Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
File: bed4158d-91b8-4ba5-81d9-75a65b550b92.roa (raw, json)
Hash identifier: 4Fh88tqDF/Qih6N33H//6L0jHWXyWHl2Lq4H9mksueQ=
Subject key identifier: 65:15:5D:A9:32:24:45:9B:3E:2B:69:D0:F2:FF:54:15:47:63:D9:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A4608D6E721F451DBA5D636D7A6ABF4F4513573
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
Signing time: Mon 16 Jun 2025 19:30:18 +0000
ROA not before: Mon 16 Jun 2025 19:30:18 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:46:08:d6:e7:21:f4:51:db:a5:d6:36:d7:a6:ab:f4:f4:51:35:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:30:18 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=76e1d8c54827b4528fcc3f597b5b4987d82f63ea8d3002c26ba4140559b49b09, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a1:1c:fe:9c:65:c5:84:e1:d7:52:3a:dc:15:
73:a1:17:d9:8d:1c:fa:ed:f3:90:54:3a:50:71:29:
b4:d6:8a:ba:79:db:ae:c2:a6:3c:a8:d8:58:df:22:
e2:f3:70:bc:c7:49:4e:2b:2b:4f:bf:aa:46:3c:48:
7f:f2:a8:8f:ef:d8:57:ed:b6:8a:ce:06:40:cc:6f:
a4:04:90:57:0f:5a:16:9e:eb:cc:d7:13:dd:1c:6a:
e7:8d:25:ef:09:60:0c:21:09:28:75:9d:3e:fd:8a:
d9:d8:cd:73:59:7c:cb:77:c9:af:9c:77:62:35:0b:
eb:a8:25:44:95:0b:a0:0e:8f:66:2e:80:5c:22:67:
cb:1c:e8:ab:b8:2f:a5:56:92:1d:90:0c:5c:08:3c:
8a:24:4d:8a:91:e6:40:b3:c6:67:91:66:e8:bf:34:
e6:13:62:62:89:8e:71:53:a7:47:b2:29:c4:ee:4d:
1d:41:95:4b:b5:d5:4d:d3:57:8b:2e:f5:ce:f3:fb:
bd:62:bc:d1:57:5f:1d:bf:f8:86:23:26:50:c9:1e:
d6:6e:5c:27:d9:8d:49:c9:7e:94:b0:bd:90:7a:53:
e6:9a:49:68:96:19:6e:da:b6:9d:0e:80:52:93:ba:
00:e1:f3:b1:37:53:c9:01:b0:d6:06:0e:bb:53:81:
6f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:15:5D:A9:32:24:45:9B:3E:2B:69:D0:F2:FF:54:15:47:63:D9:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
09:7f:27:d9:cd:19:9a:bf:a4:72:ec:f3:56:a7:15:1d:9c:41:
70:22:ce:db:0b:a2:8a:6a:e7:d9:e7:df:c8:9f:e6:19:f4:57:
0c:9e:61:42:bc:55:25:0a:ab:4c:79:4b:5f:70:5f:d6:8a:23:
c3:27:2e:a2:25:38:fe:46:64:91:6b:91:62:06:76:04:6b:6a:
8d:21:4c:b5:83:bd:7e:a0:9d:49:15:4b:ef:04:d9:60:5f:72:
5d:81:b4:8a:c2:f0:e2:5c:1e:69:88:56:c6:6a:03:43:25:f1:
6d:e8:fb:b3:a7:b4:8f:57:02:78:28:f8:5b:fd:af:a5:95:81:
32:0f:b7:88:80:42:34:40:4d:11:e9:31:48:9a:0a:fa:34:59:
9c:cd:b4:42:f0:4f:ce:86:b0:af:6b:7c:f6:25:37:95:64:8c:
de:72:96:02:8e:43:bc:a1:23:de:5b:3b:9d:f1:57:e5:04:d6:
0d:d5:c5:5d:9e:12:39:d9:0e:ea:9f:ef:70:68:50:b0:66:9d:
5a:03:83:71:ca:ed:de:63:5f:4e:1e:5e:67:be:78:2a:38:e6:
22:3a:06:b6:54:fa:ab:e7:15:ee:69:ed:d5:ab:d2:03:66:b7:
57:8a:23:b0:fd:db:78:13:1e:da:1f:0b:26:1e:b3:8d:76:b0:
92:13:80:cf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKkYI1uch9FHbpdY216ar9PRRNXMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTMwMThaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2ZTFkOGM1NDgyN2I0NTI4ZmNjM2Y1OTdiNWI0OTg3ZDgyZjYzZWE4ZDMw
MDJjMjZiYTQxNDA1NTliNDliMDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANShHP6cZcWE4ddSOtwVc6EX2Y0c+u3zkFQ6UHEptNaKunnbrsKmPKjYWN8i
4vNwvMdJTisrT7+qRjxIf/Koj+/YV+22is4GQMxvpASQVw9aFp7rzNcT3Rxq540l
7wlgDCEJKHWdPv2K2djNc1l8y3fJr5x3YjUL66glRJULoA6PZi6AXCJnyxzoq7gv
pVaSHZAMXAg8iiRNipHmQLPGZ5Fm6L805hNiYomOcVOnR7IpxO5NHUGVS7XVTdNX
iy71zvP7vWK80VdfHb/4hiMmUMke1m5cJ9mNScl+lLC9kHpT5ppJaJYZbtq2nQ6A
UpO6AOHzsTdTyQGw1gYOu1OBbysCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRlFV2p
MiRFmz4radDy/1QVR2PZWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmVkNDE1OGQtOTFiOC00YmE1LTgxZDktNzVhNjViNTUwYjkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
wDANBgkqhkiG9w0BAQsFAAOCAQEACX8n2c0Zmr+kcuzzVqcVHZxBcCLO2wuiimrn
2effyJ/mGfRXDJ5hQrxVJQqrTHlLX3Bf1oojwycuoiU4/kZkkWuRYgZ2BGtqjSFM
tYO9fqCdSRVL7wTZYF9yXYG0isLw4lweaYhWxmoDQyXxbej7s6e0j1cCeCj4W/2v
pZWBMg+3iIBCNEBNEekxSJoK+jRZnM20QvBPzoawr2t89iU3lWSM3nKWAo5DvKEj
3ls7nfFX5QTWDdXFXZ4SOdkO6p/vcGhQsGadWgODccrt3mNfTh5eZ754KjjmIjoG
tlT6q+cV7mnt1avSA2a3V4ojsP3beBMe2h8LJh6zjXawkhOAzw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:33 2025 by rpki-client