Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
File: cda3712d-34a6-428d-a694-19bab377c44e.roa (raw, json)
Hash identifier: CY+D2rZqGcbioOVsVT3LPHNUoOIyVXB3QiFqIAIP+8M=
Subject key identifier: C0:96:27:5B:8D:3D:98:8F:16:57:9D:B3:40:29:2C:19:3C:56:C3:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4DDDD84D2ABC95FDBAB065F9119DBEF48B18A5C7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
Signing time: Mon 16 Jun 2025 21:41:36 +0000
ROA not before: Mon 16 Jun 2025 21:41:36 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:dd:d8:4d:2a:bc:95:fd:ba:b0:65:f9:11:9d:be:f4:8b:18:a5:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 21:41:36 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f4ce71b0a00eaf6a69220bc962af224026e821f29ef5758e535b5f9205e2d8da, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:52:48:b9:b0:d4:9f:ef:a3:b1:b1:42:84:57:
08:33:0a:d2:f3:7b:9b:35:29:8d:e1:95:91:3a:fa:
02:da:41:51:ee:bd:2e:d1:0e:1a:e0:3e:a0:5f:03:
8d:a4:8c:d4:57:bc:a9:2d:dc:30:94:dd:f5:3d:0a:
98:af:57:d2:1e:6c:5e:f8:36:5d:44:25:50:42:6e:
68:ab:39:53:01:aa:5a:36:30:e3:ae:9c:b1:d6:b0:
8d:9c:e8:10:99:3f:23:c6:31:29:a0:45:9b:49:fe:
e2:5a:02:d9:16:bb:e9:5d:5d:e2:5d:da:f6:8e:6b:
49:50:b0:1f:3e:54:78:18:c6:34:b5:46:7a:2b:be:
28:e2:93:8b:3f:44:d7:f7:7a:52:3b:25:f7:78:60:
52:cb:92:e2:ce:81:6f:d7:97:d6:5a:cc:d0:20:d3:
dd:cf:b5:cb:8b:bf:ff:20:b4:3f:bd:02:5f:da:72:
7d:1c:63:c4:5f:b2:d8:1b:18:0f:a6:f9:22:ca:b1:
59:a7:e5:e5:85:f8:6f:17:71:74:0b:06:f0:a4:ed:
b6:cb:77:87:b2:ce:c6:31:94:94:b0:71:bc:c8:50:
4a:9f:2b:3f:4a:28:6a:b9:d1:43:6a:4b:db:ee:76:
cf:34:3b:a5:49:00:c9:e3:60:1d:fe:6a:1b:64:b3:
b7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:96:27:5B:8D:3D:98:8F:16:57:9D:B3:40:29:2C:19:3C:56:C3:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/38
Signature Algorithm: sha256WithRSAEncryption
59:17:b2:7d:81:e3:47:23:2a:38:9a:28:b7:2c:ce:db:dd:24:
13:96:68:1c:2d:07:5b:52:1a:77:d8:62:f6:5f:79:62:a0:29:
bc:ed:93:23:8c:a3:af:7f:90:6e:0f:1a:02:b8:04:33:b4:d4:
c9:82:ba:49:1b:f1:8e:82:ac:76:8b:08:a0:5b:28:f3:55:40:
75:e6:51:38:13:29:9c:43:e5:88:6c:eb:6c:49:6f:71:74:1a:
de:3c:9d:91:13:39:8e:bd:f8:bf:a7:5b:67:35:18:14:67:a6:
6f:3e:2d:fb:65:0c:01:df:60:3b:d8:07:1d:58:31:8f:ad:74:
ee:da:3f:a4:f2:45:50:d0:58:02:70:3f:79:92:f6:4a:8a:64:
c5:f3:79:42:80:24:84:2e:8b:a7:43:52:1c:ef:fc:eb:d0:92:
33:00:0e:2c:d6:dd:bc:91:a8:b8:5e:df:e2:d8:c1:ac:10:d6:
aa:b4:b8:3d:65:ad:84:1f:42:da:5b:85:9a:00:6c:af:4a:06:
bb:33:79:34:f9:c6:17:b2:c6:c5:de:63:01:11:27:0a:ae:3e:
cd:e0:ba:10:b4:ba:06:e7:97:c4:80:87:ea:8e:3a:15:5f:1d:
fe:9c:91:0e:01:83:23:49:16:7c:d2:81:17:60:9c:a6:b7:f4:
23:82:83:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTd3YTSq8lf26sGX5EZ2+9IsYpccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMTQxMzZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0Y2U3MWIwYTAwZWFmNmE2OTIyMGJjOTYyYWYyMjQwMjZlODIxZjI5ZWY1
NzU4ZTUzNWI1ZjkyMDVlMmQ4ZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZSSLmw1J/vo7GxQoRXCDMK0vN7mzUpjeGVkTr6AtpBUe69LtEOGuA+oF8D
jaSM1Fe8qS3cMJTd9T0KmK9X0h5sXvg2XUQlUEJuaKs5UwGqWjYw466csdawjZzo
EJk/I8YxKaBFm0n+4loC2Ra76V1d4l3a9o5rSVCwHz5UeBjGNLVGeiu+KOKTiz9E
1/d6Ujsl93hgUsuS4s6Bb9eX1lrM0CDT3c+1y4u//yC0P70CX9pyfRxjxF+y2BsY
D6b5IsqxWafl5YX4bxdxdAsG8KTttst3h7LOxjGUlLBxvMhQSp8rP0ooarnRQ2pL
2+52zzQ7pUkAyeNgHf5qG2Szt/MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTAlidb
jT2YjxZXnbNAKSwZPFbDrDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RhMzcxMmQtMzRhNi00MjhkLWE2OTQtMTliYWIzNzdjNDRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQBZF7J9geNHIyo4mii3LM7b3SQTlmgcLQdbUhp3
2GL2X3lioCm87ZMjjKOvf5BuDxoCuAQztNTJgrpJG/GOgqx2iwigWyjzVUB15lE4
EymcQ+WIbOtsSW9xdBrePJ2REzmOvfi/p1tnNRgUZ6ZvPi37ZQwB32A72AcdWDGP
rXTu2j+k8kVQ0FgCcD95kvZKimTF83lCgCSELounQ1Ic7/zr0JIzAA4s1t28kai4
Xt/i2MGsENaqtLg9Za2EH0LaW4WaAGyvSga7M3k0+cYXssbF3mMBEScKrj7N4LoQ
tLoG55fEgIfqjjoVXx3+nJEOAYMjSRZ80oEXYJymt/QjgoO2
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:32 2025 by rpki-client