Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c522b3a-46c0-4e5a-8698-21b41418c9a4.roa
File: 4c522b3a-46c0-4e5a-8698-21b41418c9a4.roa (raw, json)
Hash identifier: knsJK6l0MfWjysto8s+Jkn15VBPeM2TykI97TaEcNaM=
Subject key identifier: 22:37:31:52:F5:F1:8F:F3:49:B4:DE:38:B1:59:AE:70:3A:95:9B:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A74C22C2B63B921B09CE6F478ECD1B8E47A78D5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c522b3a-46c0-4e5a-8698-21b41418c9a4.roa
Signing time: Mon 16 Jun 2025 20:41:38 +0000
ROA not before: Mon 16 Jun 2025 20:41:38 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:74:c2:2c:2b:63:b9:21:b0:9c:e6:f4:78:ec:d1:b8:e4:7a:78:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:41:38 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=0989d31bc617748b68c3baa68a2dbae2c4c20c4ac282056aa20c01e6bad4be4f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:23:db:f6:d2:4f:56:77:9d:e3:ec:ca:f4:af:
32:ed:fd:9f:a6:58:3a:f5:8c:db:9e:91:df:35:37:
48:bf:02:02:63:e7:49:14:ae:df:1d:c2:a9:a9:40:
ca:41:26:31:37:7a:70:2b:b9:2f:25:8c:5a:13:b5:
3d:bc:48:c5:26:23:56:5f:bc:60:42:85:8c:01:03:
d5:24:ab:fd:85:a6:f7:1c:16:93:9b:fd:8b:4a:48:
7c:50:6e:33:9e:3c:89:da:1a:ff:5f:41:57:b0:11:
e6:dd:00:ab:b6:72:1a:2d:b7:21:58:da:15:41:bc:
5a:aa:d7:9f:8f:cb:22:8c:92:32:16:88:19:c3:ca:
ab:38:67:46:b3:72:40:cd:64:16:7c:8d:33:d9:01:
fe:bb:fa:0e:43:d6:ad:3a:6d:e4:81:5f:24:98:d5:
d0:e1:96:b7:9b:4e:46:b9:fa:60:b3:5c:79:c8:b9:
40:bc:cd:99:96:89:3d:a1:87:93:b8:76:e3:07:6d:
df:1f:b8:62:93:a8:02:97:db:76:bc:72:6c:86:0b:
1c:12:f1:2a:14:71:1d:45:3c:16:51:61:61:42:44:
95:07:9f:e9:3b:6b:83:8b:53:af:b3:8f:50:c4:7b:
eb:3f:cf:dc:c4:c7:25:cd:cf:f5:f9:84:2e:4d:f4:
77:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:37:31:52:F5:F1:8F:F3:49:B4:DE:38:B1:59:AE:70:3A:95:9B:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c522b3a-46c0-4e5a-8698-21b41418c9a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:4000::/40
Signature Algorithm: sha256WithRSAEncryption
1a:39:7a:93:f8:12:e6:93:03:ba:92:f3:09:ce:f4:5a:7f:c0:
84:f2:a4:f0:f8:bd:e9:d8:df:1c:f8:04:bc:7b:e0:62:73:14:
57:11:56:d5:4b:4d:ec:c7:39:f7:f8:4b:1a:9f:fb:c5:63:2b:
54:08:c3:f0:0e:a1:d9:09:c3:6e:ac:5c:d3:7a:d9:56:94:b1:
94:fa:2a:2a:e2:d0:ec:00:2e:50:62:fd:10:3e:e8:b0:e2:76:
e5:ef:6d:3b:a4:e2:60:5b:c9:94:ce:c4:71:e2:af:10:5e:59:
16:8c:38:aa:b3:58:0f:99:d4:bb:6a:7a:42:73:77:05:11:d0:
d9:b8:4d:e2:7e:41:81:fa:09:1d:d9:3a:f4:ff:8d:a9:59:3b:
fd:a5:1e:00:fc:af:98:a8:a2:04:01:4d:e3:51:2e:c2:90:4e:
dd:0a:ac:e2:59:f5:58:17:a0:b4:f0:35:f4:4c:55:4d:1d:fa:
4f:9a:e7:62:6c:5f:f9:17:f8:71:1b:c2:9b:9f:50:96:ad:82:
67:04:21:31:af:4c:f8:ba:d1:5e:6b:bf:31:c3:c4:34:1e:5e:
c8:da:07:ba:02:90:2e:d5:fe:4d:b3:22:b8:33:e5:f2:ea:0a:
cf:c4:d0:19:dd:84:ea:50:59:e6:81:4c:98:89:0c:a1:d0:46:
d6:ac:b9:82
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCnTCLCtjuSGwnOb0eOzRuOR6eNUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDQxMzhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5ODlkMzFiYzYxNzc0OGI2OGMzYmFhNjhhMmRiYWUyYzRjMjBjNGFjMjgy
MDU2YWEyMGMwMWU2YmFkNGJlNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4j2/bST1Z3nePsyvSvMu39n6ZYOvWM256R3zU3SL8CAmPnSRSu3x3CqalA
ykEmMTd6cCu5LyWMWhO1PbxIxSYjVl+8YEKFjAED1SSr/YWm9xwWk5v9i0pIfFBu
M548idoa/19BV7AR5t0Aq7ZyGi23IVjaFUG8WqrXn4/LIoySMhaIGcPKqzhnRrNy
QM1kFnyNM9kB/rv6DkPWrTpt5IFfJJjV0OGWt5tORrn6YLNceci5QLzNmZaJPaGH
k7h24wdt3x+4YpOoApfbdrxybIYLHBLxKhRxHUU8FlFhYUJElQef6Ttrg4tTr7OP
UMR76z/P3MTHJc3P9fmELk30dwMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQiNzFS
9fGP80m03jixWa5wOpWbuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM1MjJiM2EtNDZjMC00ZTVhLTg2OTgtMjFiNDE0MThjOWE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HtA
MA0GCSqGSIb3DQEBCwUAA4IBAQAaOXqT+BLmkwO6kvMJzvRaf8CE8qTw+L3p2N8c
+AS8e+BicxRXEVbVS03sxzn3+Esan/vFYytUCMPwDqHZCcNurFzTetlWlLGU+ioq
4tDsAC5QYv0QPuiw4nbl7207pOJgW8mUzsRx4q8QXlkWjDiqs1gPmdS7anpCc3cF
EdDZuE3ifkGB+gkd2Tr0/42pWTv9pR4A/K+YqKIEAU3jUS7CkE7dCqziWfVYF6C0
8DX0TFVNHfpPmudibF/5F/hxG8Kbn1CWrYJnBCExr0z4utFea78xw8Q0Hl7I2ge6
ApAu1f5NsyK4M+Xy6grPxNAZ3YTqUFnmgUyYiQyh0EbWrLmC
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:41:57 2025 by rpki-client