFFvLslP+rTpRtAu7Q9GIDtcRHv/pEx/aHuBJ
5w8FFhgvTNrLxhnH3MpuIPg3su8EEriCywSg++KqwsBHRaZQadTHhf2ke5FXIKsP
9EQ49scQonWqId3di6tV7KHBANil7AQ0jYBnxxiSxzUbyMw816M41tnIb9LEf6BZ
COMMbQJbEZjajJHW94ZgiC6cZvujnzV8osPXtTtTom+VhfHQTTJQyaDewp28aidD
FD5zrdLDWmQmbo/w21BGPQJWmDcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS3k8Mk
nFCkxlGbOWMBJG6PKqYZaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjUzZTcxNTYtY2E0OS00NTNlLTk4YmMtNTQzNjRlNmViMDA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HuA
QDANBgkqhkiG9w0BAQsFAAOCAQEAb+GVUU5DYrsZe6ae0yjJNkpPsICwWwKiTlnN
OTVW8frxZrT4tfMq/f784vKe3rnymfxt7v8dUVX6J+x8oopybP4XkGWmEdfBUBid
qk/0HxczlCpSS95jUFdxAy15EUq3vvnB7cotWwdgiLVAVDMpOFtHlzQIc/Sj0MkR
eR1FtJyTXHKXg0HyThIoMLsIkH21Ne+FgvWP3uocYpv+wvRifiG1bA4JFb3aGCdv
PFIhKHl7hywFCQDYNLKo3Grs2mmcU3odthRsKVtGLeEV1wXMg2TnJ91QIfb90ItI
HqOhkKGTFgtxM56HcKGGEYvi6LZoPnQIGXLaR0O8sCaEl5qTyw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:59:02 2025 by rpki-client