Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
File: 4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa (raw, json)
Hash identifier: 0RV61hdxA4T5rXgOlOOCmIiYhwJmI1785s14GPuA5IQ=
Subject key identifier: 5F:2A:9F:09:8D:29:B7:9E:4E:CB:44:F6:98:04:19:4F:72:46:79:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 56791A6F1A99C8399DCA28CBE288413475A154CD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
Signing time: Mon 16 Jun 2025 21:31:38 +0000
ROA not before: Mon 16 Jun 2025 21:31:38 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:79:1a:6f:1a:99:c8:39:9d:ca:28:cb:e2:88:41:34:75:a1:54:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:38 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=1995c93c56d62fe007bda5b4ef5fc3f1919961c942638503cda2adab4980d990, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:33:d3:95:a2:fd:94:c3:45:5b:a8:bd:35:60:
f2:b7:ee:cf:c5:19:f6:3d:6f:79:25:9a:a3:56:e3:
10:ab:89:56:ec:b5:82:61:33:b8:7a:21:4f:af:91:
07:09:7a:4b:04:bf:f0:4c:15:d1:d7:31:3d:40:6f:
d1:ac:f2:e7:28:65:1f:cf:61:f0:02:da:d0:11:e5:
89:f1:f8:a8:c5:dc:1f:f2:7b:e8:e9:42:ba:e3:48:
51:99:f1:58:fe:8e:7b:d0:b9:1d:18:87:79:ff:3d:
08:e4:70:d0:ef:bb:e3:57:55:5a:3a:6f:0f:dc:18:
5c:fe:83:46:1b:24:64:88:51:4c:66:32:28:8d:84:
c7:46:1a:d9:12:af:fb:c0:a1:bc:ba:34:0f:32:52:
c7:75:bd:30:97:cf:0c:37:89:33:42:fd:94:a0:9b:
1d:d1:2b:3e:33:50:39:bc:f7:66:da:a1:f7:f2:d3:
36:da:9e:80:8a:a2:f4:f1:54:b3:7a:94:ec:8a:83:
1b:bd:c7:d2:ba:5e:42:f5:7c:15:c6:ac:38:2c:04:
f7:ae:21:b7:93:e0:6e:05:a8:c3:f3:82:48:2a:59:
9d:ac:25:68:d4:a6:7d:49:48:45:3e:6a:d8:ea:0f:
68:71:19:38:43:83:9e:42:76:0e:5a:e2:cc:59:80:
47:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:2A:9F:09:8D:29:B7:9E:4E:CB:44:F6:98:04:19:4F:72:46:79:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:e000::/40
Signature Algorithm: sha256WithRSAEncryption
64:89:8a:69:cc:24:4d:3b:f6:e4:6d:99:62:20:5a:d3:37:22:
9f:2c:d5:07:6e:41:34:e0:c5:c3:12:55:62:e3:ae:00:20:b2:
81:7a:27:77:87:09:40:fe:f1:fc:ac:bd:62:64:3d:75:24:03:
a7:4f:d4:a9:b3:03:a6:79:65:57:c2:50:7b:b1:17:57:51:f6:
02:93:73:91:90:f6:c5:e8:61:c4:15:0a:ff:75:d4:d3:d6:2e:
3e:74:c4:d8:f5:05:9a:f2:b1:9a:44:59:c2:d4:5d:84:98:f7:
44:f8:61:82:2d:2e:b0:a5:d2:00:9f:b1:44:5f:5c:98:1c:61:
80:21:2a:96:93:08:81:e2:a0:d3:57:6f:bc:c6:e8:97:c4:84:
6b:b8:79:b1:e7:db:2d:68:40:8a:01:28:9e:ca:17:15:94:14:
58:4c:a8:10:8a:25:ff:ac:55:a5:9e:c2:d7:82:49:8e:43:2c:
55:fb:52:da:c0:a5:9f:d2:e0:87:ec:ee:ae:0f:00:41:ff:e2:
b2:9f:59:30:56:d7:6b:23:23:39:18:e6:57:8f:31:63:2f:6e:
b2:80:7f:18:61:31:6f:d6:54:83:67:2d:b1:f3:22:89:46:3c:
4f:06:eb:c9:30:c3:f5:31:7e:19:c5:28:ea:bc:a0:b2:69:d4:
3d:87:d6:95
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVnkabxqZyDmdyijL4ohBNHWhVM0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxMzhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5OTVjOTNjNTZkNjJmZTAwN2JkYTViNGVmNWZjM2YxOTE5OTYxYzk0MjYz
ODUwM2NkYTJhZGFiNDk4MGQ5OTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8z05Wi/ZTDRVuovTVg8rfuz8UZ9j1veSWao1bjEKuJVuy1gmEzuHohT6+R
Bwl6SwS/8EwV0dcxPUBv0azy5yhlH89h8ALa0BHlifH4qMXcH/J76OlCuuNIUZnx
WP6Oe9C5HRiHef89CORw0O+741dVWjpvD9wYXP6DRhskZIhRTGYyKI2Ex0Ya2RKv
+8ChvLo0DzJSx3W9MJfPDDeJM0L9lKCbHdErPjNQObz3Ztqh9/LTNtqegIqi9PFU
s3qU7IqDG73H0rpeQvV8FcasOCwE964ht5PgbgWow/OCSCpZnawlaNSmfUlIRT5q
2OoPaHEZOEODnkJ2DlrizFmARyMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRfKp8J
jSm3nk7LRPaYBBlPckZ57TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI1MjBmMmYtN2ZjMC00MWFmLThjNTMtZWMwNjc1YWE4M2QwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G3g
MA0GCSqGSIb3DQEBCwUAA4IBAQBkiYppzCRNO/bkbZliIFrTNyKfLNUHbkE04MXD
ElVi464AILKBeid3hwlA/vH8rL1iZD11JAOnT9SpswOmeWVXwlB7sRdXUfYCk3OR
kPbF6GHEFQr/ddTT1i4+dMTY9QWa8rGaRFnC1F2EmPdE+GGCLS6wpdIAn7FEX1yY
HGGAISqWkwiB4qDTV2+8xuiXxIRruHmx59staECKASieyhcVlBRYTKgQiiX/rFWl
nsLXgkmOQyxV+1LawKWf0uCH7O6uDwBB/+Kyn1kwVtdrIyM5GOZXjzFjL26ygH8Y
YTFv1lSDZy2x8yKJRjxPBuvJMMP1MX4ZxSjqvKCyadQ9h9aV
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:25 2025 by rpki-client