Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
File: b4bc5ce4-db80-4527-b720-60a744036322.roa (raw, json)
Hash identifier: at9/5u/TmhB9KqhN99baTfYXeKtfucMBPsFhyLXOcV4=
Subject key identifier: 5C:53:BC:67:63:61:AD:19:14:7C:47:98:CE:4C:64:A0:ED:CB:22:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46734D49026B973D7397201CF084E66F345076A9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
Signing time: Mon 16 Jun 2025 21:11:17 +0000
ROA not before: Mon 16 Jun 2025 21:11:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:73:4d:49:02:6b:97:3d:73:97:20:1c:f0:84:e6:6f:34:50:76:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:11:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=98878148b4e401bf078d9495fae1d29f1d22cb61c78394119da64e1af657e45c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ce:78:e1:e7:d3:b0:98:6d:ea:5a:70:08:fd:
ae:f0:91:15:b0:92:a4:51:4b:1d:1f:ec:b9:e8:00:
f7:5c:bf:7c:2d:ee:d9:e9:df:cf:a0:09:4d:45:74:
40:7c:b4:45:8b:2e:e5:a7:0b:f3:09:89:65:20:28:
de:04:dd:40:e9:96:eb:19:d6:75:05:83:0e:33:ad:
ca:27:66:2a:c3:26:75:75:b8:e0:59:48:14:61:7b:
17:13:d3:0f:8a:9d:2f:fd:7f:45:d1:04:ef:2a:04:
4a:b4:24:66:5b:cb:b0:3f:a6:aa:8f:b9:5f:b4:18:
f4:15:e5:05:0e:70:91:e0:f7:fd:7c:ce:b4:92:b7:
96:df:4c:c9:9b:06:f7:07:ce:4c:90:c9:20:91:60:
4c:7d:e7:ae:1f:4a:04:86:ca:2b:74:d6:44:2c:e8:
bb:87:d6:62:33:77:72:28:2d:2e:9a:3b:f5:b8:51:
04:0a:0d:a3:28:3f:4a:6b:75:0e:be:cc:e8:bf:8a:
b6:20:37:4c:7d:51:59:b0:09:bc:31:99:b8:9a:10:
9d:44:a7:6c:aa:ae:c4:25:83:56:3c:63:ce:76:0a:
6d:19:6c:db:e4:a4:37:63:23:2f:6c:90:f9:a3:7a:
3e:11:6e:57:44:32:e2:d3:e8:f7:e8:19:f5:3b:31:
c7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:53:BC:67:63:61:AD:19:14:7C:47:98:CE:4C:64:A0:ED:CB:22:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:b000::/40
Signature Algorithm: sha256WithRSAEncryption
71:c6:fe:06:df:ad:cf:39:b3:78:17:1f:73:68:ec:54:96:4b:
45:4e:52:03:cf:18:7c:ea:72:f4:94:a9:f6:02:1a:55:dd:4d:
b0:25:5f:45:68:b1:dd:ea:93:ee:0a:2a:22:fc:a6:ef:de:23:
25:fb:58:a1:6f:6b:64:1c:29:e5:13:35:cb:71:c8:ba:1f:f0:
2b:44:41:00:d0:87:06:62:49:b8:45:6f:67:26:86:45:6c:70:
0c:3e:c6:ac:d9:26:6c:04:fa:7a:7a:2f:35:5e:a8:68:66:26:
5f:cd:8e:06:98:41:b9:91:f2:c6:e9:7a:6f:74:58:b7:75:a6:
31:8b:79:e0:2f:15:be:8e:e8:b8:47:16:bb:6c:cd:0b:f5:9a:
20:1d:bc:ab:aa:07:5a:08:ae:4e:aa:43:c6:44:97:18:50:9b:
07:f9:19:a8:d4:76:0b:bd:5c:6b:31:a1:53:fa:ef:ad:13:c8:
ab:c8:67:f6:a5:28:0f:54:75:df:3c:7a:9e:e0:de:bd:f3:e0:
62:ba:18:aa:1b:b5:0c:18:87:4d:8c:98:42:7e:ac:df:71:d7:
a1:46:4d:89:d0:03:45:39:bb:fd:17:ab:5e:ec:75:aa:2b:e4:
c7:55:2a:23:40:74:77:09:f5:b9:8c:c9:e5:ae:39:c3:3a:05:
32:c3:9f:94
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURnNNSQJrlz1zlyAc8ITmbzRQdqkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTExMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4ODc4MTQ4YjRlNDAxYmYwNzhkOTQ5NWZhZTFkMjlmMWQyMmNiNjFjNzgz
OTQxMTlkYTY0ZTFhZjY1N2U0NWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDOeOHn07CYbepacAj9rvCRFbCSpFFLHR/suegA91y/fC3u2enfz6AJTUV0
QHy0RYsu5acL8wmJZSAo3gTdQOmW6xnWdQWDDjOtyidmKsMmdXW44FlIFGF7FxPT
D4qdL/1/RdEE7yoESrQkZlvLsD+mqo+5X7QY9BXlBQ5wkeD3/XzOtJK3lt9MyZsG
9wfOTJDJIJFgTH3nrh9KBIbKK3TWRCzou4fWYjN3cigtLpo79bhRBAoNoyg/Smt1
Dr7M6L+KtiA3TH1RWbAJvDGZuJoQnUSnbKquxCWDVjxjznYKbRls2+SkN2MjL2yQ
+aN6PhFuV0Qy4tPo9+gZ9Tsxx+kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRcU7xn
Y2GtGRR8R5jOTGSg7csiRjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjRiYzVjZTQtZGI4MC00NTI3LWI3MjAtNjBhNzQ0MDM2MzIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6w
MA0GCSqGSIb3DQEBCwUAA4IBAQBxxv4G363PObN4Fx9zaOxUlktFTlIDzxh86nL0
lKn2AhpV3U2wJV9FaLHd6pPuCioi/Kbv3iMl+1ihb2tkHCnlEzXLcci6H/ArREEA
0IcGYkm4RW9nJoZFbHAMPsas2SZsBPp6ei81XqhoZiZfzY4GmEG5kfLG6XpvdFi3
daYxi3ngLxW+jui4Rxa7bM0L9ZogHbyrqgdaCK5OqkPGRJcYUJsH+Rmo1HYLvVxr
MaFT+u+tE8iryGf2pSgPVHXfPHqe4N698+BiuhiqG7UMGIdNjJhCfqzfcdehRk2J
0ANFObv9F6te7HWqK+THVSojQHR3CfW5jMnlrjnDOgUyw5+U
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:25:24 2025 by rpki-client