Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
File: 4967c03f-f17b-42f4-bfca-8694bb963ab0.roa (raw, json)
Hash identifier: amekbI3Wpl9uTdJW+qmrgXiQzS/vnms0P7Wo3nimwdE=
Subject key identifier: 49:F0:4E:7C:A2:23:D5:5F:B5:58:52:40:34:68:83:35:04:72:EA:3B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5010D3FDABDD236AB73C756C784593F5586B289B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
Signing time: Mon 16 Jun 2025 19:51:50 +0000
ROA not before: Mon 16 Jun 2025 19:51:50 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:10:d3:fd:ab:dd:23:6a:b7:3c:75:6c:78:45:93:f5:58:6b:28:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:51:50 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=6f47a3346422014d1e686eccb5278ee7c8b9a80feddf83192facee15bd942cd1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ab:ec:a2:90:0f:c9:02:b8:4f:c4:4b:1c:53:
2d:53:50:5b:2b:63:27:d3:2c:89:d4:df:e6:b2:4f:
3c:3d:9f:49:68:ba:23:a6:f5:94:ac:b8:8f:4b:e9:
2d:52:77:9e:1b:5c:1f:23:61:2c:6d:9d:4b:58:bb:
65:1c:c6:b9:0a:28:bb:c6:d1:a3:02:f0:49:97:8a:
f1:e7:82:44:8c:38:43:b1:8f:c2:7e:77:10:e8:ae:
cd:16:ca:c7:7a:cf:3a:5f:0a:32:8d:d6:17:58:e1:
7f:46:08:56:36:3c:cd:57:b4:f1:20:ac:fc:23:6b:
3a:e6:e5:06:66:d0:f3:69:31:12:65:91:26:c1:b1:
16:7a:17:f9:a9:02:3a:00:e0:c3:9f:03:6a:b1:b3:
0c:08:fd:63:28:3f:86:db:e4:6c:e0:71:50:fb:f1:
ce:4e:2f:bf:95:51:c6:c8:e4:9c:ba:7e:e6:a9:49:
29:53:ac:73:74:1e:d1:59:5d:f0:46:ab:a7:dd:45:
87:e1:e3:b8:64:64:27:44:45:9a:73:49:b6:9c:2b:
ce:81:45:73:5e:b4:2e:39:97:00:b1:66:da:f4:38:
8a:40:38:7c:27:a5:6f:db:2c:77:bf:06:12:dc:e7:
bc:06:46:ce:75:9c:a5:e0:b1:da:7f:2c:06:bb:e3:
eb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:F0:4E:7C:A2:23:D5:5F:B5:58:52:40:34:68:83:35:04:72:EA:3B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9040::/48
Signature Algorithm: sha256WithRSAEncryption
b6:5b:d3:25:94:5f:a5:2d:85:63:df:df:1d:50:ca:3e:25:d1:
4c:4f:a6:ec:bf:d2:27:9a:52:cc:36:1c:02:05:f5:22:e6:a9:
13:e3:6c:2b:fd:4a:e5:38:26:37:b1:7f:71:88:ba:cb:d9:e3:
35:bf:19:57:f9:09:9a:f5:f6:7f:f1:b3:a2:b5:78:73:12:7b:
91:3c:8c:67:f0:30:b5:38:3c:1f:45:f4:2c:ad:6a:58:51:78:
28:56:c3:f9:16:9e:f1:e1:0e:7c:08:a3:a8:0d:c6:85:69:5d:
ca:b3:c2:0b:84:c3:80:9f:85:fe:bc:cf:d4:19:93:23:bf:0e:
24:7f:3f:42:a5:80:17:ee:84:85:07:8c:49:cd:89:d2:d6:ed:
6e:d6:45:0e:2b:52:0a:d9:7b:84:85:26:e1:fc:63:ad:ea:18:
c2:f9:97:c0:8c:91:a9:03:04:2a:a3:ac:27:d5:e3:22:85:cf:
36:97:b7:6c:60:e3:76:0f:95:a0:9c:34:17:2a:5d:8c:31:09:
66:ed:c1:2a:f8:11:78:29:57:8b:a5:04:af:19:ac:c9:3f:61:
7c:3e:32:47:75:06:8b:c1:86:b2:54:52:84:ae:57:c5:93:f1:
cb:b8:ce:4f:87:51:12:ca:6c:ef:85:ac:0f:d4:07:75:6d:65:
40:b2:cd:41
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUBDT/avdI2q3PHVseEWT9VhrKJswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUxNTBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmNDdhMzM0NjQyMjAxNGQxZTY4NmVjY2I1Mjc4ZWU3YzhiOWE4MGZlZGRm
ODMxOTJmYWNlZTE1YmQ5NDJjZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALar7KKQD8kCuE/ESxxTLVNQWytjJ9MsidTf5rJPPD2fSWi6I6b1lKy4j0vp
LVJ3nhtcHyNhLG2dS1i7ZRzGuQoou8bRowLwSZeK8eeCRIw4Q7GPwn53EOiuzRbK
x3rPOl8KMo3WF1jhf0YIVjY8zVe08SCs/CNrOublBmbQ82kxEmWRJsGxFnoX+akC
OgDgw58DarGzDAj9Yyg/htvkbOBxUPvxzk4vv5VRxsjknLp+5qlJKVOsc3Qe0Vld
8Earp91Fh+HjuGRkJ0RFmnNJtpwrzoFFc160LjmXALFm2vQ4ikA4fCelb9ssd78G
EtznvAZGznWcpeCx2n8sBrvj6+kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRJ8E58
oiPVX7VYUkA0aIM1BHLqOzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDk2N2MwM2YtZjE3Yi00MmY0LWJmY2EtODY5NGJiOTYzYWIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAtlvTJZRfpS2FY9/fHVDKPiXRTE+m7L/SJ5pS
zDYcAgX1IuapE+NsK/1K5TgmN7F/cYi6y9njNb8ZV/kJmvX2f/GzorV4cxJ7kTyM
Z/AwtTg8H0X0LK1qWFF4KFbD+Rae8eEOfAijqA3GhWldyrPCC4TDgJ+F/rzP1BmT
I78OJH8/QqWAF+6EhQeMSc2J0tbtbtZFDitSCtl7hIUm4fxjreoYwvmXwIyRqQME
KqOsJ9XjIoXPNpe3bGDjdg+VoJw0FypdjDEJZu3BKvgReClXi6UErxmsyT9hfD4y
R3UGi8GGslRShK5XxZPxy7jOT4dREsps74WsD9QHdW1lQLLNQQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:23 2025 by rpki-client