Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4097b6b4-475f-4f96-9d5e-88c08f2c5804.roa
File: 4097b6b4-475f-4f96-9d5e-88c08f2c5804.roa (raw, json)
Hash identifier: 3QmJHw6YF9G8Y0TO53+r2oYekco07oJQ5ICKOnNxVo4=
Subject key identifier: 74:70:C9:3A:57:2F:6D:C6:87:44:98:5D:1B:A3:60:50:F2:19:D8:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 278E01436596E4AE7ABD21FEA41BC08835107B81
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4097b6b4-475f-4f96-9d5e-88c08f2c5804.roa
Signing time: Mon 16 Jun 2025 20:40:53 +0000
ROA not before: Mon 16 Jun 2025 20:40:53 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:4080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:8e:01:43:65:96:e4:ae:7a:bd:21:fe:a4:1b:c0:88:35:10:7b:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:40:53 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8dd926d2fe6313bc3eba732003937908fcc3693cf2f182641c599a964d1fc7d2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:09:e1:59:cc:c3:02:6d:8a:95:7b:e8:68:85:
ea:9c:bf:08:63:45:4d:c9:c8:16:7e:39:55:18:8d:
9c:92:9a:74:98:41:b0:7b:ab:46:64:bc:61:c3:70:
74:03:d8:74:c4:cf:8b:4a:98:19:3d:3e:29:49:2e:
89:e1:62:52:74:6d:3c:ce:85:70:aa:0c:84:fd:78:
e5:a0:fd:be:c0:4f:ee:0e:fa:dd:73:c6:98:1d:5f:
ae:59:e6:be:76:b2:b2:02:d2:14:04:80:26:f0:40:
2e:77:70:77:bb:29:82:5c:76:95:f7:a0:e0:be:53:
12:69:9a:41:fe:6b:6e:2d:d7:ef:d9:53:0e:01:76:
a2:e8:32:93:36:37:38:b7:3c:fc:07:51:bb:4e:9b:
a3:56:b6:a4:be:b1:2a:e6:c0:15:d3:e6:98:ce:e6:
90:a1:6e:59:05:7e:63:93:e1:f3:91:1a:98:ab:1d:
6b:2f:31:f1:9a:ef:08:d1:f7:73:82:40:66:47:6e:
a9:18:39:40:36:a4:26:5c:85:c4:6e:ec:a7:47:7c:
a5:b2:58:11:aa:ae:05:2f:98:fc:4d:03:51:4b:36:
ff:dd:86:5f:3e:e3:e0:7a:c9:42:6c:52:ed:14:e0:
89:89:51:13:43:a9:7b:d0:9d:ad:4a:00:70:e4:e4:
32:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:70:C9:3A:57:2F:6D:C6:87:44:98:5D:1B:A3:60:50:F2:19:D8:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4097b6b4-475f-4f96-9d5e-88c08f2c5804.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:4080::/46
Signature Algorithm: sha256WithRSAEncryption
1d:ca:b5:6a:eb:f4:cc:f8:86:31:53:2e:40:10:1a:52:ab:5b:
b1:5b:3e:b9:4f:d9:77:1f:da:ee:1f:3a:16:cf:c9:f5:62:70:
be:71:8f:34:da:05:fb:2a:bf:c8:06:05:69:29:d1:9e:23:03:
0d:d2:eb:d3:75:2c:33:e7:23:88:28:65:d2:be:de:10:bb:5c:
e0:55:dd:fd:a0:e7:c6:0a:0f:d2:e2:1a:cc:c1:89:14:18:c2:
82:b0:ec:3d:76:bb:02:1a:6f:50:f2:11:49:bb:88:6c:4a:99:
e3:58:f6:3d:5d:6a:36:98:54:ef:04:6e:63:a3:a3:ca:42:35:
2d:dd:3c:ca:fb:6c:d4:e6:82:79:fd:79:d2:9d:28:25:0b:15:
04:6a:a9:1b:28:69:0b:7f:b5:0b:28:26:d6:52:61:a9:1b:aa:
9a:a2:c6:90:11:77:79:d7:e7:00:0e:b5:49:cd:5d:c4:97:2b:
55:13:d6:dd:94:b4:5b:70:7c:72:69:2e:85:0d:37:69:48:41:
af:a8:3e:8b:59:84:22:d7:12:a2:9d:da:51:4e:82:84:db:04:
9c:37:24:81:45:18:07:ef:d7:0b:ba:9b:ae:f1:ca:8e:b0:cd:
cd:0b:4e:c1:22:3b:73:80:2d:33:ba:97:3c:da:14:b1:e0:e4:
73:23:40:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJ44BQ2WW5K56vSH+pBvAiDUQe4EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDQwNTNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkZDkyNmQyZmU2MzEzYmMzZWJhNzMyMDAzOTM3OTA4ZmNjMzY5M2NmMmYx
ODI2NDFjNTk5YTk2NGQxZmM3ZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIkJ4VnMwwJtipV76GiF6py/CGNFTcnIFn45VRiNnJKadJhBsHurRmS8YcNw
dAPYdMTPi0qYGT0+KUkuieFiUnRtPM6FcKoMhP145aD9vsBP7g763XPGmB1frlnm
vnaysgLSFASAJvBALndwd7spglx2lfeg4L5TEmmaQf5rbi3X79lTDgF2ougykzY3
OLc8/AdRu06bo1a2pL6xKubAFdPmmM7mkKFuWQV+Y5Ph85EamKsday8x8ZrvCNH3
c4JAZkduqRg5QDakJlyFxG7sp0d8pbJYEaquBS+Y/E0DUUs2/92GXz7j4HrJQmxS
7RTgiYlRE0Ope9CdrUoAcOTkMs8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR0cMk6
Vy9txodEmF0bo2BQ8hnYPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA5N2I2YjQtNDc1Zi00Zjk2LTlkNWUtODhjMDhmMmM1ODA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DVA
gDANBgkqhkiG9w0BAQsFAAOCAQEAHcq1auv0zPiGMVMuQBAaUqtbsVs+uU/Zdx/a
7h86Fs/J9WJwvnGPNNoF+yq/yAYFaSnRniMDDdLr03UsM+cjiChl0r7eELtc4FXd
/aDnxgoP0uIazMGJFBjCgrDsPXa7AhpvUPIRSbuIbEqZ41j2PV1qNphU7wRuY6Oj
ykI1Ld08yvts1OaCef150p0oJQsVBGqpGyhpC3+1Cygm1lJhqRuqmqLGkBF3edfn
AA61Sc1dxJcrVRPW3ZS0W3B8cmkuhQ03aUhBr6g+i1mEItcSop3aUU6ChNsEnDck
gUUYB+/XC7qbrvHKjrDNzQtOwSI7c4AtM7qXPNoUseDkcyNAjw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:32:20 2025 by rpki-client