Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
File: 4dc2c958-c749-4f2f-a83c-b419f7f45487.roa (raw, json)
Hash identifier: 9H08ogoaZEWBUCR4J2mPC270ljXm6r2n3Rq8WsWkgaE=
Subject key identifier: 1C:83:50:34:C5:E4:A5:4E:7E:22:33:55:A4:7C:88:80:87:3B:F9:FA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A7015B3E91D6112F06315CE97C075E92486E804
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
Signing time: Mon 16 Jun 2025 21:21:16 +0000
ROA not before: Mon 16 Jun 2025 21:21:16 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:70:15:b3:e9:1d:61:12:f0:63:15:ce:97:c0:75:e9:24:86:e8:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:21:16 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=9f2cd793d052ef9ec62cd82a6a5c7caab38bd6c086d027a9e3959055383806f9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:31:4a:b0:58:b2:41:3a:f0:a9:50:d6:b4:94:
b5:05:92:f2:a3:af:59:58:6b:9e:6f:32:92:9e:ec:
25:34:98:9f:6a:11:91:87:ee:57:70:26:32:94:78:
c5:e4:34:a6:d5:85:a9:a3:71:47:5b:ea:5c:3a:e2:
48:82:a5:2d:29:8a:2c:25:35:8a:60:8d:16:19:7c:
6c:36:bf:fb:4a:b6:2b:01:51:82:70:53:69:55:29:
db:ff:b8:4a:ef:e1:f5:e5:53:02:b4:91:20:f0:5d:
fd:35:30:8d:e3:d4:b7:65:a8:47:ce:ee:29:56:da:
12:df:7c:22:58:a0:cd:c8:3f:a8:41:a7:41:35:f3:
88:9b:5d:76:17:dc:10:0e:bb:32:cb:98:34:dd:3f:
bd:0e:18:a3:c0:b7:5a:e5:f3:e1:cf:76:32:a2:ea:
13:d5:db:df:3b:17:cc:a3:c1:ca:0d:64:84:a3:f0:
bc:e9:71:fe:cf:ef:45:31:4b:c4:16:a3:e8:38:9f:
cb:32:7f:92:e8:02:6a:36:6e:ac:8f:1a:92:43:e6:
bd:38:03:b7:7a:26:93:6d:c8:5a:7c:e2:ef:d4:9c:
9e:a2:2d:ca:92:24:1a:07:a1:eb:bf:b6:56:24:dd:
ae:9a:54:6f:f9:12:4e:62:7e:7a:82:d8:7b:9b:bf:
cb:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:83:50:34:C5:E4:A5:4E:7E:22:33:55:A4:7C:88:80:87:3B:F9:FA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
59:29:24:29:34:52:f7:36:2d:ae:d9:c3:0f:ef:49:1c:80:62:
f5:fc:f4:f0:f5:92:aa:1b:19:5d:fa:55:41:fc:fc:cb:89:f7:
99:5a:de:5d:81:45:04:8e:0d:d6:21:59:ca:dc:44:a5:67:e7:
6b:3b:33:c2:32:01:b0:f1:bb:6c:82:e8:19:15:68:22:17:5f:
bf:4d:09:b5:fd:14:06:99:62:35:b0:95:39:cc:24:9d:09:db:
6c:53:d0:c4:03:6a:28:0b:03:ea:c3:52:f1:db:b7:64:5e:56:
1a:e7:fe:6c:47:a2:c8:ab:81:a9:9e:f5:b0:32:4a:da:55:e1:
0c:23:9f:06:40:94:4b:55:5c:35:b7:ab:81:60:a6:86:c1:6b:
1e:45:7d:71:8a:a4:b7:49:f6:f2:48:8c:4f:17:80:4a:44:ab:
62:01:f0:8c:63:b7:c8:5b:1e:90:8d:00:70:5f:7b:3f:27:17:
a1:2f:ad:c7:e6:3b:78:72:1b:73:d8:f9:72:3e:2e:3c:2a:5a:
a5:29:94:2d:67:d5:9c:fc:19:4e:68:3a:a6:89:72:65:6a:8d:
4e:ec:d0:48:ed:0f:33:8f:5c:b2:77:8a:af:e8:07:51:f0:0c:
83:ff:7a:82:7b:5d:8b:44:3c:27:f8:ca:17:08:eb:25:8a:52:
93:b2:54:82
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKnAVs+kdYRLwYxXOl8B16SSG6AQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTIxMTZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmMmNkNzkzZDA1MmVmOWVjNjJjZDgyYTZhNWM3Y2FhYjM4YmQ2YzA4NmQw
MjdhOWUzOTU5MDU1MzgzODA2ZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPYxSrBYskE68KlQ1rSUtQWS8qOvWVhrnm8ykp7sJTSYn2oRkYfuV3AmMpR4
xeQ0ptWFqaNxR1vqXDriSIKlLSmKLCU1imCNFhl8bDa/+0q2KwFRgnBTaVUp2/+4
Su/h9eVTArSRIPBd/TUwjePUt2WoR87uKVbaEt98Iligzcg/qEGnQTXziJtddhfc
EA67MsuYNN0/vQ4Yo8C3WuXz4c92MqLqE9Xb3zsXzKPByg1khKPwvOlx/s/vRTFL
xBaj6DifyzJ/kugCajZurI8akkPmvTgDt3omk23IWnzi79ScnqItypIkGgeh67+2
ViTdrppUb/kSTmJ+eoLYe5u/y70CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQcg1A0
xeSlTn4iM1WkfIiAhzv5+jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGRjMmM5NTgtYzc0OS00ZjJmLWE4M2MtYjQxOWY3ZjQ1NDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hrg
MA0GCSqGSIb3DQEBCwUAA4IBAQBZKSQpNFL3Ni2u2cMP70kcgGL1/PTw9ZKqGxld
+lVB/PzLifeZWt5dgUUEjg3WIVnK3ESlZ+drOzPCMgGw8btsgugZFWgiF1+/TQm1
/RQGmWI1sJU5zCSdCdtsU9DEA2ooCwPqw1Lx27dkXlYa5/5sR6LIq4GpnvWwMkra
VeEMI58GQJRLVVw1t6uBYKaGwWseRX1xiqS3SfbySIxPF4BKRKtiAfCMY7fIWx6Q
jQBwX3s/JxehL63H5jt4chtz2PlyPi48KlqlKZQtZ9Wc/BlOaDqmiXJlao1O7NBI
7Q8zj1yyd4qv6AdR8AyD/3qCe12LRDwn+MoXCOslilKTslSC
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:23:11 2025 by rpki-client