Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
File: 4aa6172c-f263-4645-8d7a-40a15aee233f.roa (raw, json)
Hash identifier: wGwyDg/GIR46cQRYPlKNp8szK1NACKqYMeWQSlxllJI=
Subject key identifier: 94:0F:DC:5A:AB:2B:B8:04:73:39:B0:6E:C5:2C:F7:EF:A7:ED:5C:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4063AA8043980E125860D79570BF4F549DC1328F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
Signing time: Mon 16 Jun 2025 21:10:42 +0000
ROA not before: Mon 16 Jun 2025 21:10:42 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:63:aa:80:43:98:0e:12:58:60:d7:95:70:bf:4f:54:9d:c1:32:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:10:42 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8507f913f042c679aaf231c22e678fc51a4760be7b80fcce32d8f22d3ac90300, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:70:e0:52:88:f2:8c:5a:14:9e:2c:94:cc:f0:
7e:7c:4f:45:29:74:cd:3a:05:c4:0b:cd:50:9c:d7:
88:8c:1c:d3:de:57:05:7c:e5:4b:a7:44:fd:44:d6:
7c:40:23:82:46:1d:f2:d6:82:f1:52:0e:f7:c3:ed:
e4:38:98:9d:91:bf:6a:76:eb:6b:0d:81:95:93:42:
b2:ab:99:31:47:1e:84:54:7a:98:23:f6:9a:3d:f6:
60:7a:e1:b1:94:af:06:6c:75:f7:35:f3:5c:8f:df:
20:3e:59:59:d5:ba:ec:3b:f7:ae:b3:13:22:b5:e1:
6a:7f:05:ac:67:8d:07:d3:7e:26:b9:b9:9d:e7:ce:
3e:8d:4c:e0:a8:6c:5c:52:d0:58:9d:14:de:f5:3f:
41:02:00:a9:7f:ae:fa:05:75:a7:b0:c3:ab:df:1d:
cf:9f:5c:db:2e:f9:fa:32:14:30:41:a5:f8:a3:38:
69:16:94:7e:4c:71:be:cd:18:3e:17:9e:e2:b1:ae:
cb:fa:a8:4e:92:e1:89:c1:cc:1a:4e:ee:24:b9:77:
e2:4e:4b:de:0d:05:3f:aa:d0:f0:15:5f:50:ee:0b:
d7:2b:2f:a3:b4:e7:b1:d7:36:62:52:e6:ee:09:9d:
a2:33:13:b8:d5:b5:a8:e3:44:c3:2e:f0:d6:71:76:
9f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:0F:DC:5A:AB:2B:B8:04:73:39:B0:6E:C5:2C:F7:EF:A7:ED:5C:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:8000::/40
Signature Algorithm: sha256WithRSAEncryption
aa:10:a0:fb:36:ca:cc:1c:21:c5:02:0a:c3:25:0d:fd:d4:0d:
73:ff:0d:45:47:f3:82:41:5a:41:ce:cd:82:1a:f7:ed:d2:02:
ee:7d:6b:de:68:8d:76:07:f9:a5:80:85:79:27:15:32:a0:ba:
85:8d:47:cc:e7:58:0b:44:50:ad:5d:85:93:be:e4:46:bc:ab:
39:65:21:b6:de:ed:94:fe:19:84:4c:04:45:2e:83:14:a0:02:
09:73:c5:d0:a8:14:d3:99:cd:07:36:5e:42:01:ec:52:f8:5c:
b5:22:13:c7:78:44:08:53:3a:31:0f:0e:15:75:03:a1:ab:c3:
f9:ae:93:ed:10:b6:56:71:6a:a6:73:77:50:a0:24:25:d2:46:
d9:22:43:a4:d0:59:8c:85:a6:a3:72:18:f6:39:9a:ec:01:d5:
f0:64:b1:07:71:95:ec:b6:8f:9d:fd:5b:95:02:57:5f:fd:99:
62:75:5c:e1:c9:37:28:04:1e:75:d7:00:d6:9f:24:20:48:1a:
ac:eb:2d:5c:ec:ba:64:e2:e2:a3:8d:26:c8:c5:e8:79:48:99:
63:e6:65:33:f7:38:16:a9:95:03:38:d7:51:4c:ba:aa:be:9e:
7c:22:fe:5d:ae:58:a2:7e:f8:a3:10:6e:e3:55:09:56:0d:b8:
ad:8a:e5:00
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQGOqgEOYDhJYYNeVcL9PVJ3BMo8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTEwNDJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1MDdmOTEzZjA0MmM2NzlhYWYyMzFjMjJlNjc4ZmM1MWE0NzYwYmU3Yjgw
ZmNjZTMyZDhmMjJkM2FjOTAzMDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANhw4FKI8oxaFJ4slMzwfnxPRSl0zToFxAvNUJzXiIwc095XBXzlS6dE/UTW
fEAjgkYd8taC8VIO98Pt5DiYnZG/anbraw2BlZNCsquZMUcehFR6mCP2mj32YHrh
sZSvBmx19zXzXI/fID5ZWdW67Dv3rrMTIrXhan8FrGeNB9N+Jrm5nefOPo1M4Khs
XFLQWJ0U3vU/QQIAqX+u+gV1p7DDq98dz59c2y75+jIUMEGl+KM4aRaUfkxxvs0Y
Phee4rGuy/qoTpLhicHMGk7uJLl34k5L3g0FP6rQ8BVfUO4L1ysvo7Tnsdc2YlLm
7gmdojMTuNW1qONEwy7w1nF2n7ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSUD9xa
qyu4BHM5sG7FLPfvp+1cADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhNjE3MmMtZjI2My00NjQ1LThkN2EtNDBhMTVhZWUyMzNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGA
MA0GCSqGSIb3DQEBCwUAA4IBAQCqEKD7NsrMHCHFAgrDJQ391A1z/w1FR/OCQVpB
zs2CGvft0gLufWveaI12B/mlgIV5JxUyoLqFjUfM51gLRFCtXYWTvuRGvKs5ZSG2
3u2U/hmETARFLoMUoAIJc8XQqBTTmc0HNl5CAexS+Fy1IhPHeEQIUzoxDw4VdQOh
q8P5rpPtELZWcWqmc3dQoCQl0kbZIkOk0FmMhaajchj2OZrsAdXwZLEHcZXsto+d
/VuVAldf/ZlidVzhyTcoBB511wDWnyQgSBqs6y1c7Lpk4uKjjSbIxeh5SJlj5mUz
9zgWqZUDONdRTLqqvp58Iv5drliifvijEG7jVQlWDbitiuUA
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:25:20 2025 by rpki-client