Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a3909fa-da3d-4cd8-918f-7755304d49d1.roa
File: 4a3909fa-da3d-4cd8-918f-7755304d49d1.roa (raw, json)
Hash identifier: wPE929rmFgehKea4L/2qdRhlW0swr9oXfzFdkCzo/Os=
Subject key identifier: EB:EC:72:DA:CC:85:09:55:B3:3B:7B:6E:98:B7:6B:D2:0F:56:38:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 718142862914AF7B147EE1AB6242EC2FDFF2FD0C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a3909fa-da3d-4cd8-918f-7755304d49d1.roa
Signing time: Tue 17 Jun 2025 00:40:37 +0000
ROA not before: Tue 17 Jun 2025 00:40:37 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:81:42:86:29:14:af:7b:14:7e:e1:ab:62:42:ec:2f:df:f2:fd:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:37 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=47dd6a615942cfbfdf19f58a940812cfb179ddaaa0d8c7be2560eb25ace3e041, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a7:c3:e9:bd:6b:2b:7f:56:f9:c8:b9:ea:1e:
1d:19:a8:5e:d9:8f:d7:15:9b:60:c2:24:27:0e:78:
b9:32:b1:d3:11:f2:32:2f:2a:1f:80:ed:3f:f7:1f:
09:90:86:cd:7f:38:9f:73:9a:53:a2:af:0c:90:6f:
34:ea:2b:d2:e4:90:10:d5:bb:0e:c9:00:65:a3:e4:
b6:3c:fb:db:31:67:5e:fc:56:fc:9d:7f:07:0b:15:
4a:58:50:7c:aa:a3:65:4d:7b:e9:59:8e:e0:92:26:
bb:84:e8:93:cb:7f:08:d4:8a:48:b4:bd:10:c5:7c:
37:ae:e4:a0:c1:bb:87:8e:e8:e7:db:b0:46:c5:39:
24:39:50:7e:9c:a3:1e:e8:ee:c4:d3:cc:12:55:af:
a7:f4:89:3b:ef:50:4b:35:f0:c8:68:4b:1e:e4:31:
df:ec:5e:0d:20:8d:84:e2:0c:ab:37:ec:b2:ed:c4:
70:36:e9:cb:55:44:a9:ae:a1:4f:f4:8c:1c:01:3e:
bf:75:10:c8:4a:4f:d1:d2:5b:b5:e7:a8:12:f5:19:
7b:09:02:8a:f1:9c:f8:e4:c7:70:1f:99:46:52:b7:
1b:73:97:26:73:ad:d1:eb:f3:ec:06:4f:5d:81:30:
8e:c9:c5:34:df:ec:ab:80:35:52:f0:1c:9e:a2:63:
bf:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:EC:72:DA:CC:85:09:55:B3:3B:7B:6E:98:B7:6B:D2:0F:56:38:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a3909fa-da3d-4cd8-918f-7755304d49d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:a000::/40
Signature Algorithm: sha256WithRSAEncryption
bb:41:7d:63:96:99:84:20:72:31:bb:70:3b:86:48:8b:a0:2a:
54:e2:45:7b:cb:90:88:ee:33:a0:53:a0:47:2d:a8:b7:17:49:
b8:65:68:c9:34:c2:de:d7:90:74:2e:8f:a1:80:a6:0d:c3:58:
a4:2d:75:85:ec:a6:0b:6a:da:cc:9b:e2:64:af:b4:31:dc:5a:
58:3b:38:c2:24:ed:27:30:75:aa:d0:4c:e7:77:af:f7:e5:9b:
e2:8e:82:28:67:35:e7:0e:2f:75:4e:db:a8:68:99:d8:0d:2b:
49:66:0f:47:95:73:40:9d:d3:e9:bf:9e:ff:36:df:0e:c1:c4:
ed:5f:67:b1:a5:9d:32:a7:88:f7:71:b0:c7:87:db:20:48:0e:
55:57:88:5a:bd:57:19:15:be:b2:d9:bc:7e:0d:c7:bd:af:b0:
66:98:e4:06:e0:b3:f3:9c:a8:c2:08:d8:6b:5b:97:a1:21:f6:
9a:3a:22:f0:c5:5c:23:76:da:16:f7:eb:d1:56:8c:3f:00:59:
0f:98:6c:81:d5:84:f0:21:50:6b:5f:ff:d0:ff:2d:4c:b7:e4:
b1:84:a9:a1:2a:86:f4:70:9e:d9:df:17:62:d2:4b:18:da:d1:
f5:69:69:b2:62:dc:e9:71:7f:64:b7:49:e9:8e:58:c6:a5:79:
73:cc:5f:51
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcYFChikUr3sUfuGrYkLsL9/y/QwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQwMzdaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3ZGQ2YTYxNTk0MmNmYmZkZjE5ZjU4YTk0MDgxMmNmYjE3OWRkYWFhMGQ4
YzdiZTI1NjBlYjI1YWNlM2UwNDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANmnw+m9ayt/VvnIueoeHRmoXtmP1xWbYMIkJw54uTKx0xHyMi8qH4DtP/cf
CZCGzX84n3OaU6KvDJBvNOor0uSQENW7DskAZaPktjz72zFnXvxW/J1/BwsVSlhQ
fKqjZU176VmO4JImu4Tok8t/CNSKSLS9EMV8N67koMG7h47o59uwRsU5JDlQfpyj
HujuxNPMElWvp/SJO+9QSzXwyGhLHuQx3+xeDSCNhOIMqzfssu3EcDbpy1VEqa6h
T/SMHAE+v3UQyEpP0dJbteeoEvUZewkCivGc+OTHcB+ZRlK3G3OXJnOt0evz7AZP
XYEwjsnFNN/sq4A1UvAcnqJjv8kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTr7HLa
zIUJVbM7e26Yt2vSD1Y4PzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGEzOTA5ZmEtZGEzZC00Y2Q4LTkxOGYtNzc1NTMwNGQ0OWQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+g
MA0GCSqGSIb3DQEBCwUAA4IBAQC7QX1jlpmEIHIxu3A7hkiLoCpU4kV7y5CI7jOg
U6BHLai3F0m4ZWjJNMLe15B0Lo+hgKYNw1ikLXWF7KYLatrMm+Jkr7Qx3FpYOzjC
JO0nMHWq0Eznd6/35ZvijoIoZzXnDi91TtuoaJnYDStJZg9HlXNAndPpv57/Nt8O
wcTtX2expZ0yp4j3cbDHh9sgSA5VV4havVcZFb6y2bx+Dce9r7BmmOQG4LPznKjC
CNhrW5ehIfaaOiLwxVwjdtoW9+vRVow/AFkPmGyB1YTwIVBrX//Q/y1Mt+SxhKmh
Kob0cJ7Z3xdi0ksY2tH1aWmyYtzpcX9kt0npjljGpXlzzF9R
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:54:08 2025 by rpki-client