Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
File: 79440387-66a3-4852-a94b-8a3250f20726.roa (raw, json)
Hash identifier: 2VcBToVViB+oNe6n/x7M6JsW+jCCnHy3lxjxc/IBc3Q=
Subject key identifier: 81:3E:9C:2B:83:A6:AF:B2:2D:21:88:B9:C6:6A:90:05:CC:9B:82:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E0B4A54FF0313369A4A4F5F2D5373DE82437841
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
Signing time: Mon 16 Jun 2025 19:30:16 +0000
ROA not before: Mon 16 Jun 2025 19:30:16 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:0b:4a:54:ff:03:13:36:9a:4a:4f:5f:2d:53:73:de:82:43:78:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:30:16 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=88581a7d2e19208b7f070fe03b03112a67950ad951cfc78c8323ae7b4352f224, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cd:74:a7:36:24:1c:89:a0:0a:78:79:ce:f9:
47:ac:f3:58:f2:b0:f8:64:44:37:6e:23:d7:b6:da:
3f:13:ac:f0:37:72:af:51:76:34:31:84:27:21:fc:
f0:1c:a1:84:73:19:f5:da:63:e1:53:21:af:aa:93:
68:2c:98:75:b3:89:77:97:61:ea:b5:47:90:1c:0b:
27:cb:cd:35:0b:28:80:25:ec:33:4f:b7:d4:c2:b1:
fc:1a:5e:65:d4:91:99:3a:61:ba:87:df:f3:ed:ee:
af:4d:2e:68:ce:2e:c6:8d:ce:d5:e6:d8:0a:ec:d8:
71:91:01:b8:33:24:4d:6f:9b:08:22:03:90:ad:e4:
15:b0:da:04:88:e1:2a:34:16:93:d5:4e:e0:41:53:
73:1c:dc:74:bd:8b:e0:e6:65:aa:e2:8f:0f:d4:6e:
63:ff:f4:9c:b1:07:c8:16:6b:52:2e:7a:f2:13:2c:
c4:69:ab:12:0e:0e:4c:76:95:ce:8b:e2:3c:a0:7b:
00:53:66:0a:aa:01:ee:fe:b7:e0:87:19:34:78:db:
ca:d7:d1:50:bd:a8:6b:55:c3:4b:77:60:50:2c:b1:
32:c3:20:d9:73:d7:5d:5b:e8:4e:ae:52:2d:36:71:
5a:1f:92:bd:31:62:02:2d:19:08:70:8b:1a:39:be:
22:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:3E:9C:2B:83:A6:AF:B2:2D:21:88:B9:C6:6A:90:05:CC:9B:82:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a040::/48
Signature Algorithm: sha256WithRSAEncryption
a9:6b:05:6e:99:65:8e:90:d8:6f:d8:ba:e9:8c:61:a9:9e:f9:
36:ee:2b:95:b0:f5:37:11:33:9b:70:89:1d:87:d8:53:f8:54:
3a:2b:95:35:d1:bc:fb:59:89:19:2a:a1:12:62:6b:9c:f7:e2:
88:ff:19:af:5c:8c:6e:f3:6b:88:8b:fb:09:98:eb:3d:5c:f4:
59:74:86:65:ce:f9:ef:16:30:11:79:cb:71:74:60:6c:0e:ad:
fd:47:0c:1b:e7:bd:8a:e0:a2:be:50:c0:20:a8:08:b7:e3:5d:
56:8b:9b:50:86:65:62:45:82:f4:51:b5:d3:54:28:c8:8f:d0:
94:e5:2f:94:e4:9c:4d:bb:e1:01:d6:a1:37:3b:dc:c0:99:59:
58:16:9f:98:c0:16:6c:cb:79:36:94:23:35:f9:de:d4:c5:08:
b3:5d:07:7f:bd:4c:6b:0e:37:ae:fd:36:76:63:6d:83:1c:a4:
6d:ac:6b:d5:1a:2a:27:e1:d0:04:07:ec:89:29:de:d7:f9:c0:
5d:d7:e7:da:39:04:4f:f3:b4:e1:f2:7d:a9:f0:d3:de:5c:94:
08:d1:66:68:af:5d:0b:81:bf:57:ea:2f:33:d7:fa:b9:52:88:
84:c2:3c:72:3b:cb:cf:21:75:8c:38:dd:45:45:ea:fe:2e:bf:
26:8d:77:82
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTgtKVP8DEzaaSk9fLVNz3oJDeEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTMwMTZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4NTgxYTdkMmUxOTIwOGI3ZjA3MGZlMDNiMDMxMTJhNjc5NTBhZDk1MWNm
Yzc4YzgzMjNhZTdiNDM1MmYyMjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/NdKc2JByJoAp4ec75R6zzWPKw+GREN24j17baPxOs8Ddyr1F2NDGEJyH8
8ByhhHMZ9dpj4VMhr6qTaCyYdbOJd5dh6rVHkBwLJ8vNNQsogCXsM0+31MKx/Bpe
ZdSRmTphuoff8+3ur00uaM4uxo3O1ebYCuzYcZEBuDMkTW+bCCIDkK3kFbDaBIjh
KjQWk9VO4EFTcxzcdL2L4OZlquKPD9RuY//0nLEHyBZrUi568hMsxGmrEg4OTHaV
zoviPKB7AFNmCqoB7v634IcZNHjbytfRUL2oa1XDS3dgUCyxMsMg2XPXXVvoTq5S
LTZxWh+SvTFiAi0ZCHCLGjm+Ip8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSBPpwr
g6avsi0hiLnGapAFzJuCsDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzk0NDAzODctNjZhMy00ODUyLWE5NGItOGEzMjUwZjIwNzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
QDANBgkqhkiG9w0BAQsFAAOCAQEAqWsFbplljpDYb9i66YxhqZ75Nu4rlbD1NxEz
m3CJHYfYU/hUOiuVNdG8+1mJGSqhEmJrnPfiiP8Zr1yMbvNriIv7CZjrPVz0WXSG
Zc757xYwEXnLcXRgbA6t/UcMG+e9iuCivlDAIKgIt+NdVoubUIZlYkWC9FG101Qo
yI/QlOUvlOScTbvhAdahNzvcwJlZWBafmMAWbMt5NpQjNfne1MUIs10Hf71Maw43
rv02dmNtgxykbaxr1RoqJ+HQBAfsiSne1/nAXdfn2jkET/O04fJ9qfDT3lyUCNFm
aK9dC4G/V+ovM9f6uVKIhMI8cjvLzyF1jDjdRUXq/i6/Jo13gg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:11:50 2025 by rpki-client