Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
File: f7a46ea9-b416-4218-a790-28cf84d702ce.roa (raw, json)
Hash identifier: PZ5qCiV6qSKyWAQweJWG311HJkzWTzTQx+kEerDvhpQ=
Subject key identifier: 55:11:47:F2:F5:B7:94:9A:76:DE:65:95:BF:3E:39:C9:40:B1:8B:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 431CDBC1174ADF8CC5E3A6786D7C128C0D99B34B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
Signing time: Mon 16 Jun 2025 21:50:04 +0000
ROA not before: Mon 16 Jun 2025 21:50:04 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d026::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:1c:db:c1:17:4a:df:8c:c5:e3:a6:78:6d:7c:12:8c:0d:99:b3:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:50:04 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f35c7e46d995d6f43c5fa327d3eaefe26bf012fb7b4159fad6155962d0c841a5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:02:66:de:60:e6:d1:10:86:1b:9f:2d:59:f8:
38:c1:d8:0a:78:89:fc:66:ca:41:68:85:30:19:95:
ed:f2:d5:d5:95:9c:40:05:c4:2b:46:2a:0a:c0:4e:
da:9a:8f:29:87:4e:e1:41:d9:b8:bb:e4:5c:40:e6:
ea:b8:4e:cb:e0:7c:77:71:b6:b7:92:49:1c:ef:43:
05:0e:17:0a:9f:8b:45:9c:47:2f:bd:56:cd:dd:c3:
bd:ba:59:d9:90:dd:e5:a4:8c:af:8d:ea:aa:de:fe:
b3:a9:5c:a0:54:c2:9f:f5:3e:10:18:58:71:ef:b0:
8c:3f:3b:7d:69:94:4f:7a:39:62:fd:ec:62:28:4b:
3b:7a:e8:0b:57:f0:c3:ef:04:a3:78:ec:f0:49:42:
eb:76:93:8c:3a:f0:8c:bb:b8:18:44:10:59:1a:87:
0b:5d:73:d0:11:13:99:4b:6b:8a:49:95:6a:39:a5:
1e:cd:77:04:20:c5:79:7e:3f:94:9f:76:08:29:2e:
78:62:7a:0d:33:67:74:08:50:f0:67:98:86:2f:1e:
a1:aa:61:b9:3e:93:9d:91:ee:8c:19:04:65:fa:4b:
6e:45:0d:e6:3c:a9:1f:af:6e:67:1e:d1:41:23:89:
1e:e9:bf:05:2e:42:c9:9b:92:29:cf:f1:c8:dc:f1:
54:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:11:47:F2:F5:B7:94:9A:76:DE:65:95:BF:3E:39:C9:40:B1:8B:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d026::/36
Signature Algorithm: sha256WithRSAEncryption
b4:d4:19:32:59:dd:6c:5c:e0:eb:7e:6b:66:fc:e1:ca:b6:96:
22:00:b3:f1:74:76:bd:29:70:13:de:26:5e:48:72:d4:27:dc:
de:64:c9:0f:d0:be:b7:ce:33:06:94:14:d6:ad:b6:a9:64:90:
89:3b:15:40:aa:93:82:63:f6:83:91:d5:9c:58:06:89:01:d1:
78:d9:5f:93:de:3f:73:8f:35:8d:53:64:af:8f:e7:7a:d1:b5:
b3:25:30:80:a8:c8:ec:74:2f:9d:c3:42:6e:ea:7a:f9:d5:55:
3d:0f:ab:c8:82:f1:ef:dd:a1:25:ea:38:4f:56:2f:fb:d2:5c:
42:99:b7:95:c1:b9:72:7d:87:76:f2:b8:93:7b:76:94:65:f9:
cb:ab:35:3c:10:c9:f9:fb:c1:e2:71:05:d1:02:34:47:5a:e4:
ee:c2:d1:25:4a:6c:76:cd:10:87:1d:b1:44:52:da:29:9a:f9:
bb:95:20:39:13:d8:a1:a8:45:cd:74:f7:81:d8:a2:1f:ab:b3:
c4:c4:b0:fc:31:99:d9:74:b9:1d:94:21:65:dc:6a:5c:49:78:
92:fe:49:20:70:39:c7:76:9f:fb:20:6e:4e:ef:27:f2:8f:08:
70:81:5d:32:cc:e1:42:f9:9f:b0:3c:86:e1:fb:58:e4:0d:d1:
41:49:82:d4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQxzbwRdK34zF46Z4bXwSjA2Zs0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTUwMDRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzNWM3ZTQ2ZDk5NWQ2ZjQzYzVmYTMyN2QzZWFlZmUyNmJmMDEyZmI3YjQx
NTlmYWQ2MTU1OTYyZDBjODQxYTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOYCZt5g5tEQhhufLVn4OMHYCniJ/GbKQWiFMBmV7fLV1ZWcQAXEK0YqCsBO
2pqPKYdO4UHZuLvkXEDm6rhOy+B8d3G2t5JJHO9DBQ4XCp+LRZxHL71Wzd3DvbpZ
2ZDd5aSMr43qqt7+s6lcoFTCn/U+EBhYce+wjD87fWmUT3o5Yv3sYihLO3roC1fw
w+8Eo3js8ElC63aTjDrwjLu4GEQQWRqHC11z0BETmUtrikmVajmlHs13BCDFeX4/
lJ92CCkueGJ6DTNndAhQ8GeYhi8eoaphuT6TnZHujBkEZfpLbkUN5jypH69uZx7R
QSOJHum/BS5CyZuSKc/xyNzxVIkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRVEUfy
9beUmnbeZZW/PjnJQLGLITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdhNDZlYTktYjQxNi00MjE4LWE3OTAtMjhjZjg0ZDcwMmNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CYA
MA0GCSqGSIb3DQEBCwUAA4IBAQC01BkyWd1sXODrfmtm/OHKtpYiALPxdHa9KXAT
3iZeSHLUJ9zeZMkP0L63zjMGlBTWrbapZJCJOxVAqpOCY/aDkdWcWAaJAdF42V+T
3j9zjzWNU2Svj+d60bWzJTCAqMjsdC+dw0Ju6nr51VU9D6vIgvHv3aEl6jhPVi/7
0lxCmbeVwblyfYd28riTe3aUZfnLqzU8EMn5+8HicQXRAjRHWuTuwtElSmx2zRCH
HbFEUtopmvm7lSA5E9ihqEXNdPeB2KIfq7PExLD8MZnZdLkdlCFl3GpcSXiS/kkg
cDnHdp/7IG5O7yfyjwhwgV0yzOFC+Z+wPIbh+1jkDdFBSYLU
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:20 2025 by rpki-client