Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa
File: 19a2984e-942a-4280-ac0b-904c9860af2f.roa (raw, json)
Hash identifier: 2kOlVSrbeEXdQC+bzhFQDr+Vmg5XCZEZBf1Tgke3Veg=
Subject key identifier: 27:50:20:49:8C:86:D2:0E:B9:81:4D:E5:AE:46:3C:C8:26:06:BF:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4BD71550055FD0E93978061830A155C487481CC9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa
Signing time: Mon 16 Jun 2025 20:00:49 +0000
ROA not before: Mon 16 Jun 2025 20:00:49 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:d7:15:50:05:5f:d0:e9:39:78:06:18:30:a1:55:c4:87:48:1c:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:49 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=4271d58cab68eeb04639de6adffc85951ceaef6c4ea922e61cf4a5edc60bc263, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2e:ad:17:95:3e:d7:4b:b7:3a:53:05:ef:a3:
e7:5b:1b:3f:67:c4:2d:99:d3:59:82:d9:1f:82:48:
7f:c2:c2:8f:9a:22:e4:e5:a4:44:18:9d:f9:5b:a4:
59:9f:00:cf:3e:cd:43:55:9c:b0:d3:61:e7:b3:86:
8f:dc:69:23:ea:c8:2d:b4:52:e2:ed:6d:fc:17:50:
67:26:7f:c8:6e:7d:3e:b2:b1:51:d7:fd:d1:fe:cb:
2d:4a:1a:7e:d0:ca:f9:98:55:6c:2c:02:5c:de:26:
0f:7b:89:42:5a:06:e9:3c:50:a3:a2:76:79:65:cd:
c7:38:0c:bc:30:b2:4c:87:5e:a8:6b:7d:07:1a:4c:
31:dc:f7:8b:98:25:cc:01:e9:43:85:6d:14:03:6d:
3e:f8:6d:2d:85:0f:41:00:39:00:f0:0e:bd:0d:b0:
67:2f:b7:e9:1e:a7:d0:a5:b7:8f:9d:b1:f4:92:25:
36:de:22:84:c3:c6:5d:81:5a:50:d5:84:43:c0:b6:
74:19:3e:53:c8:60:86:7e:33:6b:39:56:a2:e7:4a:
14:c8:18:c6:2a:65:61:7e:5a:6e:f3:fc:9d:08:23:
90:f6:7d:cb:6c:e8:9a:66:a2:40:00:d0:f9:04:f0:
6e:d8:3f:e4:e0:74:64:9e:19:7e:f5:a8:1a:20:7a:
db:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:50:20:49:8C:86:D2:0E:B9:81:4D:E5:AE:46:3C:C8:26:06:BF:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8020::/48
Signature Algorithm: sha256WithRSAEncryption
35:09:89:e1:f8:86:b5:10:40:6a:e2:6f:69:18:de:a5:4b:e6:
0f:91:3a:cb:0b:0e:d5:82:b7:cc:a4:7b:72:67:85:53:c8:1a:
96:a1:81:36:01:51:d1:c9:f8:93:e3:db:c7:f2:45:d2:8e:27:
ca:43:9e:d9:ea:ac:7b:f1:c4:ea:92:49:07:6e:b0:b4:7a:16:
78:f4:3e:92:7c:ca:71:5f:d7:79:7b:b3:1d:54:03:49:44:b2:
40:55:96:69:24:b2:71:6a:36:12:cf:37:08:d0:e0:1a:e9:a6:
04:11:19:e1:29:5c:c4:56:94:38:09:63:d0:54:42:10:6c:2b:
50:4f:c8:ab:d5:e3:ea:0e:c9:3d:d2:0f:af:3a:fe:9f:d0:17:
2f:5d:4d:1e:47:a7:da:ba:c3:a5:64:a3:cf:14:26:83:75:30:
01:5c:e8:c1:5e:63:b0:a2:22:96:f5:3c:50:8e:d7:45:45:e5:
d6:18:0e:a8:00:7b:6d:4b:3d:c1:fe:b8:fd:d2:3f:6a:93:91:
c8:b0:05:e7:d9:0d:d8:f1:eb:a3:f0:4b:81:5a:dc:60:a8:69:
68:31:33:83:85:5a:f6:cb:9b:d5:16:e4:69:e1:6a:2b:b7:8c:
e1:11:de:72:11:d1:25:31:96:60:bd:63:b7:d6:28:4f:bf:03:
e0:64:d4:23
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUS9cVUAVf0Ok5eAYYMKFVxIdIHMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwNDlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyNzFkNThjYWI2OGVlYjA0NjM5ZGU2YWRmZmM4NTk1MWNlYWVmNmM0ZWE5
MjJlNjFjZjRhNWVkYzYwYmMyNjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMurReVPtdLtzpTBe+j51sbP2fELZnTWYLZH4JIf8LCj5oi5OWkRBid+Vuk
WZ8Azz7NQ1WcsNNh57OGj9xpI+rILbRS4u1t/BdQZyZ/yG59PrKxUdf90f7LLUoa
ftDK+ZhVbCwCXN4mD3uJQloG6TxQo6J2eWXNxzgMvDCyTIdeqGt9BxpMMdz3i5gl
zAHpQ4VtFANtPvhtLYUPQQA5APAOvQ2wZy+36R6n0KW3j52x9JIlNt4ihMPGXYFa
UNWEQ8C2dBk+U8hghn4zazlWoudKFMgYxiplYX5abvP8nQgjkPZ9y2zommaiQADQ
+QTwbtg/5OB0ZJ4ZfvWoGiB626cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQnUCBJ
jIbSDrmBTeWuRjzIJga/NjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTlhMjk4NGUtOTQyYS00MjgwLWFjMGItOTA0Yzk4NjBhZjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
IDANBgkqhkiG9w0BAQsFAAOCAQEANQmJ4fiGtRBAauJvaRjepUvmD5E6ywsO1YK3
zKR7cmeFU8galqGBNgFR0cn4k+Pbx/JF0o4nykOe2eqse/HE6pJJB26wtHoWePQ+
knzKcV/XeXuzHVQDSUSyQFWWaSSycWo2Es83CNDgGummBBEZ4SlcxFaUOAlj0FRC
EGwrUE/Iq9Xj6g7JPdIPrzr+n9AXL11NHken2rrDpWSjzxQmg3UwAVzowV5jsKIi
lvU8UI7XRUXl1hgOqAB7bUs9wf64/dI/apORyLAF59kN2PHro/BLgVrcYKhpaDEz
g4Va9sub1RbkaeFqK7eM4RHechHRJTGWYL1jt9YoT78D4GTUIw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:41 2025 by rpki-client