Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42fc7c20-224c-4e3b-8c6c-851926d0e396.roa
File: 42fc7c20-224c-4e3b-8c6c-851926d0e396.roa (raw, json)
Hash identifier: 5Ykqa0vCsmhVLkMDjXiwPHDhNtkzj2h60r/pu8cmTW4=
Subject key identifier: ED:4F:BF:AB:25:E2:31:EE:08:27:7B:9B:B9:AF:F4:1F:33:87:4D:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6ED974E9C35C858FA74CB6C5718462E71253F453
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42fc7c20-224c-4e3b-8c6c-851926d0e396.roa
Signing time: Wed 25 Jun 2025 00:50:06 +0000
ROA not before: Wed 25 Jun 2025 00:50:06 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:d9:74:e9:c3:5c:85:8f:a7:4c:b6:c5:71:84:62:e7:12:53:f4:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 25 00:50:06 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=bd66329ba0c382169e1e5f32c8335108dc4c7ff5b82b84d3d771bf2021461086, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:23:3d:00:e8:b9:fb:00:d8:48:49:ad:44:05:
00:fc:5e:f9:44:fc:55:d4:0b:13:2f:46:1d:f0:e6:
09:4f:c4:57:4c:05:6f:c5:52:b8:e6:c6:d3:0e:9e:
ce:5c:1c:7d:f7:1c:b3:1c:1a:2f:e0:bc:32:b2:2d:
b9:f7:e4:1c:16:ac:3d:d2:e0:c1:bb:70:c7:cf:00:
89:96:1d:20:21:73:cd:8d:57:99:f6:aa:3b:be:86:
ae:59:9e:02:f0:92:c5:ab:e0:e5:07:d4:f8:f7:f3:
b1:53:a1:12:cc:3c:34:c9:5e:8f:5e:1c:7d:f2:f2:
f8:b3:96:03:88:fb:36:83:98:55:a1:3d:00:12:f4:
2a:1e:bb:62:a7:6c:fc:91:d6:95:75:a8:93:81:49:
9f:8f:f6:4e:80:c3:53:c9:ac:f3:3a:e9:f8:58:1c:
31:fc:d9:65:25:e6:91:f8:9f:e4:df:69:bd:3c:5a:
d6:3e:d6:89:bd:4b:1a:f1:26:09:f2:0f:e5:54:14:
0a:fa:80:aa:ba:5a:76:7f:33:ab:6c:3e:28:ab:e0:
80:df:9b:63:f6:57:f6:06:2d:f0:75:9c:14:6d:9e:
4d:aa:44:17:eb:ce:30:93:b1:6e:db:a0:67:22:a6:
a2:e5:cf:7d:af:b1:a8:ee:dc:72:b8:6d:4e:d1:2c:
61:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:4F:BF:AB:25:E2:31:EE:08:27:7B:9B:B9:AF:F4:1F:33:87:4D:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42fc7c20-224c-4e3b-8c6c-851926d0e396.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:c000::/40
Signature Algorithm: sha256WithRSAEncryption
76:05:0f:2e:1e:c8:3b:4e:3e:32:e9:7c:9c:8c:9d:c3:6d:c1:
89:9a:93:02:09:79:3e:6a:3d:12:2a:6e:1c:78:13:fa:5a:78:
d9:20:e3:5d:12:30:44:da:29:d8:9b:43:2e:c7:9d:d6:91:bd:
16:77:17:46:20:db:46:34:6c:11:9c:07:f2:32:db:cf:15:69:
d6:6b:c3:77:fa:a4:ab:bd:b6:f4:f2:a0:10:8e:e4:e9:96:a0:
68:6e:d7:ee:61:a3:a6:fb:9b:1a:a0:85:8c:b0:09:a5:ca:92:
a8:3d:09:13:99:2c:82:21:34:67:99:66:c7:53:5f:87:81:05:
b1:5e:f2:fb:f8:aa:68:a6:1b:5c:f0:0b:a5:f7:63:75:ef:e6:
41:0c:0e:4b:18:ee:f9:c1:6e:9a:96:25:3a:27:13:14:c6:7e:
05:d8:46:1e:a0:68:61:c4:02:53:f9:1d:5a:0e:22:d4:fb:80:
73:f0:4a:08:e7:98:54:d8:b3:34:32:77:e9:15:2c:6f:a6:de:
01:fa:c0:73:70:10:6b:7d:6a:cf:b5:85:31:38:11:3f:87:8b:
49:8d:db:c2:97:15:f4:5a:10:fb:02:a1:a9:d9:42:aa:ad:72:
53:05:7b:d1:a6:55:4d:d2:cb:1c:99:25:33:e3:83:60:f9:42:
ca:db:ad:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbtl06cNchY+nTLbFcYRi5xJT9FMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjUwMDUwMDZaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkNjYzMjliYTBjMzgyMTY5ZTFlNWYzMmM4MzM1MTA4ZGM0YzdmZjViODJi
ODRkM2Q3NzFiZjIwMjE0NjEwODYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOkjPQDoufsA2EhJrUQFAPxe+UT8VdQLEy9GHfDmCU/EV0wFb8VSuObG0w6e
zlwcffccsxwaL+C8MrItuffkHBasPdLgwbtwx88AiZYdICFzzY1XmfaqO76Grlme
AvCSxavg5QfU+PfzsVOhEsw8NMlej14cffLy+LOWA4j7NoOYVaE9ABL0Kh67Yqds
/JHWlXWok4FJn4/2ToDDU8ms8zrp+FgcMfzZZSXmkfif5N9pvTxa1j7Wib1LGvEm
CfIP5VQUCvqAqrpadn8zq2w+KKvggN+bY/ZX9gYt8HWcFG2eTapEF+vOMJOxbtug
ZyKmouXPfa+xqO7ccrhtTtEsYX0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTtT7+r
JeIx7ggne5u5r/QfM4dNEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDJmYzdjMjAtMjI0Yy00ZTNiLThjNmMtODUxOTI2ZDBlMzk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DLA
MA0GCSqGSIb3DQEBCwUAA4IBAQB2BQ8uHsg7Tj4y6XycjJ3DbcGJmpMCCXk+aj0S
Km4ceBP6WnjZIONdEjBE2inYm0Mux53Wkb0WdxdGINtGNGwRnAfyMtvPFWnWa8N3
+qSrvbb08qAQjuTplqBobtfuYaOm+5saoIWMsAmlypKoPQkTmSyCITRnmWbHU1+H
gQWxXvL7+Kpophtc8Aul92N17+ZBDA5LGO75wW6aliU6JxMUxn4F2EYeoGhhxAJT
+R1aDiLU+4Bz8EoI55hU2LM0MnfpFSxvpt4B+sBzcBBrfWrPtYUxOBE/h4tJjdvC
lxX0WhD7AqGp2UKqrXJTBXvRplVN0sscmSUz44Ng+ULK260E
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:15 2025 by rpki-client