Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa
File: c46a0827-1052-46e2-ad52-4a27d9a65f24.roa (raw, json)
Hash identifier: yR+8VG9+wrelKzoEHgXbn8t0hJhtoYdVoZ7WPcM9rw4=
Subject key identifier: E4:3D:8E:40:BE:60:74:42:91:E2:8A:77:04:53:DC:E9:38:92:E3:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52F3D059A2F3F785FD334AD9E3807B21F8FC3D55
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa
Signing time: Mon 16 Jun 2025 21:40:10 +0000
ROA not before: Mon 16 Jun 2025 21:40:10 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:f3:d0:59:a2:f3:f7:85:fd:33:4a:d9:e3:80:7b:21:f8:fc:3d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:40:10 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=9d66e68c6b51e08f96b8193f69475333d7690b012712be9fea8aa8769b58b4ef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:07:c5:c4:52:77:d7:91:fe:91:2e:c7:56:f9:
84:a4:bb:06:fe:8e:a9:16:2a:ec:91:2e:50:02:f1:
4a:51:fe:50:90:66:ce:e6:ab:4b:bc:f9:6a:20:2d:
26:61:61:12:31:93:1c:0a:08:b6:a9:38:05:b8:3c:
41:d9:90:76:79:85:04:45:ad:d3:16:e7:cb:8c:b7:
21:e3:c5:40:91:4e:ea:76:4f:7b:87:a2:ee:71:c1:
54:95:c1:be:8c:d5:17:ef:32:28:97:0c:ea:f0:1d:
e2:4e:cb:e7:34:02:46:63:12:fd:22:e3:67:c1:97:
29:e6:03:bf:c3:32:ff:6d:53:14:fe:19:87:54:d8:
16:89:32:96:3b:b5:23:8b:1f:df:89:23:77:04:a9:
4f:84:ae:95:dc:a8:72:5d:1f:28:7e:c2:ed:dd:bd:
c7:df:de:3e:ea:58:76:25:c4:57:a8:09:f2:7c:36:
f5:db:e7:cd:9d:cf:f7:7a:d9:60:c2:0b:e8:54:fb:
9d:bd:71:e5:1b:3d:fc:7c:09:3f:ad:17:3d:db:df:
c4:a0:6b:ea:6a:ab:8a:ba:9d:1e:b2:b0:af:c2:8f:
a6:03:16:02:e9:8b:02:3c:ce:ec:88:6e:72:e1:a5:
1a:d8:8c:b0:29:17:85:c7:88:dc:4f:93:8c:b5:21:
36:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:3D:8E:40:BE:60:74:42:91:E2:8A:77:04:53:DC:E9:38:92:E3:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014::/36
Signature Algorithm: sha256WithRSAEncryption
6a:cc:59:66:bc:4c:1e:eb:cb:d6:c6:3c:a6:18:dc:7e:56:ab:
37:ec:17:f6:40:8d:6e:05:a2:95:a9:e6:9e:7f:c4:1f:ed:3d:
c0:be:2e:d2:9f:64:ee:62:89:2f:94:7d:f2:c0:a8:a4:71:d3:
b7:19:44:07:1e:0e:b0:0b:53:f2:30:c8:f6:fa:93:fc:a8:1e:
ab:47:6c:b1:6b:6f:26:c3:cf:0e:80:ff:b4:20:e3:55:aa:c3:
76:51:ca:22:02:f8:3c:d8:6e:a4:c3:1f:5f:3f:7d:56:ad:b3:
88:d3:0d:2a:03:0f:db:82:17:a7:f4:47:2d:af:e1:4c:bc:0b:
a1:4f:3b:a4:53:79:57:0a:ac:44:7c:f0:25:b2:f7:0a:81:4c:
0d:24:80:82:e5:c2:5c:18:e8:ae:1c:34:b8:73:de:3b:26:7f:
bf:80:90:38:43:5b:ed:b8:fa:e7:d1:a9:77:98:2e:26:05:92:
c8:e2:f2:38:33:84:fe:74:65:34:92:c1:4f:a3:43:b1:33:40:
fd:9e:c2:45:00:d1:d8:ae:cc:f0:6b:ad:d9:e6:0c:7c:73:74:
21:fb:20:98:b3:ca:3c:82:da:14:e4:b2:d4:0d:48:d3:a2:82:
05:13:7a:e2:d8:66:c2:3c:1a:b4:6c:94:f7:7a:8b:3f:7e:a1:
41:52:82:8c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUvPQWaLz94X9M0rZ44B7Ifj8PVUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQwMTBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkNjZlNjhjNmI1MWUwOGY5NmI4MTkzZjY5NDc1MzMzZDc2OTBiMDEyNzEy
YmU5ZmVhOGFhODc2OWI1OGI0ZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANAHxcRSd9eR/pEux1b5hKS7Bv6OqRYq7JEuUALxSlH+UJBmzuarS7z5aiAt
JmFhEjGTHAoItqk4Bbg8QdmQdnmFBEWt0xbny4y3IePFQJFO6nZPe4ei7nHBVJXB
vozVF+8yKJcM6vAd4k7L5zQCRmMS/SLjZ8GXKeYDv8My/21TFP4Zh1TYFokylju1
I4sf34kjdwSpT4Suldyocl0fKH7C7d29x9/ePupYdiXEV6gJ8nw29dvnzZ3P93rZ
YMIL6FT7nb1x5Rs9/HwJP60XPdvfxKBr6mqrirqdHrKwr8KPpgMWAumLAjzO7Ihu
cuGlGtiMsCkXhceI3E+TjLUhNl8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTkPY5A
vmB0QpHiincEU9zpOJLjGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzQ2YTA4MjctMTA1Mi00NmUyLWFkNTItNGEyN2Q5YTY1ZjI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BQA
MA0GCSqGSIb3DQEBCwUAA4IBAQBqzFlmvEwe68vWxjymGNx+Vqs37Bf2QI1uBaKV
qeaef8Qf7T3Avi7Sn2TuYokvlH3ywKikcdO3GUQHHg6wC1PyMMj2+pP8qB6rR2yx
a28mw88OgP+0IONVqsN2UcoiAvg82G6kwx9fP31WrbOI0w0qAw/bghen9Ectr+FM
vAuhTzukU3lXCqxEfPAlsvcKgUwNJICC5cJcGOiuHDS4c947Jn+/gJA4Q1vtuPrn
0al3mC4mBZLI4vI4M4T+dGU0ksFPo0OxM0D9nsJFANHYrszwa63Z5gx8c3Qh+yCY
s8o8gtoU5LLUDUjTooIFE3ri2GbCPBq0bJT3eos/fqFBUoKM
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:33:34 2025 by rpki-client