Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
File: 699ed05f-92ce-48c3-8186-6564a7373323.roa (raw, json)
Hash identifier: Ez7F5LpBuM2xSvFKT4NJD83U8MSxRIbMC+PJmkzGgi0=
Subject key identifier: 60:66:7D:44:C0:C3:FB:F6:2D:AD:60:EB:64:94:5C:1C:D3:EE:C8:34
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24052E40C55A124817C6D30048E308100E9A4EAF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
Signing time: Fri 11 Jul 2025 18:40:11 +0000
ROA not before: Fri 11 Jul 2025 18:40:11 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:05:2e:40:c5:5a:12:48:17:c6:d3:00:48:e3:08:10:0e:9a:4e:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:40:11 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=913be7ded745ec6314c3c22f808727316d51d89f8532f70f90e12bb76f285528, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ef:c8:67:02:7a:fc:58:72:78:10:52:14:45:
df:83:cb:d3:29:aa:84:cd:ca:0d:c7:66:60:53:60:
3a:c1:cb:19:a4:ae:9a:d1:90:1b:ee:e1:0d:41:f6:
c2:bd:b8:42:44:0e:db:51:59:27:5c:ed:3d:b7:02:
8d:fb:bf:c6:7c:fd:ba:ea:15:55:af:4e:4c:7d:e8:
03:8b:ab:87:f3:f7:77:f2:d8:eb:ef:97:5f:dc:3c:
d9:e8:20:a6:31:8d:e1:89:71:0e:82:3c:8d:0c:fa:
60:22:14:69:d3:64:78:28:06:31:3f:3f:fa:43:ae:
01:68:d8:5f:16:e1:c6:e5:7d:56:ea:2b:7c:63:77:
a3:eb:ab:f6:d5:5a:04:29:04:2e:30:65:24:ef:b1:
0f:b1:85:61:c1:41:0b:aa:34:bc:f7:27:e6:29:d5:
f9:87:e5:b1:e3:0a:da:f3:d4:8c:93:a7:d6:f2:08:
7c:e3:24:96:38:fa:7f:7a:a7:57:6a:73:47:e9:30:
ec:0b:5c:5e:e4:38:51:33:97:d9:93:0c:3e:8e:d1:
39:fe:e9:e2:97:b9:87:6c:71:c3:56:50:7a:88:63:
42:59:d9:66:44:ce:7a:5b:4e:3b:7f:64:1f:4e:07:
3e:9f:82:ce:2a:c8:51:6b:a7:24:d9:0c:f2:3f:1a:
87:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:66:7D:44:C0:C3:FB:F6:2D:AD:60:EB:64:94:5C:1C:D3:EE:C8:34
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/699ed05f-92ce-48c3-8186-6564a7373323.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c040::/48
Signature Algorithm: sha256WithRSAEncryption
be:da:b4:10:05:5c:8c:85:30:e8:7a:b3:93:1d:69:85:75:ca:
b8:9b:ef:49:c7:e0:3c:dc:ee:00:a2:53:0c:5e:e1:37:67:7e:
b8:b4:5b:cb:11:7d:da:7d:67:39:2f:7b:de:5c:80:60:a9:99:
e0:e1:e0:71:12:b4:44:4f:e4:be:22:71:d9:ef:0a:47:05:b5:
37:5b:8c:5f:06:a8:35:88:dd:17:99:12:e2:ce:de:18:6f:42:
63:d5:c6:a1:dd:bb:f3:28:e6:7b:26:77:61:c2:39:6d:8c:60:
d0:e7:0e:b8:ca:c5:ac:9d:6a:6c:83:82:00:1d:05:ef:c2:ce:
6d:55:51:b9:cf:a8:87:1c:1a:b9:91:fb:14:f4:4c:e6:bd:94:
5c:70:15:6d:88:dd:26:68:d6:12:e6:c0:56:2d:38:77:43:6e:
8d:99:67:79:a8:b2:87:5a:19:25:07:90:c4:de:dc:58:f7:0b:
ad:29:8b:16:3d:a3:6d:2f:a5:97:16:e6:8b:d7:b2:58:44:ec:
4b:b0:25:a7:9e:fd:5e:c0:1b:bc:51:bb:5c:72:ec:b6:25:62:
d5:81:a0:45:29:d3:6a:74:36:5c:8d:81:36:49:97:9d:e1:95:
25:45:aa:e8:f2:5f:b7:71:3f:7a:69:c5:14:3d:49:2e:08:8d:
3d:67:15:ed
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJAUuQMVaEkgXxtMASOMIEA6aTq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQwMTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxM2JlN2RlZDc0NWVjNjMxNGMzYzIyZjgwODcyNzMxNmQ1MWQ4OWY4NTMy
ZjcwZjkwZTEyYmI3NmYyODU1MjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLvyGcCevxYcngQUhRF34PL0ymqhM3KDcdmYFNgOsHLGaSumtGQG+7hDUH2
wr24QkQO21FZJ1ztPbcCjfu/xnz9uuoVVa9OTH3oA4urh/P3d/LY6++XX9w82egg
pjGN4YlxDoI8jQz6YCIUadNkeCgGMT8/+kOuAWjYXxbhxuV9VuorfGN3o+ur9tVa
BCkELjBlJO+xD7GFYcFBC6o0vPcn5inV+YflseMK2vPUjJOn1vIIfOMkljj6f3qn
V2pzR+kw7AtcXuQ4UTOX2ZMMPo7ROf7p4pe5h2xxw1ZQeohjQlnZZkTOeltOO39k
H04HPp+CzirIUWunJNkM8j8ahzECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRgZn1E
wMP79i2tYOtklFwc0+7INDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njk5ZWQwNWYtOTJjZS00OGMzLTgxODYtNjU2NGE3MzczMzIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
QDANBgkqhkiG9w0BAQsFAAOCAQEAvtq0EAVcjIUw6Hqzkx1phXXKuJvvScfgPNzu
AKJTDF7hN2d+uLRbyxF92n1nOS973lyAYKmZ4OHgcRK0RE/kviJx2e8KRwW1N1uM
XwaoNYjdF5kS4s7eGG9CY9XGod278yjmeyZ3YcI5bYxg0OcOuMrFrJ1qbIOCAB0F
78LObVVRuc+ohxwauZH7FPRM5r2UXHAVbYjdJmjWEubAVi04d0NujZlneaiyh1oZ
JQeQxN7cWPcLrSmLFj2jbS+llxbmi9eyWETsS7Alp579XsAbvFG7XHLstiVi1YGg
RSnTanQ2XI2BNkmXneGVJUWq6PJft3E/emnFFD1JLgiNPWcV7Q==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:44 2025 by rpki-client