Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b43f183-cd0a-4862-a7f0-bf7122100edb.roa
File: 4b43f183-cd0a-4862-a7f0-bf7122100edb.roa (raw, json)
Hash identifier: Di3JN6i2RiP6+LCSpGcZMaSjLzVZFc3KbzpmZcRBFGs=
Subject key identifier: D2:99:5D:EE:3B:56:24:D6:C4:B9:8B:AE:99:0C:8F:E5:25:17:39:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58A08E5F9A573579DC46B16D3BC99B07F881FA8B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b43f183-cd0a-4862-a7f0-bf7122100edb.roa
Signing time: Mon 16 Jun 2025 21:40:08 +0000
ROA not before: Mon 16 Jun 2025 21:40:08 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:a0:8e:5f:9a:57:35:79:dc:46:b1:6d:3b:c9:9b:07:f8:81:fa:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:40:08 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=82027eb432083d1dbcbe35b8c4f9b4b8b893456ccf6ef0efccff619392551df3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:44:d8:5f:e4:ec:bb:52:c7:fa:e5:6c:96:97:
4e:a4:38:75:06:fd:f8:5a:ce:86:a2:dc:51:88:6b:
12:19:2c:36:68:5e:88:b7:29:c0:64:be:7b:f6:94:
51:d4:a4:8c:44:7e:a0:2b:56:93:62:04:8a:7b:c0:
bc:8d:a5:fb:e5:68:98:27:9f:aa:a9:e6:9e:4e:25:
c3:8c:bb:b1:94:39:a9:9a:64:38:e4:83:72:59:91:
0e:99:3c:df:dc:cf:8e:7c:53:fc:03:6e:fd:17:5d:
90:1f:d1:28:6e:07:43:c8:db:39:df:1f:8b:fc:f2:
e5:06:3f:80:ed:76:f3:e9:77:51:91:60:a9:63:19:
13:18:d0:37:d3:ca:77:30:9d:95:c9:bd:e2:a8:ab:
52:c2:00:45:e0:c3:93:fa:32:4e:a9:60:3d:f2:aa:
be:af:92:00:1a:e4:b5:44:3a:67:f5:3f:78:3b:34:
d8:1c:45:09:59:31:15:32:8f:56:4b:dc:74:e2:7d:
0c:72:d3:72:97:69:5a:ce:51:18:1d:d4:9a:03:99:
a6:14:72:94:1a:93:5e:51:5d:0b:05:07:6f:0d:0e:
e0:0c:25:8c:36:c6:e1:d9:fc:cc:64:d5:bb:d7:22:
85:f7:6b:ae:44:54:7f:c5:03:08:f2:76:33:cb:9d:
cf:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:99:5D:EE:3B:56:24:D6:C4:B9:8B:AE:99:0C:8F:E5:25:17:39:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b43f183-cd0a-4862-a7f0-bf7122100edb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:c00::/38
Signature Algorithm: sha256WithRSAEncryption
a2:26:46:8a:2f:fb:82:00:52:46:66:92:2e:1b:2f:62:d9:d8:
97:65:55:4b:49:ef:7e:67:ae:66:ed:d7:88:67:e2:d4:76:3d:
a7:20:17:e6:52:f6:3a:39:00:c2:17:b8:8f:68:7c:c5:13:4f:
e1:9d:b9:11:5d:99:c6:7b:98:6e:67:12:92:bb:42:b5:f3:30:
38:c5:75:b0:ed:d4:b6:48:81:29:50:cf:f8:c8:8f:b6:0c:f5:
7e:38:89:33:c9:12:e8:30:1b:89:a5:a4:64:c2:e8:e0:42:40:
89:ea:b8:6b:6f:a2:32:74:e6:91:68:a6:c6:2b:1c:34:c4:d2:
7e:5b:91:f7:db:87:39:de:3a:b0:af:8a:58:61:41:d3:af:0e:
2b:87:ab:10:86:44:2b:e4:99:8d:f8:97:d1:1b:11:93:20:d6:
dc:a7:20:52:da:e2:d4:f7:f7:8a:ce:e6:5e:2e:ad:19:53:3e:
80:b0:2b:21:ae:a9:67:8e:2b:ba:6f:f4:4d:55:71:ac:3d:57:
b9:6a:c2:e4:98:e1:9a:bf:50:79:1f:d6:85:bf:ca:3f:61:24:
48:08:ef:9c:62:ca:8d:79:0f:c6:58:09:d2:f0:b2:52:b6:f2:
34:e3:89:e0:ad:6d:63:ea:cb:42:cf:66:7c:f4:b4:c4:a1:9d:
68:7c:b7:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWKCOX5pXNXncRrFtO8mbB/iB+oswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQwMDhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyMDI3ZWI0MzIwODNkMWRiY2JlMzViOGM0ZjliNGI4Yjg5MzQ1NmNjZjZl
ZjBlZmNjZmY2MTkzOTI1NTFkZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1E2F/k7LtSx/rlbJaXTqQ4dQb9+FrOhqLcUYhrEhksNmheiLcpwGS+e/aU
UdSkjER+oCtWk2IEinvAvI2l++VomCefqqnmnk4lw4y7sZQ5qZpkOOSDclmRDpk8
39zPjnxT/ANu/RddkB/RKG4HQ8jbOd8fi/zy5QY/gO128+l3UZFgqWMZExjQN9PK
dzCdlcm94qirUsIAReDDk/oyTqlgPfKqvq+SABrktUQ6Z/U/eDs02BxFCVkxFTKP
VkvcdOJ9DHLTcpdpWs5RGB3UmgOZphRylBqTXlFdCwUHbw0O4AwljDbG4dn8zGTV
u9cihfdrrkRUf8UDCPJ2M8udz+kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTSmV3u
O1Yk1sS5i66ZDI/lJRc5BzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI0M2YxODMtY2QwYS00ODYyLWE3ZjAtYmY3MTIyMTAwZWRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQM
MA0GCSqGSIb3DQEBCwUAA4IBAQCiJkaKL/uCAFJGZpIuGy9i2diXZVVLSe9+Z65m
7deIZ+LUdj2nIBfmUvY6OQDCF7iPaHzFE0/hnbkRXZnGe5huZxKSu0K18zA4xXWw
7dS2SIEpUM/4yI+2DPV+OIkzyRLoMBuJpaRkwujgQkCJ6rhrb6IydOaRaKbGKxw0
xNJ+W5H324c53jqwr4pYYUHTrw4rh6sQhkQr5JmN+JfRGxGTINbcpyBS2uLU9/eK
zuZeLq0ZUz6AsCshrqlnjiu6b/RNVXGsPVe5asLkmOGav1B5H9aFv8o/YSRICO+c
YsqNeQ/GWAnS8LJStvI044ngrW1j6stCz2Z89LTEoZ1ofLec
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:56:41 2025 by rpki-client