Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
File: 4e84f0a8-9d20-4219-b641-9a6905a033d9.roa (raw, json)
Hash identifier: iASCpuzH0bKsfeBhNZDzs6YMJKeoUv9hREiNYiwyYMk=
Subject key identifier: CA:93:9B:E8:D6:0D:F3:6D:28:69:F1:D0:F1:41:CE:57:99:85:35:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69E1344D29238E60EFF0EE6FAE7A70C30E7072E6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
Signing time: Mon 16 Jun 2025 19:40:41 +0000
ROA not before: Mon 16 Jun 2025 19:40:41 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:e1:34:4d:29:23:8e:60:ef:f0:ee:6f:ae:7a:70:c3:0e:70:72:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:40:41 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=332b38d97d44f1ada26487820f778e75082ca03be2ed7a03e7e588c8802edf91, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:cf:d7:18:84:0b:46:03:33:df:99:6a:d9:e5:
ca:d3:b4:b1:67:63:9b:20:e3:6d:f9:eb:57:f1:36:
84:28:04:77:8b:d5:12:70:ae:5f:6e:e3:c3:3f:01:
79:84:65:85:76:c9:c3:a1:b8:f4:ed:bf:e0:b8:5c:
ea:ca:c5:2f:d4:37:dc:93:4b:19:e7:2f:a4:69:45:
d8:6f:b7:48:4e:3f:9c:58:d8:77:a1:f3:bd:7f:09:
aa:9c:77:e7:5d:4d:54:25:f9:59:f4:7d:eb:97:2b:
bb:75:08:fc:58:e9:cd:4f:65:0a:24:89:cd:53:9e:
c1:30:7a:7e:17:3f:87:1c:b5:1d:19:e7:51:2a:bc:
6d:15:36:ee:98:ce:e2:5d:57:ee:d1:d4:3d:aa:50:
46:5d:65:b7:86:1e:1a:18:f6:aa:53:9f:e0:d5:ab:
95:b1:33:1a:3d:22:4c:08:fb:fa:0d:91:65:42:46:
ec:ea:14:6e:9c:42:94:4f:ee:df:99:df:1f:21:0f:
4a:1e:41:9e:bd:ce:fc:2e:46:f5:34:92:6c:c3:5c:
d9:05:dc:b2:c5:5d:cf:f5:c9:d7:cb:1c:3b:51:df:
71:6a:19:83:e2:86:13:51:e3:cb:42:4b:3b:22:0e:
97:b5:62:83:9f:79:84:d1:00:af:78:2a:8b:85:dc:
db:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:93:9B:E8:D6:0D:F3:6D:28:69:F1:D0:F1:41:CE:57:99:85:35:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a040::/48
Signature Algorithm: sha256WithRSAEncryption
a3:0f:20:38:c6:ef:28:d2:86:f8:ca:43:63:72:a7:8b:c0:41:
b0:83:eb:1f:d1:17:04:a5:bc:8d:18:d0:0a:04:a0:09:9d:8c:
b2:bd:88:95:8b:13:96:45:e0:b9:67:66:e1:1d:a4:f8:99:7f:
36:7b:54:c5:f5:3f:a9:d8:09:e9:72:1d:42:3a:8d:3d:43:da:
d4:86:31:c7:fb:72:ed:db:20:4a:70:dd:66:91:c9:8e:13:9f:
c9:89:a1:34:11:8f:b5:78:72:a5:80:84:8f:4a:26:b8:82:0d:
c2:fd:85:e9:35:5d:82:e4:4a:66:b2:97:14:81:5c:8d:88:e4:
b4:4e:93:34:14:27:a6:a9:be:2c:38:c5:dc:d4:1a:20:9f:9d:
86:49:11:80:36:b1:50:55:df:3f:b0:ec:58:76:c9:30:8d:ff:
7e:d0:53:dd:59:d3:a1:c0:b0:de:e8:87:a4:13:22:04:9c:1c:
8d:59:fd:75:3d:f1:cf:ca:b1:7b:94:f7:63:b6:71:f1:9c:8e:
11:05:eb:7d:41:d7:ce:5f:47:48:bb:18:04:bc:26:7f:f1:da:
59:3f:c3:ff:dd:2d:9b:8a:ca:e5:6a:1b:ca:4f:2a:40:1f:c0:
be:58:fe:d5:cc:27:b0:35:74:56:45:9b:19:3f:9e:18:76:26:
8a:89:d5:2c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaeE0TSkjjmDv8O5vrnpwww5wcuYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTQwNDFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzMmIzOGQ5N2Q0NGYxYWRhMjY0ODc4MjBmNzc4ZTc1MDgyY2EwM2JlMmVk
N2EwM2U3ZTU4OGM4ODAyZWRmOTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOTP1xiEC0YDM9+ZatnlytO0sWdjmyDjbfnrV/E2hCgEd4vVEnCuX27jwz8B
eYRlhXbJw6G49O2/4Lhc6srFL9Q33JNLGecvpGlF2G+3SE4/nFjYd6HzvX8Jqpx3
511NVCX5WfR965cru3UI/FjpzU9lCiSJzVOewTB6fhc/hxy1HRnnUSq8bRU27pjO
4l1X7tHUPapQRl1lt4YeGhj2qlOf4NWrlbEzGj0iTAj7+g2RZUJG7OoUbpxClE/u
35nfHyEPSh5Bnr3O/C5G9TSSbMNc2QXcssVdz/XJ18scO1HfcWoZg+KGE1Hjy0JL
OyIOl7Vig595hNEAr3gqi4Xc24kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTKk5vo
1g3zbShp8dDxQc5XmYU1ojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGU4NGYwYTgtOWQyMC00MjE5LWI2NDEtOWE2OTA1YTAzM2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg
QDANBgkqhkiG9w0BAQsFAAOCAQEAow8gOMbvKNKG+MpDY3Kni8BBsIPrH9EXBKW8
jRjQCgSgCZ2Msr2IlYsTlkXguWdm4R2k+Jl/NntUxfU/qdgJ6XIdQjqNPUPa1IYx
x/ty7dsgSnDdZpHJjhOfyYmhNBGPtXhypYCEj0omuIINwv2F6TVdguRKZrKXFIFc
jYjktE6TNBQnpqm+LDjF3NQaIJ+dhkkRgDaxUFXfP7DsWHbJMI3/ftBT3VnTocCw
3uiHpBMiBJwcjVn9dT3xz8qxe5T3Y7Zx8ZyOEQXrfUHXzl9HSLsYBLwmf/HaWT/D
/90tm4rK5Wobyk8qQB/Avlj+1cwnsDV0VkWbGT+eGHYmionVLA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:32 2025 by rpki-client