Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa
File: 04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa (raw, json)
Hash identifier: M3VvOhOcoPGmxpiY9lEPHV2ogHRQqfVOOJ8zvcyt8+4=
Subject key identifier: A4:CE:52:18:CC:B6:3C:CF:2A:8B:4B:AC:99:FB:16:8C:5B:D2:14:49
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5ED038C52C364667D6DDBE98450F2CBBA6117908
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa
Signing time: Mon 16 Jun 2025 20:20:44 +0000
ROA not before: Mon 16 Jun 2025 20:20:44 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:d0:38:c5:2c:36:46:67:d6:dd:be:98:45:0f:2c:bb:a6:11:79:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:20:44 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=6726a9452dc0351f54f0e8422ba912b3d7714144856068a66782c7e6b3e622e8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f1:93:fe:34:48:12:15:7f:7c:c9:31:02:9c:
fc:89:e0:13:88:fe:9d:4e:70:bc:a6:86:a7:dc:41:
64:c8:f8:c6:55:ec:eb:2b:ec:14:89:10:94:31:7a:
c5:f5:51:4a:f6:c4:12:91:67:37:31:9d:f3:5b:79:
9a:88:7b:5c:74:1f:2a:ad:89:d9:b7:54:fa:ff:6e:
92:b2:29:7b:e5:2e:25:59:10:7c:38:54:3b:15:0a:
41:0c:c6:82:d7:70:5d:b0:63:02:7c:2a:a7:86:29:
a3:4e:bf:a6:b6:36:1b:bd:dd:15:fa:83:33:db:dc:
19:28:5a:e9:6d:f9:8b:2f:b7:34:0c:5c:35:34:4b:
ee:6f:c0:42:3c:94:a6:1d:f9:a0:73:7c:8b:b0:bd:
a5:3e:28:1e:21:69:8d:a4:7b:6c:76:24:b4:ca:2d:
d1:87:3b:02:c6:51:3f:b1:27:ff:9c:6b:ce:fc:fd:
59:03:db:75:fe:0f:69:b6:94:ce:3e:53:b6:03:7f:
4f:66:27:17:fd:55:39:8f:ef:a1:0a:93:93:60:f8:
db:44:c4:73:be:d8:c3:89:5b:1f:a6:93:b2:8b:9b:
b3:22:2a:c7:59:53:2f:64:d7:53:d1:7d:b3:8a:12:
3f:b5:a8:40:db:1c:dd:4a:90:bf:f1:36:2a:f6:ce:
a3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:CE:52:18:CC:B6:3C:CF:2A:8B:4B:AC:99:FB:16:8C:5B:D2:14:49
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c000::/40
Signature Algorithm: sha256WithRSAEncryption
06:02:0e:09:a0:3f:43:51:7e:37:6a:ea:eb:ee:f7:2c:de:c4:
22:89:88:9e:22:51:5d:d4:d4:2a:50:a7:55:14:ab:10:f7:4b:
cc:4b:6a:cb:7e:49:cf:c4:8c:05:e6:4c:4d:15:6e:94:9d:50:
1b:ff:69:8d:9c:f8:59:c2:06:ac:40:b2:17:01:0e:e2:b0:69:
0b:fc:cf:c6:af:07:d0:85:a8:f9:46:ca:39:13:c2:21:18:61:
67:ca:22:d5:6c:72:56:7f:c4:17:15:11:43:17:45:99:bc:c1:
dd:bd:c8:1f:e3:26:67:90:f8:20:40:6a:18:81:ef:1a:66:32:
75:ef:3c:fc:f1:8b:b5:a5:19:69:2b:de:27:00:cc:1a:ff:d9:
97:3e:51:01:97:b3:65:52:8f:60:69:6d:c0:86:0e:dd:5f:5d:
62:3f:1c:9f:a9:74:35:3f:cf:89:2b:f6:8b:0f:37:a7:bb:8e:
2d:3d:06:b9:50:6f:12:df:8c:9f:6b:54:84:14:2e:fb:9f:a9:
51:dc:dc:7e:31:dc:8c:21:49:c1:50:3a:c4:bf:b3:80:9a:69:
88:e2:ec:84:ac:79:23:a1:f5:33:38:72:b6:2e:44:3b:c9:e3:
9f:43:59:3a:9c:13:bd:3c:8e:37:07:e3:74:2c:94:26:c0:2e:
88:55:33:53
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXtA4xSw2RmfW3b6YRQ8su6YReQgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIwNDRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3MjZhOTQ1MmRjMDM1MWY1NGYwZTg0MjJiYTkxMmIzZDc3MTQxNDQ4NTYw
NjhhNjY3ODJjN2U2YjNlNjIyZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjxk/40SBIVf3zJMQKc/IngE4j+nU5wvKaGp9xBZMj4xlXs6yvsFIkQlDF6
xfVRSvbEEpFnNzGd81t5moh7XHQfKq2J2bdU+v9ukrIpe+UuJVkQfDhUOxUKQQzG
gtdwXbBjAnwqp4Ypo06/prY2G73dFfqDM9vcGSha6W35iy+3NAxcNTRL7m/AQjyU
ph35oHN8i7C9pT4oHiFpjaR7bHYktMot0Yc7AsZRP7En/5xrzvz9WQPbdf4PabaU
zj5TtgN/T2YnF/1VOY/voQqTk2D420TEc77Yw4lbH6aTsoubsyIqx1lTL2TXU9F9
s4oSP7WoQNsc3UqQv/E2KvbOo+8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSkzlIY
zLY8zyqLS6yZ+xaMW9IUSTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRjMzRlYTEtY2RkYi00NWFhLTk3OWYtYmZlMWZhMDk5NWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DHA
MA0GCSqGSIb3DQEBCwUAA4IBAQAGAg4JoD9DUX43aurr7vcs3sQiiYieIlFd1NQq
UKdVFKsQ90vMS2rLfknPxIwF5kxNFW6UnVAb/2mNnPhZwgasQLIXAQ7isGkL/M/G
rwfQhaj5Rso5E8IhGGFnyiLVbHJWf8QXFRFDF0WZvMHdvcgf4yZnkPggQGoYge8a
ZjJ17zz88Yu1pRlpK94nAMwa/9mXPlEBl7NlUo9gaW3Ahg7dX11iPxyfqXQ1P8+J
K/aLDzenu44tPQa5UG8S34yfa1SEFC77n6lR3Nx+MdyMIUnBUDrEv7OAmmmI4uyE
rHkjofUzOHK2LkQ7yeOfQ1k6nBO9PI43B+N0LJQmwC6IVTNT
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:58 2025 by rpki-client