Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
File: dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa (raw, json)
Hash identifier: hk4SDhKBR5qmxNV7sljh0StGkz8q73uGM1svCb9OHMc=
Subject key identifier: C5:28:DC:B7:56:8F:08:78:86:2E:38:D1:34:EE:E8:35:15:4A:0D:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 48BE2FEDF985E1BE657E55BD553DB588CD1F0142
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
Signing time: Mon 16 Jun 2025 20:20:08 +0000
ROA not before: Mon 16 Jun 2025 20:20:08 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:be:2f:ed:f9:85:e1:be:65:7e:55:bd:55:3d:b5:88:cd:1f:01:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 20:20:08 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=e02410e727334f25aa3ac5af517d610566a50c6547972799d45e8a7e7ea5f87a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:14:99:04:7d:00:04:e4:24:82:9d:bf:96:fe:
db:e7:04:3f:f9:3f:e5:32:d9:62:1a:46:58:86:bb:
6b:bb:8b:c1:e0:39:5d:d2:10:2a:50:24:69:0e:4e:
07:4f:38:41:53:99:80:40:5c:57:bc:b0:d9:6a:c2:
75:6c:ae:26:95:99:b9:a2:9f:4f:1b:d5:4d:d4:5d:
ba:54:de:cb:7d:98:4b:b2:3f:0b:9e:7b:e5:ec:20:
38:37:30:6c:48:bb:3d:3a:6a:38:63:5c:6a:14:a1:
ec:73:5e:a5:2b:d3:74:34:78:50:8d:07:7e:6a:17:
5d:28:f9:c3:9d:59:55:5c:d6:ce:21:15:de:37:b5:
1a:14:64:12:d0:c0:65:9f:cc:dc:f9:dc:10:ef:93:
4b:ea:df:60:5e:09:0b:e0:df:dd:4f:8e:ac:5a:e5:
27:6d:46:e7:80:1d:12:5e:e8:6c:c9:48:ce:73:f4:
50:6e:b7:54:cd:39:82:32:13:6f:0d:4e:66:3c:cc:
af:15:d4:45:64:bc:9d:3e:40:8e:e2:1e:66:92:3e:
68:e8:2f:bf:9e:ed:a5:77:22:59:8f:db:7a:79:9d:
dc:3a:dd:56:64:7f:86:f8:8f:70:40:f8:65:e2:69:
62:72:2f:ba:6a:17:3b:93:58:8c:a5:5e:01:57:4b:
3b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:28:DC:B7:56:8F:08:78:86:2E:38:D1:34:EE:E8:35:15:4A:0D:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4000::/40
Signature Algorithm: sha256WithRSAEncryption
7f:3c:4d:33:18:5c:07:ab:6a:ba:21:55:f2:ac:5e:60:c2:ae:
d2:45:64:92:2b:bf:54:68:f7:6a:a8:5c:89:28:85:d2:38:7a:
93:51:ee:a7:fc:15:6f:19:67:c5:7a:b4:8a:89:15:b9:a8:01:
4f:72:5e:be:ea:32:39:11:b0:35:c2:3d:2b:9c:5c:17:71:91:
f9:fa:dd:60:cf:28:62:86:86:e0:0e:93:f6:d3:5b:ea:e6:2b:
b3:a8:28:c4:ed:d9:22:60:0f:8a:59:cc:1f:f7:31:84:10:08:
96:7b:aa:5d:26:3e:62:d7:da:7e:a2:29:49:a7:0c:11:d1:80:
34:fb:e4:6f:40:20:f1:22:4f:95:dd:06:c5:25:e4:67:a3:89:
39:1f:13:8d:57:97:01:42:37:be:c6:d5:e2:9b:27:61:31:72:
4e:a1:e1:0f:9c:e8:35:01:57:56:bd:0f:55:1c:8e:10:42:74:
4a:5d:35:40:3d:14:64:73:be:a7:32:45:e1:2f:77:e9:1f:47:
1f:80:62:67:04:30:d8:8d:6a:e9:0b:64:cc:b2:d7:86:20:00:
29:5f:31:6f:86:d6:e9:3e:85:01:38:30:b3:05:9c:bd:fa:d7:
a9:90:50:f0:16:24:6a:c2:67:da:96:eb:a6:c7:8d:7f:93:cc:
db:e5:03:a8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSL4v7fmF4b5lflW9VT21iM0fAUIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYyMDIwMDhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwMjQxMGU3MjczMzRmMjVhYTNhYzVhZjUxN2Q2MTA1NjZhNTBjNjU0Nzk3
Mjc5OWQ0NWU4YTdlN2VhNWY4N2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOoUmQR9AATkJIKdv5b+2+cEP/k/5TLZYhpGWIa7a7uLweA5XdIQKlAkaQ5O
B084QVOZgEBcV7yw2WrCdWyuJpWZuaKfTxvVTdRdulTey32YS7I/C5575ewgODcw
bEi7PTpqOGNcahSh7HNepSvTdDR4UI0HfmoXXSj5w51ZVVzWziEV3je1GhRkEtDA
ZZ/M3PncEO+TS+rfYF4JC+Df3U+OrFrlJ21G54AdEl7obMlIznP0UG63VM05gjIT
bw1OZjzMrxXURWS8nT5AjuIeZpI+aOgvv57tpXciWY/benmd3DrdVmR/hviPcED4
ZeJpYnIvumoXO5NYjKVeAVdLO9UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTFKNy3
Vo8IeIYuONE07ug1FUoNnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGJkMmQ1NmEtYjY5OS00YjMzLWExNTMtZmE4MjZiNmI4MGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABA
MA0GCSqGSIb3DQEBCwUAA4IBAQB/PE0zGFwHq2q6IVXyrF5gwq7SRWSSK79UaPdq
qFyJKIXSOHqTUe6n/BVvGWfFerSKiRW5qAFPcl6+6jI5EbA1wj0rnFwXcZH5+t1g
zyhihobgDpP201vq5iuzqCjE7dkiYA+KWcwf9zGEEAiWe6pdJj5i19p+oilJpwwR
0YA0++RvQCDxIk+V3QbFJeRno4k5HxONV5cBQje+xtXimydhMXJOoeEPnOg1AVdW
vQ9VHI4QQnRKXTVAPRRkc76nMkXhL3fpH0cfgGJnBDDYjWrpC2TMsteGIAApXzFv
htbpPoUBODCzBZy9+tepkFDwFiRqwmfaluumx41/k8zb5QOo
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:08 2025 by rpki-client