Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06a4b0ee-b740-45a8-9574-79207837db5b.roa
File: 06a4b0ee-b740-45a8-9574-79207837db5b.roa (raw, json)
Hash identifier: na05VDytmJbjfhfGLM9izEpMERxG4XyqM8Rqpg9IjNw=
Subject key identifier: 91:52:97:D3:EE:DA:22:29:83:BC:C5:10:32:1A:CD:4E:95:64:9E:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2ECFCD55D2F8F841799864A167BB933E7F5B01D3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06a4b0ee-b740-45a8-9574-79207837db5b.roa
Signing time: Fri 11 Jul 2025 19:41:03 +0000
ROA not before: Fri 11 Jul 2025 19:41:03 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:a0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:cf:cd:55:d2:f8:f8:41:79:98:64:a1:67:bb:93:3e:7f:5b:01:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:41:03 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=bc1864cd9df9c67f18b0dedd77be5021c6351a7c3100f7fb530e4a140718b746, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:64:b3:cd:0e:ee:45:18:1c:bf:9d:e1:8f:95:
de:14:ca:14:89:75:b6:d1:5d:6b:b1:af:7a:9d:8d:
d8:51:83:81:92:56:7f:b1:24:92:f5:5c:f0:fa:a6:
47:cb:00:55:5c:3a:95:3c:2c:ca:cf:af:f3:86:bd:
2e:b8:f4:b0:6a:44:82:86:9b:5f:03:69:a6:b1:9e:
8c:fa:ba:68:2b:b0:24:7c:9d:0e:d7:1e:ef:45:30:
7f:9f:c9:b1:3f:89:10:13:c5:a2:a5:15:b1:60:76:
aa:b2:9f:25:e6:8f:c6:4c:b4:e6:18:7b:9f:48:ab:
c1:7f:52:5f:f0:42:de:44:04:34:b9:b4:98:b4:ad:
7b:2b:56:8b:9e:b0:b8:57:b1:39:94:51:6f:ac:e3:
76:40:59:0c:b0:3b:b6:c3:92:a7:e5:7d:ff:77:41:
de:0f:2a:a4:6b:12:37:e1:9e:67:58:19:19:e6:f0:
14:61:1e:b4:83:b8:28:c0:b0:f4:9f:b0:c6:ee:5c:
60:f2:e0:7d:15:bf:da:ee:7c:89:20:8d:27:89:b7:
12:fb:4e:9f:84:56:19:03:ae:cc:a5:de:5a:7a:f1:
3c:33:2b:85:2a:4a:cc:90:99:81:2b:d2:23:6f:fc:
af:ea:ef:e2:65:b5:ab:33:89:23:de:51:f6:5d:6d:
3d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:52:97:D3:EE:DA:22:29:83:BC:C5:10:32:1A:CD:4E:95:64:9E:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06a4b0ee-b740-45a8-9574-79207837db5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:a0c0::/46
Signature Algorithm: sha256WithRSAEncryption
5f:70:12:31:a4:5d:04:c8:40:a3:e9:98:93:e4:8c:57:29:79:
27:a3:10:1a:53:e9:7f:30:5a:9d:84:05:f2:57:ef:07:d4:47:
7b:4f:c3:c5:08:44:96:dc:11:36:bc:84:46:c0:f6:e0:70:f6:
fa:82:b0:3b:e3:a8:3b:56:4d:57:f7:b1:ee:be:0f:79:91:b2:
f5:5f:af:e3:a8:df:1f:46:a8:c2:36:88:06:3c:3d:da:58:50:
2a:8c:12:99:a9:cd:4e:66:19:09:86:e7:94:49:9d:63:90:5b:
4a:ac:3b:89:31:51:2a:1d:c6:43:bd:35:f7:44:34:a0:8c:ee:
2a:1b:5f:ad:ac:d4:c1:44:c9:e3:6d:c6:11:cf:29:c1:fd:d4:
58:62:94:b3:5d:55:e8:4f:08:bd:a3:48:ec:4e:57:30:c6:c8:
6f:0f:88:6c:49:da:c3:c0:62:ae:0c:bb:1b:19:42:3f:47:6a:
23:ea:09:4e:bc:fd:75:bf:7f:ac:96:37:17:02:b7:94:cd:56:
4a:a6:09:1d:36:c5:27:a1:c2:d2:6b:33:8f:e6:aa:07:4d:6d:
48:d8:5e:7f:bd:5c:d9:fc:33:04:23:f9:20:5a:21:d0:50:84:
0f:a0:86:6d:36:2f:df:ab:3c:6f:5f:ed:b7:4f:86:c2:fc:9f:
a2:7b:0c:b4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULs/NVdL4+EF5mGShZ7uTPn9bAdMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTQxMDNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjMTg2NGNkOWRmOWM2N2YxOGIwZGVkZDc3YmU1MDIxYzYzNTFhN2MzMTAw
ZjdmYjUzMGU0YTE0MDcxOGI3NDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxks80O7kUYHL+d4Y+V3hTKFIl1ttFda7Gvep2N2FGDgZJWf7EkkvVc8Pqm
R8sAVVw6lTwsys+v84a9Lrj0sGpEgoabXwNpprGejPq6aCuwJHydDtce70Uwf5/J
sT+JEBPFoqUVsWB2qrKfJeaPxky05hh7n0irwX9SX/BC3kQENLm0mLSteytWi56w
uFexOZRRb6zjdkBZDLA7tsOSp+V9/3dB3g8qpGsSN+GeZ1gZGebwFGEetIO4KMCw
9J+wxu5cYPLgfRW/2u58iSCNJ4m3EvtOn4RWGQOuzKXeWnrxPDMrhSpKzJCZgSvS
I2/8r+rv4mW1qzOJI95R9l1tPWcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSRUpfT
7toiKYO8xRAyGs1OlWSeUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDZhNGIwZWUtYjc0MC00NWE4LTk1NzQtNzkyMDc4MzdkYjViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWg
wDANBgkqhkiG9w0BAQsFAAOCAQEAX3ASMaRdBMhAo+mYk+SMVyl5J6MQGlPpfzBa
nYQF8lfvB9RHe0/DxQhEltwRNryERsD24HD2+oKwO+OoO1ZNV/ex7r4PeZGy9V+v
46jfH0aowjaIBjw92lhQKowSmanNTmYZCYbnlEmdY5BbSqw7iTFRKh3GQ70190Q0
oIzuKhtfrazUwUTJ423GEc8pwf3UWGKUs11V6E8IvaNI7E5XMMbIbw+IbEnaw8Bi
rgy7GxlCP0dqI+oJTrz9db9/rJY3FwK3lM1WSqYJHTbFJ6HC0mszj+aqB01tSNhe
f71c2fwzBCP5IFoh0FCED6CGbTYv36s8b1/tt0+GwvyfonsMtA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:09 2025 by rpki-client