Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4277ae08-1702-42db-870f-5d701ebda87a.roa
File: 4277ae08-1702-42db-870f-5d701ebda87a.roa (raw, json)
Hash identifier: zNj2LYJf2A5AiojV0E1+hUIAfJkr++AEw5qavRVVpSc=
Subject key identifier: 8D:F6:88:B0:DB:E2:FF:69:E6:A6:21:AF:E5:61:08:2A:F4:03:67:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 64DB4854306CE23B875CC108E4DEACD8EAAFC8C7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4277ae08-1702-42db-870f-5d701ebda87a.roa
Signing time: Mon 16 Jun 2025 20:51:04 +0000
ROA not before: Mon 16 Jun 2025 20:51:04 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:5040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:db:48:54:30:6c:e2:3b:87:5c:c1:08:e4:de:ac:d8:ea:af:c8:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:51:04 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=ef6e86020a245a6f3df1c676bb995f11b590d40671c5ce51211bf502f0307cc0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7e:25:41:ca:19:8e:a7:50:65:0d:44:93:74:
6c:1d:d0:b1:cf:2f:d3:7c:cd:06:ca:3e:f8:29:79:
a2:5b:d7:dd:f6:7f:09:25:ca:8d:18:e4:94:7f:be:
57:a5:4a:18:f5:48:87:8f:33:9b:a5:5e:f1:05:fa:
f1:fb:fc:bf:cd:50:fa:c1:77:86:c1:4c:b9:96:e7:
fd:56:05:8f:b3:93:db:09:db:82:22:44:83:cf:eb:
40:06:8a:02:d2:5a:cf:c5:94:98:96:91:87:7e:6e:
c2:0c:cd:ec:dd:9a:4d:b7:0a:a8:0a:30:5c:1a:84:
01:19:04:85:da:de:ca:d4:e1:30:65:f9:6f:7e:ff:
fc:54:ab:88:cf:3f:fa:54:d6:49:c1:7a:30:95:96:
bd:1b:44:9a:3a:e9:1e:9d:26:83:ab:69:13:d1:d2:
7f:97:e8:a7:5c:80:3f:ff:42:76:65:91:29:23:40:
bf:c4:71:38:9b:de:21:96:81:4a:76:b7:4f:88:4e:
8b:1c:91:14:7b:d6:b8:4e:7e:5b:ec:e0:d3:f8:cd:
af:f8:0d:81:a4:b9:f5:5a:39:8d:ce:bb:3b:94:22:
01:2f:a3:55:7c:bc:d8:c1:37:18:8a:7f:55:55:d3:
c2:6d:48:15:b5:5a:69:41:af:dc:a8:82:8e:72:08:
0f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F6:88:B0:DB:E2:FF:69:E6:A6:21:AF:E5:61:08:2A:F4:03:67:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4277ae08-1702-42db-870f-5d701ebda87a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:5040::/46
Signature Algorithm: sha256WithRSAEncryption
18:b9:5b:cb:cc:81:b9:bd:e9:ad:b4:83:a1:eb:8b:a2:13:bc:
6c:6e:3a:14:27:1a:34:52:c0:c2:96:49:4d:a1:12:54:9b:2b:
cf:17:86:da:96:97:05:25:c8:6e:ce:96:c0:f3:b2:7d:87:f6:
82:2a:81:5b:e3:b8:6a:09:f2:7a:c7:15:3e:a1:2d:ae:b6:43:
c3:2f:29:65:e4:4d:d6:45:24:4c:61:05:ff:41:7c:53:50:6a:
92:51:59:5c:c4:7a:b3:8b:36:61:7c:65:8a:9a:a8:03:84:37:
55:fe:0f:17:f9:a1:56:d8:62:eb:2e:4b:2d:bd:ba:19:bc:15:
85:a1:da:7c:17:75:ce:ed:e4:4a:5b:f6:4e:af:46:52:32:1b:
f8:22:8a:34:11:48:eb:c2:c9:cc:65:f7:c5:92:12:d4:be:8c:
fa:99:fe:63:7c:e7:be:6f:eb:24:95:cf:e3:f3:7d:4b:7e:f4:
21:88:69:1a:37:1e:43:3b:cd:0c:f9:96:95:64:d1:37:6b:c1:
07:83:e2:d4:bf:c0:99:18:a1:93:82:26:2d:c1:de:b0:d0:93:
42:83:c7:85:66:4f:97:d4:ed:bf:e8:ac:ce:1c:eb:38:42:b5:
33:d6:24:fe:eb:29:56:a9:a2:48:a1:fd:68:31:e0:58:31:41:
4b:09:5a:90
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZNtIVDBs4juHXMEI5N6s2OqvyMcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDUxMDRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmNmU4NjAyMGEyNDVhNmYzZGYxYzY3NmJiOTk1ZjExYjU5MGQ0MDY3MWM1
Y2U1MTIxMWJmNTAyZjAzMDdjYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKB+JUHKGY6nUGUNRJN0bB3Qsc8v03zNBso++Cl5olvX3fZ/CSXKjRjklH++
V6VKGPVIh48zm6Ve8QX68fv8v81Q+sF3hsFMuZbn/VYFj7OT2wnbgiJEg8/rQAaK
AtJaz8WUmJaRh35uwgzN7N2aTbcKqAowXBqEARkEhdreytThMGX5b37//FSriM8/
+lTWScF6MJWWvRtEmjrpHp0mg6tpE9HSf5fop1yAP/9CdmWRKSNAv8RxOJveIZaB
Sna3T4hOixyRFHvWuE5+W+zg0/jNr/gNgaS59Vo5jc67O5QiAS+jVXy82ME3GIp/
VVXTwm1IFbVaaUGv3KiCjnIID58CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSN9oiw
2+L/aeamIa/lYQgq9ANnyzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDI3N2FlMDgtMTcwMi00MmRiLTg3MGYtNWQ3MDFlYmRhODdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DVQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAGLlby8yBub3prbSDoeuLohO8bG46FCcaNFLA
wpZJTaESVJsrzxeG2paXBSXIbs6WwPOyfYf2giqBW+O4agnyescVPqEtrrZDwy8p
ZeRN1kUkTGEF/0F8U1BqklFZXMR6s4s2YXxlipqoA4Q3Vf4PF/mhVthi6y5LLb26
GbwVhaHafBd1zu3kSlv2Tq9GUjIb+CKKNBFI68LJzGX3xZIS1L6M+pn+Y3znvm/r
JJXP4/N9S370IYhpGjceQzvNDPmWlWTRN2vBB4Pi1L/AmRihk4ImLcHesNCTQoPH
hWZPl9Ttv+iszhzrOEK1M9Yk/uspVqmiSKH9aDHgWDFBSwlakA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:25 2025 by rpki-client