Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
File: 4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa (raw, json)
Hash identifier: 81HU0JyP4uHTtfJWlc8W9dHauwyvHGOZUadVMJQJS9E=
Subject key identifier: 02:EE:B9:6B:24:6B:22:5F:A4:1A:70:DC:68:B3:7E:1F:AF:2F:1C:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 528F5F75E50DAC113E4710C36368FA0A2FAB5111
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
Signing time: Mon 16 Jun 2025 21:20:19 +0000
ROA not before: Mon 16 Jun 2025 21:20:19 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:8f:5f:75:e5:0d:ac:11:3e:47:10:c3:63:68:fa:0a:2f:ab:51:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:20:19 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=d0737e0383977868bf14b592932d5edad5faeee1eeeb93f8b2580ccdbc6bd565, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:45:43:f6:37:d4:ca:89:9b:35:c6:ab:99:ff:
55:c3:a8:9c:23:ca:5e:e1:22:c8:f9:5f:35:89:fe:
42:58:d6:4d:a1:f3:64:c8:a9:3c:06:64:f6:b0:b9:
d9:41:d7:b1:47:2d:ac:8f:85:a6:8b:4c:eb:80:78:
cb:8d:d8:2a:53:55:3c:c6:d0:82:1b:37:3e:80:a7:
e6:12:a3:9a:7f:0e:dc:06:09:b1:a8:04:25:b5:14:
72:f6:bc:2c:80:6c:dc:59:01:b0:75:13:51:69:30:
22:cb:a4:42:b4:de:1d:f2:f0:27:79:7a:70:f3:88:
e2:f9:7c:d5:aa:19:24:ed:be:f7:91:8c:ce:cb:10:
9e:00:9d:26:e4:e7:be:5c:7f:bd:b0:ed:d2:84:11:
5a:25:07:3b:43:4b:26:74:b2:da:e2:e1:c7:42:3b:
b4:38:80:3b:45:f3:b4:dc:8a:0b:31:ca:c5:40:08:
0c:5e:dd:79:f7:f3:17:39:5d:88:c3:ec:ce:25:c2:
19:af:49:a7:24:ba:a7:fc:89:10:91:12:81:fa:a9:
1d:d9:2a:52:ef:06:7c:85:33:6b:4a:17:9d:68:82:
9f:5b:ef:36:48:ca:34:58:77:02:69:e7:95:e9:9c:
7b:b0:de:07:7a:af:66:2d:3e:03:eb:49:bc:06:e0:
a8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:EE:B9:6B:24:6B:22:5F:A4:1A:70:DC:68:B3:7E:1F:AF:2F:1C:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:c000::/40
Signature Algorithm: sha256WithRSAEncryption
26:ab:08:04:cd:e5:56:17:f6:68:99:ae:69:ca:b2:e0:4a:a5:
fc:cc:09:88:db:23:09:76:1d:06:55:50:33:67:02:4c:1e:1e:
68:dd:11:29:20:f9:e5:63:24:4d:1b:02:73:11:d7:cb:fd:2d:
47:3c:b6:50:79:3a:57:a8:a3:25:9c:0c:cf:64:0f:a7:64:c0:
eb:46:7b:da:65:b3:3d:0a:b7:e8:d8:3d:24:d0:1b:00:8b:80:
14:cf:99:48:f0:a6:f0:84:ea:b8:e6:12:c2:07:9b:c9:8e:7e:
03:38:c2:da:92:fa:47:5a:3e:a8:14:f2:50:c6:5e:8e:cd:13:
89:05:3b:3e:5e:87:c6:3e:32:eb:48:a8:07:da:13:fe:28:82:
27:b4:b6:64:3e:80:e6:33:d2:4c:41:5d:61:1f:c2:31:8d:3d:
52:12:c9:be:82:9f:ec:8d:64:21:9d:62:a8:ea:a8:7b:8d:8d:
df:b8:00:d8:0a:cb:c4:fe:59:a3:dd:c5:79:b9:78:0e:07:83:
78:9a:32:51:d5:6e:f5:b8:12:4c:d0:fa:cc:e8:d9:9a:fd:70:
3e:b4:cc:e9:0a:3d:15:f1:ab:e1:fc:f0:f1:c7:44:4c:1e:41:
e3:99:c5:67:9b:b4:55:f0:2e:6e:9e:da:38:94:f9:8a:a9:11:
e2:58:f2:a3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUo9fdeUNrBE+RxDDY2j6Ci+rUREwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIwMTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwNzM3ZTAzODM5Nzc4NjhiZjE0YjU5MjkzMmQ1ZWRhZDVmYWVlZTFlZWVi
OTNmOGIyNTgwY2NkYmM2YmQ1NjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5FQ/Y31MqJmzXGq5n/VcOonCPKXuEiyPlfNYn+QljWTaHzZMipPAZk9rC5
2UHXsUctrI+FpotM64B4y43YKlNVPMbQghs3PoCn5hKjmn8O3AYJsagEJbUUcva8
LIBs3FkBsHUTUWkwIsukQrTeHfLwJ3l6cPOI4vl81aoZJO2+95GMzssQngCdJuTn
vlx/vbDt0oQRWiUHO0NLJnSy2uLhx0I7tDiAO0XztNyKCzHKxUAIDF7deffzFzld
iMPsziXCGa9JpyS6p/yJEJESgfqpHdkqUu8GfIUza0oXnWiCn1vvNkjKNFh3Amnn
lemce7DeB3qvZi0+A+tJvAbgqPECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQC7rlr
JGsiX6QacNxos34fry8cyDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFkNGIxZDUtMTczZS00YzEzLTgwMzItYWIyZGQxZmFmZWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FDA
MA0GCSqGSIb3DQEBCwUAA4IBAQAmqwgEzeVWF/Zoma5pyrLgSqX8zAmI2yMJdh0G
VVAzZwJMHh5o3REpIPnlYyRNGwJzEdfL/S1HPLZQeTpXqKMlnAzPZA+nZMDrRnva
ZbM9Crfo2D0k0BsAi4AUz5lI8KbwhOq45hLCB5vJjn4DOMLakvpHWj6oFPJQxl6O
zROJBTs+XofGPjLrSKgH2hP+KIIntLZkPoDmM9JMQV1hH8IxjT1SEsm+gp/sjWQh
nWKo6qh7jY3fuADYCsvE/lmj3cV5uXgOB4N4mjJR1W71uBJM0PrM6Nma/XA+tMzp
Cj0V8avh/PDxx0RMHkHjmcVnm7RV8C5unto4lPmKqRHiWPKj
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:22 2025 by rpki-client