Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
File: 04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa (raw, json)
Hash identifier: xjsUTvIftpJiEeqHHTNOEaFK1vRdGDP1qQIdzKcfaxs=
Subject key identifier: 72:F3:48:CF:83:9A:EC:9D:E5:DB:1A:78:B7:DC:0D:BD:21:EC:E9:10
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2244E871032FB6F33266FE5FAEBF345FFC33F716
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
Signing time: Tue 17 Jun 2025 00:40:12 +0000
ROA not before: Tue 17 Jun 2025 00:40:12 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:44:e8:71:03:2f:b6:f3:32:66:fe:5f:ae:bf:34:5f:fc:33:f7:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:12 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=c7efd1120660ccf262c4bcb3859716bccf3d1c7e90a10d14a33cfcd6f81b4c5a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6b:3d:c9:b6:51:92:da:11:5f:24:0f:7c:a6:
1e:fa:44:02:d5:2c:6c:23:fc:ed:75:92:ac:74:0c:
4e:b0:21:cd:86:0f:5f:97:58:97:af:03:69:01:50:
dd:39:80:ed:28:a6:67:40:c0:eb:d1:99:0f:46:4f:
2f:02:dd:1f:b0:3b:93:fe:a4:dd:6d:3f:1f:07:30:
3d:25:1e:29:e7:06:66:aa:15:3a:33:60:4b:30:29:
c2:a6:7c:27:7c:31:51:f8:f1:ad:c9:d8:d9:1a:51:
9d:c2:c6:1f:ec:77:ce:f2:9a:86:1f:20:cc:0b:1a:
f5:b8:88:81:70:55:a0:9c:90:4a:f3:06:e2:f3:16:
3c:fd:5f:b5:53:30:5c:1c:fd:14:57:88:cb:9a:c8:
32:c9:59:ae:55:b7:4e:a1:a1:0a:67:10:0f:14:00:
50:0e:53:f6:5b:45:8a:bf:47:41:dc:a0:69:18:97:
05:46:30:4b:fe:48:02:b9:78:d1:80:f4:cf:1b:fa:
17:40:23:00:68:c3:61:d6:dc:83:ea:27:ad:ba:1f:
68:c2:68:6d:95:71:f5:fb:59:4f:5c:14:e3:4b:78:
fc:b5:2e:ea:14:f0:9b:72:9a:69:4a:de:ec:04:36:
b1:2d:ef:bf:77:5f:24:e2:02:c6:6d:71:be:cf:e7:
16:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F3:48:CF:83:9A:EC:9D:E5:DB:1A:78:B7:DC:0D:BD:21:EC:E9:10
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8800::/38
Signature Algorithm: sha256WithRSAEncryption
51:70:f8:aa:0f:98:09:e4:90:51:9b:f6:63:11:7d:27:82:81:
f8:b8:3d:af:31:7a:a8:9f:c0:3b:40:26:65:2e:1e:2b:58:3a:
7c:2a:ad:86:cb:b6:19:07:37:24:10:86:f6:c9:80:a3:75:04:
e9:b0:db:ed:d2:03:a1:5a:cf:9a:af:7c:ca:66:91:23:2c:68:
f9:1e:d0:64:6d:fe:e8:d9:e0:c7:e0:2b:b4:d8:26:7e:f6:3f:
43:32:8f:2d:fb:fc:d6:43:a7:d2:6e:51:4e:74:53:3e:6d:cb:
06:ff:c2:1e:00:1e:bc:3a:71:68:84:4a:fe:41:f7:3f:9a:db:
41:9d:f8:62:77:53:e3:43:81:bc:24:de:8c:1f:24:a6:ef:cb:
1f:2d:97:5a:36:f7:83:43:0d:1c:e3:36:d3:e5:c0:4a:2f:69:
ce:73:cd:ee:20:12:82:a9:1b:b4:d3:4d:82:55:66:d3:1e:c0:
86:1a:6a:2e:0b:46:4b:e5:e7:bb:f1:36:8e:71:ad:5b:b1:7a:
3e:77:44:04:48:15:5f:d4:57:87:e7:e7:de:bf:d7:ff:c2:ad:
86:52:ff:b3:24:89:d1:9d:bf:20:07:a0:49:36:46:42:7d:51:
e0:eb:ea:2d:cb:2a:77:7c:cf:00:3b:c9:7c:90:ac:d5:70:e3:
37:f8:5d:99
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIkTocQMvtvMyZv5frr80X/wz9xYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQwMTJaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3ZWZkMTEyMDY2MGNjZjI2MmM0YmNiMzg1OTcxNmJjY2YzZDFjN2U5MGEx
MGQxNGEzM2NmY2Q2ZjgxYjRjNWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKVrPcm2UZLaEV8kD3ymHvpEAtUsbCP87XWSrHQMTrAhzYYPX5dYl68DaQFQ
3TmA7SimZ0DA69GZD0ZPLwLdH7A7k/6k3W0/HwcwPSUeKecGZqoVOjNgSzApwqZ8
J3wxUfjxrcnY2RpRncLGH+x3zvKahh8gzAsa9biIgXBVoJyQSvMG4vMWPP1ftVMw
XBz9FFeIy5rIMslZrlW3TqGhCmcQDxQAUA5T9ltFir9HQdygaRiXBUYwS/5IArl4
0YD0zxv6F0AjAGjDYdbcg+onrbofaMJobZVx9ftZT1wU40t4/LUu6hTwm3KaaUre
7AQ2sS3vv3dfJOICxm1xvs/nFjcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRy80jP
g5rsneXbGni33A29IezpEDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRhNDY0ZmYtN2I5ZC00M2YwLTg2OWQtN2U3YzY2YTdhNWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCI
MA0GCSqGSIb3DQEBCwUAA4IBAQBRcPiqD5gJ5JBRm/ZjEX0ngoH4uD2vMXqon8A7
QCZlLh4rWDp8Kq2Gy7YZBzckEIb2yYCjdQTpsNvt0gOhWs+ar3zKZpEjLGj5HtBk
bf7o2eDH4Cu02CZ+9j9DMo8t+/zWQ6fSblFOdFM+bcsG/8IeAB68OnFohEr+Qfc/
mttBnfhid1PjQ4G8JN6MHySm78sfLZdaNveDQw0c4zbT5cBKL2nOc83uIBKCqRu0
002CVWbTHsCGGmouC0ZL5ee78TaOca1bsXo+d0QESBVf1FeH5+fev9f/wq2GUv+z
JInRnb8gB6BJNkZCfVHg6+otyyp3fM8AO8l8kKzVcOM3+F2Z
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:46 2025 by rpki-client