Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa
File: 4a7b2b27-8130-47da-97da-78c91087b05e.roa (raw, json)
Hash identifier: H5oiNBacZWMqyqrK+y+wLSkhJh6w86kI3pno78XGan8=
Subject key identifier: 41:E5:72:A9:47:C2:0D:BD:A1:8A:A7:FC:8F:A4:7C:3E:32:35:5C:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 560D017B31A48FB87CC6A7638A395CF3986E2DD8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa
Signing time: Mon 16 Jun 2025 19:51:56 +0000
ROA not before: Mon 16 Jun 2025 19:51:56 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:0d:01:7b:31:a4:8f:b8:7c:c6:a7:63:8a:39:5c:f3:98:6e:2d:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:51:56 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=422456e9b152021f6324f6b192cbe4185d85cae09a9f10ca5710ffb76aced990, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7b:4c:37:15:92:88:8f:8b:2e:9b:58:0d:f6:
bd:f0:59:90:c3:f7:22:26:8b:3e:41:56:ee:14:2e:
6f:e0:cc:6b:2b:31:14:90:44:00:45:fa:69:1b:6d:
62:48:42:1d:6a:50:a1:52:53:2e:b9:2e:7a:86:75:
43:96:37:0c:cf:62:59:2b:cd:b2:e6:7e:ee:7d:13:
7c:85:5b:3a:55:cc:c0:2f:a1:53:c0:a0:ff:5b:60:
2c:01:3d:a2:fa:4f:b5:34:f6:af:41:99:0e:81:98:
fb:e8:94:91:3f:74:20:31:2f:b1:1f:ec:a9:bf:81:
9b:aa:1f:0c:c4:06:a0:3c:b3:cd:cc:9d:1d:4d:fa:
fe:b8:dd:4a:84:12:2e:62:53:48:31:4a:e8:2e:33:
10:c2:40:95:03:57:77:f2:56:b5:e0:5d:b9:90:43:
ae:d8:99:92:db:42:cf:f4:5b:c0:fc:ec:d3:45:55:
ea:22:7a:d2:94:e9:4f:b4:a6:53:91:35:1c:b6:54:
8f:99:f0:e2:4d:5c:9b:96:9c:e0:29:cc:27:2c:c8:
ac:9c:c5:22:cf:7a:3c:8b:d1:f2:0e:ae:af:93:cf:
19:50:eb:8c:a5:7b:14:1f:0d:0a:41:1e:af:60:dd:
85:bc:2a:1a:b8:49:89:e9:f3:9a:82:71:7c:c6:dc:
7f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E5:72:A9:47:C2:0D:BD:A1:8A:A7:FC:8F:A4:7C:3E:32:35:5C:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c040::/48
Signature Algorithm: sha256WithRSAEncryption
2f:a4:48:38:19:b0:fe:b9:97:1a:e9:23:1d:e9:df:8f:dc:a2:
31:41:e1:12:b9:50:cd:d8:a1:a2:d8:69:dc:57:61:18:77:83:
7a:29:b2:6f:d7:c4:6d:51:0a:8f:4a:08:44:f0:19:4b:17:6c:
c4:c7:84:0c:04:5f:a7:8f:1f:5d:05:f1:6c:15:8f:b9:3d:b6:
fe:43:81:1c:f7:13:15:a0:ac:5f:69:58:9a:ad:cb:98:23:13:
6a:c1:0d:fb:4e:ac:27:b3:8f:e8:bf:f2:12:61:c2:88:c9:35:
dc:4a:57:b7:c8:56:74:cd:bf:b7:7d:44:e2:b1:e0:7a:83:5e:
d6:ea:2b:a0:50:5f:7e:c3:4c:a4:db:c2:7b:72:6f:a1:e7:78:
f7:61:b6:4c:86:55:e2:d3:05:8e:93:9f:02:8c:3e:e8:57:c0:
b0:78:cf:fa:f2:bf:2e:f3:b0:ee:bf:2d:a9:c6:5e:d9:30:b0:
44:04:e3:cb:a5:95:8e:68:61:04:c3:e5:65:23:41:6b:bb:5c:
70:bc:42:bb:05:ba:13:4c:17:d8:4c:65:5f:d1:77:f0:0a:36:
23:f1:91:29:cf:61:2d:af:d0:15:22:9f:67:41:f2:60:3b:70:
3e:a5:e4:51:eb:5f:5c:79:94:24:a2:5f:01:16:ad:47:b1:3a:
ec:ce:9b:47
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVg0BezGkj7h8xqdjijlc85huLdgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUxNTZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyMjQ1NmU5YjE1MjAyMWY2MzI0ZjZiMTkyY2JlNDE4NWQ4NWNhZTA5YTlm
MTBjYTU3MTBmZmI3NmFjZWQ5OTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALd7TDcVkoiPiy6bWA32vfBZkMP3IiaLPkFW7hQub+DMaysxFJBEAEX6aRtt
YkhCHWpQoVJTLrkueoZ1Q5Y3DM9iWSvNsuZ+7n0TfIVbOlXMwC+hU8Cg/1tgLAE9
ovpPtTT2r0GZDoGY++iUkT90IDEvsR/sqb+Bm6ofDMQGoDyzzcydHU36/rjdSoQS
LmJTSDFK6C4zEMJAlQNXd/JWteBduZBDrtiZkttCz/RbwPzs00VV6iJ60pTpT7Sm
U5E1HLZUj5nw4k1cm5ac4CnMJyzIrJzFIs96PIvR8g6ur5PPGVDrjKV7FB8NCkEe
r2DdhbwqGrhJienzmoJxfMbcf8kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRB5XKp
R8INvaGKp/yPpHw+MjVcAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGE3YjJiMjctODEzMC00N2RhLTk3ZGEtNzhjOTEwODdiMDVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
QDANBgkqhkiG9w0BAQsFAAOCAQEAL6RIOBmw/rmXGukjHenfj9yiMUHhErlQzdih
othp3FdhGHeDeimyb9fEbVEKj0oIRPAZSxdsxMeEDARfp48fXQXxbBWPuT22/kOB
HPcTFaCsX2lYmq3LmCMTasEN+06sJ7OP6L/yEmHCiMk13EpXt8hWdM2/t31E4rHg
eoNe1uoroFBffsNMpNvCe3Jvoed492G2TIZV4tMFjpOfAow+6FfAsHjP+vK/LvOw
7r8tqcZe2TCwRATjy6WVjmhhBMPlZSNBa7tccLxCuwW6E0wX2ExlX9F38Ao2I/GR
Kc9hLa/QFSKfZ0HyYDtwPqXkUetfXHmUJKJfARatR7E67M6bRw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:56:41 2025 by rpki-client