Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
File: ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa (raw, json)
Hash identifier: IpIEpHLMr4P1x7/6bmOgvTT91bQxWhjO7L+NVDmS+Xk=
Subject key identifier: 01:48:28:2C:0B:11:C3:D7:AB:20:3A:A4:6B:A1:A2:28:FC:15:7B:72
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7EBED3BA92DE4A3E3D1B483CBFCF8557F56CB35E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
Signing time: Wed 25 Jun 2025 00:50:04 +0000
ROA not before: Wed 25 Jun 2025 00:50:04 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:be:d3:ba:92:de:4a:3e:3d:1b:48:3c:bf:cf:85:57:f5:6c:b3:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 25 00:50:04 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=d59805336c21d47eec194ec8e242de00fb34edbaad2321fdc6297df181358fee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:81:a3:1e:75:88:f6:2c:bf:7a:1d:82:20:fa:
86:42:eb:16:27:49:4f:7d:59:bf:54:5c:89:87:2b:
d6:99:b6:a2:5f:d8:8c:49:fa:f4:e2:72:1d:f4:96:
0e:65:a6:06:e6:54:a1:b7:fb:82:8d:e4:ea:87:c7:
12:b1:b7:b2:38:df:d4:b1:5d:7a:67:0b:a5:e5:1c:
9d:63:f7:1b:8e:0f:23:00:58:2f:cb:32:42:fb:6b:
f6:08:88:3d:57:1a:ce:2d:96:37:03:b8:78:e0:80:
7b:70:aa:f2:ca:c6:8b:d4:48:8d:39:d9:cd:4c:ce:
38:f3:d9:4a:f8:38:2a:6e:af:e3:0d:a7:c4:83:82:
52:97:f3:09:f0:b3:5f:b5:f6:86:70:18:fa:82:23:
e4:84:dd:bf:f3:53:cf:a4:6f:82:03:78:7e:27:2b:
65:de:d9:30:16:af:dd:4b:2c:45:fd:46:d8:83:7c:
93:a5:7d:42:87:37:c4:1e:cc:10:a2:bc:33:cf:d9:
7b:88:98:b9:24:98:94:10:a4:02:c1:7e:5d:bd:e4:
09:db:e9:4d:fa:30:8e:c1:6f:a8:7d:e4:a1:5d:db:
54:3c:9e:99:90:c8:29:74:c6:c6:24:dc:25:82:3d:
a0:68:da:5b:fc:63:87:fe:79:68:54:a4:e9:66:e7:
e2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:48:28:2C:0B:11:C3:D7:AB:20:3A:A4:6B:A1:A2:28:FC:15:7B:72
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:4000::/40
Signature Algorithm: sha256WithRSAEncryption
a2:b4:b0:05:7b:56:f2:9c:ee:1b:90:ad:3d:cd:71:74:38:84:
d3:7d:1c:a8:3d:09:4e:f7:dc:c2:5e:ce:43:98:a9:94:1e:53:
35:45:14:b3:90:44:1f:47:c2:36:70:b3:4c:32:53:5d:ed:e5:
5e:f9:56:f3:3a:cb:16:b6:e8:ef:72:66:7d:38:39:f5:16:64:
8b:2b:41:16:56:1f:00:2d:77:da:43:d1:9d:cd:59:8b:b3:e6:
3e:0b:24:59:e3:2e:20:4d:d6:8c:e4:05:7e:e1:a4:62:7a:c2:
98:f0:36:41:cc:f1:31:23:b0:de:2a:11:02:ee:87:f3:6f:ad:
a8:7f:f1:7e:ec:cb:92:1e:ef:6c:bf:a9:d1:60:7c:f7:d5:08:
c3:40:a3:15:b3:7a:a3:ce:b4:57:1f:07:18:49:c2:31:3d:66:
24:18:1a:34:86:65:ae:15:d8:c6:09:62:3d:b4:9b:d0:46:2e:
26:ae:8d:df:49:b6:37:c3:bc:64:60:c1:c4:1d:91:4f:a8:dd:
52:86:62:0a:ec:a1:5b:36:48:65:6f:6d:be:78:09:2f:93:00:
fd:92:c2:61:27:70:e2:fd:90:96:4b:71:84:c3:64:8b:04:f3:
c9:4c:5a:29:44:a5:d3:99:94:e2:ca:28:f7:22:54:a0:30:d6:
fd:ab:e1:60
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfr7TupLeSj49G0g8v8+FV/Vss14wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjUwMDUwMDRaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1OTgwNTMzNmMyMWQ0N2VlYzE5NGVjOGUyNDJkZTAwZmIzNGVkYmFhZDIz
MjFmZGM2Mjk3ZGYxODEzNThmZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJqBox51iPYsv3odgiD6hkLrFidJT31Zv1RciYcr1pm2ol/YjEn69OJyHfSW
DmWmBuZUobf7go3k6ofHErG3sjjf1LFdemcLpeUcnWP3G44PIwBYL8syQvtr9giI
PVcazi2WNwO4eOCAe3Cq8srGi9RIjTnZzUzOOPPZSvg4Km6v4w2nxIOCUpfzCfCz
X7X2hnAY+oIj5ITdv/NTz6RvggN4ficrZd7ZMBav3UssRf1G2IN8k6V9Qoc3xB7M
EKK8M8/Ze4iYuSSYlBCkAsF+Xb3kCdvpTfowjsFvqH3koV3bVDyemZDIKXTGxiTc
JYI9oGjaW/xjh/55aFSk6Wbn4qcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQBSCgs
CxHD16sgOqRroaIo/BV7cjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWRlNTIwMGUtNTVjOC00YTg5LTljY2YtY2Y0NjVjNmRkYjUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJA
MA0GCSqGSIb3DQEBCwUAA4IBAQCitLAFe1bynO4bkK09zXF0OITTfRyoPQlO99zC
Xs5DmKmUHlM1RRSzkEQfR8I2cLNMMlNd7eVe+VbzOssWtujvcmZ9ODn1FmSLK0EW
Vh8ALXfaQ9GdzVmLs+Y+CyRZ4y4gTdaM5AV+4aRiesKY8DZBzPExI7DeKhEC7ofz
b62of/F+7MuSHu9sv6nRYHz31QjDQKMVs3qjzrRXHwcYScIxPWYkGBo0hmWuFdjG
CWI9tJvQRi4mro3fSbY3w7xkYMHEHZFPqN1ShmIK7KFbNkhlb22+eAkvkwD9ksJh
J3Di/ZCWS3GEw2SLBPPJTFopRKXTmZTiyij3IlSgMNb9q+Fg
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:03 2025 by rpki-client