Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
File: c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa (raw, json)
Hash identifier: sKU6Dm54KuCYiHtBR93TLzVgLUYDpb/yd/NFMCbhhxc=
Subject key identifier: 47:4A:28:05:9C:E6:4A:28:D5:8E:DF:E7:3D:37:D3:FC:4B:25:8B:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0709B1E61ED8164DB0142244527B418BCC6AB278
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
Signing time: Mon 16 Jun 2025 20:00:28 +0000
ROA not before: Mon 16 Jun 2025 20:00:28 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:09:b1:e6:1e:d8:16:4d:b0:14:22:44:52:7b:41:8b:cc:6a:b2:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:00:28 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=1254d32ead1b572506e827ae2e0ae921adbcccf45cc465e50176a0452e37bfda, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:09:57:9e:b5:e4:85:d7:c8:31:9e:34:86:1a:
f1:8f:ed:43:a1:01:33:15:f9:2e:20:8b:c3:87:1b:
5c:7d:23:2b:23:ca:36:53:d6:65:2d:47:e6:66:4d:
d4:2b:b5:5d:5b:d7:90:cd:53:50:1c:0f:48:4c:c3:
cb:fb:2d:25:02:8e:b2:77:f2:57:dc:2f:79:e8:f2:
40:cc:7c:a6:12:96:e1:4c:79:c6:aa:7c:fe:d7:11:
9d:ad:27:57:82:0b:0f:69:d2:33:32:45:cc:d4:44:
f9:7e:2f:d4:bb:07:ff:54:62:5b:57:0d:3f:8f:35:
d7:a1:79:34:04:88:a9:57:5f:b6:43:b8:c4:b7:bb:
15:00:92:b2:e5:46:bc:e6:71:25:33:9f:33:e3:76:
af:85:8f:ec:7e:87:7a:a5:ab:54:1e:07:71:75:09:
9f:e6:7c:c9:ea:a6:cf:ab:29:39:d2:ac:a9:87:25:
69:79:a9:7d:30:cc:8b:12:5f:78:05:3e:54:98:1c:
00:29:af:9e:67:2f:93:e3:cd:cc:ba:38:fb:2d:bc:
ca:c6:5c:2c:e7:56:4c:d3:e1:d6:e2:e9:cf:4a:cd:
c9:88:f6:50:d6:ea:5c:d9:78:b7:c1:d7:e7:39:7a:
b5:d7:d6:03:25:8b:c8:d9:93:c8:5b:bf:d7:55:b6:
37:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:4A:28:05:9C:E6:4A:28:D5:8E:DF:E7:3D:37:D3:FC:4B:25:8B:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:c000::/40
Signature Algorithm: sha256WithRSAEncryption
1d:19:71:b2:c1:67:2b:fc:d3:11:27:7f:d7:6a:77:21:da:23:
91:d9:b1:68:28:78:46:1b:4c:15:0f:fa:c5:4c:13:c6:93:e1:
f7:39:b0:2a:84:26:4b:9e:ff:01:c3:e6:76:27:ab:c9:1c:e4:
6b:05:94:8f:d3:60:27:51:89:a1:65:14:40:63:d5:1d:80:ee:
ca:76:8e:6b:4e:ab:b9:48:1b:bc:a6:3c:d9:12:a1:c5:6c:a6:
c7:ba:71:07:f2:e8:53:a3:9a:3e:53:2e:08:5b:9e:33:8c:25:
3c:1d:a7:f0:99:c5:a1:5d:41:8d:02:a8:4e:d9:59:d4:38:2c:
0c:3a:1e:cd:df:52:57:8a:bf:28:16:67:32:a4:67:9b:b8:f4:
a0:2a:30:94:ea:94:a3:2c:95:13:eb:27:c0:a4:9b:5d:78:86:
93:86:a6:65:f0:ec:ab:2b:89:01:96:d8:48:1f:36:a1:7b:05:
b4:65:15:77:9b:e8:ee:14:ca:f4:94:1f:dc:76:aa:8e:59:3b:
48:c7:08:46:bb:6d:ab:47:dc:7b:f9:ca:64:2b:07:e6:8c:6f:
67:ea:71:45:75:29:fa:2e:ea:72:f0:b2:e0:93:d7:57:8b:1e:
69:b5:bf:de:d6:ae:57:68:85:ad:23:49:c1:7f:09:e9:98:87:
3f:f2:ca:fe
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBwmx5h7YFk2wFCJEUntBi8xqsngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDAwMjhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyNTRkMzJlYWQxYjU3MjUwNmU4MjdhZTJlMGFlOTIxYWRiY2NjZjQ1Y2M0
NjVlNTAxNzZhMDQ1MmUzN2JmZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwJV5615IXXyDGeNIYa8Y/tQ6EBMxX5LiCLw4cbXH0jKyPKNlPWZS1H5mZN
1Cu1XVvXkM1TUBwPSEzDy/stJQKOsnfyV9wveejyQMx8phKW4Ux5xqp8/tcRna0n
V4ILD2nSMzJFzNRE+X4v1LsH/1RiW1cNP48116F5NASIqVdftkO4xLe7FQCSsuVG
vOZxJTOfM+N2r4WP7H6HeqWrVB4HcXUJn+Z8yeqmz6spOdKsqYclaXmpfTDMixJf
eAU+VJgcACmvnmcvk+PNzLo4+y28ysZcLOdWTNPh1uLpz0rNyYj2UNbqXNl4t8HX
5zl6tdfWAyWLyNmTyFu/11W2NykCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRHSigF
nOZKKNWO3+c9N9P8SyWLyjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzkyNTY1MzYtMGU5YS00MTc1LThhYzctYTBmYjk5MWViZmY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HbA
MA0GCSqGSIb3DQEBCwUAA4IBAQAdGXGywWcr/NMRJ3/Xanch2iOR2bFoKHhGG0wV
D/rFTBPGk+H3ObAqhCZLnv8Bw+Z2J6vJHORrBZSP02AnUYmhZRRAY9UdgO7Kdo5r
Tqu5SBu8pjzZEqHFbKbHunEH8uhTo5o+Uy4IW54zjCU8HafwmcWhXUGNAqhO2VnU
OCwMOh7N31JXir8oFmcypGebuPSgKjCU6pSjLJUT6yfApJtdeIaThqZl8OyrK4kB
lthIHzahewW0ZRV3m+juFMr0lB/cdqqOWTtIxwhGu22rR9x7+cpkKwfmjG9n6nFF
dSn6Lupy8LLgk9dXix5ptb/e1q5XaIWtI0nBfwnpmIc/8sr+
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:02:36 2025 by rpki-client