Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4acf4ba-05c5-4e0a-9dfd-70cf32218bb4.roa
File: c4acf4ba-05c5-4e0a-9dfd-70cf32218bb4.roa (raw, json)
Hash identifier: 3fTv5/jZj+FL/pnsdEmrTyw6uqCY52Bz/hHo8MBUNqQ=
Subject key identifier: 25:D2:76:4E:77:B1:8E:8B:36:03:BC:92:BF:9A:1A:40:26:82:92:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2404AAC0A9FB6CAF6FAF5537FDF3708E19D95CBA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4acf4ba-05c5-4e0a-9dfd-70cf32218bb4.roa
Signing time: Mon 16 Jun 2025 19:51:08 +0000
ROA not before: Mon 16 Jun 2025 19:51:08 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:40e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:04:aa:c0:a9:fb:6c:af:6f:af:55:37:fd:f3:70:8e:19:d9:5c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:51:08 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=76929f1fa1d6f2a152a37b524baada207a8b4bf5e834491f63403151eeaf38c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0c:da:b7:bb:c2:74:2d:46:b5:ac:03:02:3e:
d7:70:7b:52:2d:79:ca:bd:b5:3e:92:f2:fb:69:eb:
62:de:1c:db:e2:af:dc:8e:ac:97:a5:94:88:ef:ad:
85:84:ca:c5:58:2e:b5:90:b3:e2:27:6c:0e:dc:f9:
37:fd:21:98:51:7d:05:f7:50:92:27:bb:43:7a:a2:
43:8a:30:a0:79:a3:8b:d7:b4:b0:4f:c2:80:d2:05:
66:e5:99:bc:1a:f9:2e:a9:69:5b:95:62:2a:62:d8:
d4:67:d4:a6:96:f8:09:bc:60:09:34:5b:c7:e3:c0:
be:8a:d3:9f:4f:b9:2b:57:7b:00:25:0e:e5:10:bc:
d9:5e:d2:ed:31:dc:f5:91:e7:c2:e6:de:3a:9e:72:
e3:64:7e:47:f0:06:51:a2:0e:87:60:44:51:f4:83:
a6:21:ab:bb:99:87:8d:af:13:af:92:99:50:82:69:
c2:66:2a:87:91:eb:51:fa:92:5d:67:d5:51:dd:33:
3d:9c:6a:17:fc:95:52:49:07:7d:01:43:29:4a:85:
9c:13:83:c2:6a:46:a8:64:3d:20:11:7c:9a:95:5f:
44:70:86:38:73:0d:b4:67:ac:3a:23:ca:f4:3e:bc:
06:12:b6:b5:e1:17:d8:03:b9:f2:e6:dc:fd:b2:68:
e4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D2:76:4E:77:B1:8E:8B:36:03:BC:92:BF:9A:1A:40:26:82:92:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4acf4ba-05c5-4e0a-9dfd-70cf32218bb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:40e0::/48
Signature Algorithm: sha256WithRSAEncryption
51:b5:7f:57:7d:c9:7c:54:6e:a8:3b:50:0e:cc:f8:86:b7:9c:
77:9b:b7:67:88:2b:af:fc:7c:7c:e8:7d:94:bd:20:05:ad:f8:
c1:b3:20:27:20:0d:26:72:71:d5:04:8c:e4:34:b6:11:84:6c:
46:37:38:cb:e7:63:b8:d2:c7:48:4b:30:12:40:60:1d:c5:33:
0f:a8:6e:83:30:1b:b0:17:ff:1e:bc:fb:5c:aa:d0:ed:e6:b9:
fa:20:80:c5:f5:19:ed:48:cd:d6:1a:73:d4:f8:c7:5d:b7:a7:
dd:18:d9:b3:b1:94:76:ff:ae:87:c3:90:9c:ae:02:c1:a7:59:
e7:5b:9d:36:da:a1:11:d1:ed:b5:b6:3a:0d:6a:66:92:08:f0:
cc:33:88:4d:6a:8a:78:38:fe:a2:f5:32:6e:d1:4a:16:fc:c5:
41:9a:c7:f9:b3:af:36:5e:59:a8:dc:8f:54:80:9a:b1:b9:1b:
77:a5:96:d0:47:c7:6d:29:5f:b3:17:71:7b:d8:f1:22:83:be:
40:d9:dc:8b:1f:ae:18:0c:ee:a4:37:8d:80:6b:d5:e8:74:bc:
2a:b5:73:66:ba:c5:4b:fc:b1:dd:7f:cf:3f:0a:85:73:c6:f5:
b7:55:f2:2f:11:12:0d:b7:f8:17:cf:c7:eb:de:91:d4:06:c3:
c5:eb:e3:de
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJASqwKn7bK9vr1U3/fNwjhnZXLowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUxMDhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2OTI5ZjFmYTFkNmYyYTE1MmEzN2I1MjRiYWFkYTIwN2E4YjRiZjVlODM0
NDkxZjYzNDAzMTUxZWVhZjM4YzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0M2re7wnQtRrWsAwI+13B7Ui15yr21PpLy+2nrYt4c2+Kv3I6sl6WUiO+t
hYTKxVgutZCz4idsDtz5N/0hmFF9BfdQkie7Q3qiQ4owoHmji9e0sE/CgNIFZuWZ
vBr5LqlpW5ViKmLY1GfUppb4CbxgCTRbx+PAvorTn0+5K1d7ACUO5RC82V7S7THc
9ZHnwubeOp5y42R+R/AGUaIOh2BEUfSDpiGru5mHja8Tr5KZUIJpwmYqh5HrUfqS
XWfVUd0zPZxqF/yVUkkHfQFDKUqFnBODwmpGqGQ9IBF8mpVfRHCGOHMNtGesOiPK
9D68BhK2teEX2AO58ubc/bJo5DcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQl0nZO
d7GOizYDvJK/mhpAJoKSPzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzRhY2Y0YmEtMDVjNS00ZTBhLTlkZmQtNzBjZjMyMjE4YmI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
4DANBgkqhkiG9w0BAQsFAAOCAQEAUbV/V33JfFRuqDtQDsz4hrecd5u3Z4grr/x8
fOh9lL0gBa34wbMgJyANJnJx1QSM5DS2EYRsRjc4y+djuNLHSEswEkBgHcUzD6hu
gzAbsBf/Hrz7XKrQ7ea5+iCAxfUZ7UjN1hpz1PjHXben3RjZs7GUdv+uh8OQnK4C
wadZ51udNtqhEdHttbY6DWpmkgjwzDOITWqKeDj+ovUybtFKFvzFQZrH+bOvNl5Z
qNyPVICasbkbd6WW0EfHbSlfsxdxe9jxIoO+QNncix+uGAzupDeNgGvV6HS8KrVz
ZrrFS/yx3X/PPwqFc8b1t1XyLxESDbf4F8/H696R1AbDxevj3g==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:53:40 2025 by rpki-client