Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
File: cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa (raw, json)
Hash identifier: NNjzTkFtcRFSTguNVSnLhE/+ZvYvNprs6oDMcMEmmPY=
Subject key identifier: 4A:FF:95:ED:31:C0:11:66:31:93:EE:81:A2:15:DA:F7:3F:F0:74:E9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27DE2D53CA5755219715CAB3FA5245C2596CD6B5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
Signing time: Mon 16 Jun 2025 21:31:27 +0000
ROA not before: Mon 16 Jun 2025 21:31:27 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:de:2d:53:ca:57:55:21:97:15:ca:b3:fa:52:45:c2:59:6c:d6:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:31:27 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=593b7eb96336d29c20c865f70361780080fad8bf78471f7cd4e9eb4f7e0cfaa7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7e:4c:bc:75:a0:b2:34:af:0c:8a:29:6a:41:
3a:bb:e0:df:e1:10:c0:02:f8:91:9f:85:15:3c:1e:
07:49:20:f4:bb:66:81:2f:1e:01:4c:9e:30:85:1c:
41:9a:29:fd:9b:71:87:dd:d3:c3:bd:3a:fb:10:b3:
f8:80:89:99:6c:78:15:31:ae:88:3c:28:1f:aa:d1:
8f:e9:08:33:bf:40:a4:4c:27:1a:a9:2e:3e:82:54:
8e:90:67:0e:e4:f8:6a:ae:52:bd:8c:33:23:bb:d2:
2f:f4:b4:da:11:85:36:4f:22:db:94:10:22:63:b5:
e7:a1:4e:eb:cb:e3:72:aa:e4:7f:7a:be:52:f4:72:
50:60:f8:e4:75:f1:b3:b8:8a:d3:8d:d6:66:cb:00:
38:11:72:5d:d7:d0:96:51:96:61:24:69:ea:2a:99:
e7:d4:31:f4:fe:c1:08:7d:8b:57:76:c2:45:12:66:
3c:24:02:d4:76:5c:0e:2d:cd:5b:b1:2c:90:fe:3b:
40:b1:05:91:26:17:cb:d2:ab:60:4c:45:f5:89:90:
c0:ed:06:63:67:d5:68:a0:58:6b:72:93:c1:e5:2f:
60:50:7f:cf:06:cb:4f:a9:5b:52:00:7f:35:70:7b:
81:0f:7b:38:7e:e1:18:c4:e8:93:2b:2d:c1:ae:bf:
d8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:FF:95:ED:31:C0:11:66:31:93:EE:81:A2:15:DA:F7:3F:F0:74:E9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:a000::/40
Signature Algorithm: sha256WithRSAEncryption
01:5f:d5:1d:53:0d:51:38:ab:44:68:c9:a5:74:0b:65:b6:2a:
23:98:6c:3c:1b:1c:ca:0b:6a:2c:44:27:48:57:39:61:2b:47:
24:a5:21:b4:2e:03:0b:79:ff:96:a9:c5:59:89:79:07:07:3d:
2b:8d:eb:c5:7e:78:e6:74:c8:25:3e:56:b3:eb:1f:09:11:89:
79:75:15:78:8d:3e:8c:ca:f1:37:c9:94:d9:18:45:49:e9:46:
d6:ac:82:6b:47:12:89:81:00:37:9d:30:37:cb:ee:6c:c1:dd:
f1:b7:f5:3a:ec:78:f9:2c:3e:3f:9f:6f:e3:d4:93:64:3f:ef:
ef:90:b9:9d:5f:64:4f:af:e1:a4:6c:2e:3e:9a:0a:bf:db:70:
5e:5c:d8:bf:6c:73:65:ae:8d:2c:d4:7f:71:9c:ab:2e:76:66:
1d:d1:58:f7:87:30:a5:f2:1e:f3:34:81:29:6a:b2:b6:6a:be:
cb:c5:6b:36:08:b6:b0:b1:25:a2:86:84:20:42:b5:fa:18:6e:
2b:cd:ac:f0:14:01:d0:ef:17:da:aa:79:c5:ae:3a:e8:d1:97:
ea:91:2a:90:5f:8e:14:1b:ca:8b:b6:e1:93:82:5f:0d:ec:ec:
e9:ea:c6:2c:30:93:5d:71:a8:4c:16:df:ee:0a:99:da:7a:03:
fa:ce:13:66
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJ94tU8pXVSGXFcqz+lJFwlls1rUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTMxMjdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5M2I3ZWI5NjMzNmQyOWMyMGM4NjVmNzAzNjE3ODAwODBmYWQ4YmY3ODQ3
MWY3Y2Q0ZTllYjRmN2UwY2ZhYTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKx+TLx1oLI0rwyKKWpBOrvg3+EQwAL4kZ+FFTweB0kg9LtmgS8eAUyeMIUc
QZop/Ztxh93Tw706+xCz+ICJmWx4FTGuiDwoH6rRj+kIM79ApEwnGqkuPoJUjpBn
DuT4aq5SvYwzI7vSL/S02hGFNk8i25QQImO156FO68vjcqrkf3q+UvRyUGD45HXx
s7iK043WZssAOBFyXdfQllGWYSRp6iqZ59Qx9P7BCH2LV3bCRRJmPCQC1HZcDi3N
W7EskP47QLEFkSYXy9KrYExF9YmQwO0GY2fVaKBYa3KTweUvYFB/zwbLT6lbUgB/
NXB7gQ97OH7hGMTokystwa6/2JcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRK/5Xt
McARZjGT7oGiFdr3P/B06TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I0YTczZTEtYmU2Yi00Y2JhLWIxMzAtYTIyYmIzOWNmNjcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKg
MA0GCSqGSIb3DQEBCwUAA4IBAQABX9UdUw1ROKtEaMmldAtltiojmGw8GxzKC2os
RCdIVzlhK0ckpSG0LgMLef+WqcVZiXkHBz0rjevFfnjmdMglPlaz6x8JEYl5dRV4
jT6MyvE3yZTZGEVJ6UbWrIJrRxKJgQA3nTA3y+5swd3xt/U67Hj5LD4/n2/j1JNk
P+/vkLmdX2RPr+GkbC4+mgq/23BeXNi/bHNlro0s1H9xnKsudmYd0Vj3hzCl8h7z
NIEparK2ar7LxWs2CLawsSWihoQgQrX6GG4rzazwFAHQ7xfaqnnFrjro0ZfqkSqQ
X44UG8qLtuGTgl8N7Ozp6sYsMJNdcahMFt/uCpnaegP6zhNm
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:26:29 2025 by rpki-client