Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
File: f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa (raw, json)
Hash identifier: 4lApifKPV7U4WVfXzPnNJ5b+YU/S+YCVm+M6NnwiZjQ=
Subject key identifier: D2:00:8E:7C:FF:96:71:21:6C:45:40:FB:B1:42:40:5D:0D:65:F4:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 045860FBDA5097EA9D78BD2FD6879367128AA537
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
Signing time: Tue 24 Jun 2025 15:00:03 +0000
ROA not before: Tue 24 Jun 2025 15:00:03 +0000
ROA not after: Tue 29 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:58:60:fb:da:50:97:ea:9d:78:bd:2f:d6:87:93:67:12:8a:a5:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 24 15:00:03 2025 GMT
Not After : Jul 29 23:59:59 2025 GMT
Subject: serialNumber=a6f17a9e358ad5e6ae733c8a3a58cf51b0ef7ce1d5e8fda28132e4c7d316fdbe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ce:74:ba:85:a4:ab:4c:ec:8b:e8:67:73:4e:
ad:3f:30:04:45:b0:36:0e:ea:55:7f:12:34:9a:5b:
85:c7:20:d8:af:d3:0d:e7:59:3c:bf:eb:21:60:86:
97:f0:7b:03:67:ce:bd:80:63:64:90:31:0e:38:e5:
68:a5:ff:bf:c4:14:3d:84:88:94:e4:cd:e2:e1:88:
4a:e8:55:0f:c0:02:49:42:31:5f:3d:d1:86:9d:95:
00:4b:d8:5d:cf:b8:04:b9:af:05:30:63:34:ed:99:
01:5b:87:e0:26:db:31:30:79:78:db:ea:48:c8:f1:
fc:21:9c:e6:ab:1e:87:df:40:ec:cd:a9:3e:8d:51:
c6:33:6e:73:97:2d:35:d6:82:96:5e:84:bc:2d:17:
21:8e:82:ef:9c:cb:d2:fe:2a:aa:6a:b5:62:0d:fb:
fe:15:f1:c7:49:93:13:53:ac:b3:a2:16:6b:ce:66:
29:7c:3b:dd:11:1d:6c:ac:75:e5:61:34:7a:5e:2c:
4b:6e:78:2a:e6:26:2c:71:5f:a2:26:23:69:eb:e6:
05:58:d7:b0:b8:46:d4:dd:db:cb:61:eb:18:52:43:
5a:5e:a8:3c:a0:78:29:3e:dc:9a:46:3a:fb:94:8d:
04:61:a9:82:cd:25:4b:7b:d2:e3:8b:e3:60:3e:75:
b6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:00:8E:7C:FF:96:71:21:6C:45:40:FB:B1:42:40:5D:0D:65:F4:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
2a:8b:3d:90:3f:21:1a:66:37:f7:31:6e:a0:ca:f2:d3:7d:42:
8d:bc:97:3e:29:3b:c3:23:11:8a:b2:cf:27:3f:6e:51:1b:08:
84:60:2c:a6:b0:45:45:81:56:65:04:72:80:32:5f:b7:49:e0:
69:12:41:65:d7:6b:dc:f1:44:d4:7f:1d:51:d0:53:2d:c2:4b:
a3:f5:4d:c8:9b:04:e8:87:b0:15:ae:92:40:e3:34:55:ed:39:
01:f0:c7:23:3a:99:56:f5:a1:ff:45:43:3e:9f:9c:fa:a5:ec:
61:e8:6b:a6:3c:21:c2:10:00:0e:9a:a5:a2:63:b7:80:c6:ff:
2d:9c:20:9f:77:1e:d7:29:63:78:59:8d:1d:85:85:77:d1:36:
4f:36:3d:bd:03:a6:53:c2:17:87:b9:d2:0c:9c:87:4a:d1:64:
e6:fd:08:96:89:f0:e6:03:92:dc:dd:57:bb:49:02:a1:b5:39:
f2:e8:8b:73:47:0a:5d:67:50:a6:9b:7e:dc:32:35:45:24:09:
2c:2c:84:b9:b0:0e:80:7d:00:5c:3b:6c:05:12:9a:9b:f2:6b:
51:c9:64:e2:3e:b2:26:8d:b4:08:b9:bf:79:da:37:74:67:c4:
59:89:d8:2d:61:06:52:e8:60:e4:f7:99:b5:8b:dd:fd:a9:3b:
ba:2f:b6:a8
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUBFhg+9pQl+qdeL0v1oeTZxKKpTcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjQxNTAwMDNaFw0yNTA3MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2ZjE3YTllMzU4YWQ1ZTZhZTczM2M4YTNhNThjZjUxYjBlZjdjZTFkNWU4
ZmRhMjgxMzJlNGM3ZDMxNmZkYmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXOdLqFpKtM7IvoZ3NOrT8wBEWwNg7qVX8SNJpbhccg2K/TDedZPL/rIWCG
l/B7A2fOvYBjZJAxDjjlaKX/v8QUPYSIlOTN4uGISuhVD8ACSUIxXz3Rhp2VAEvY
Xc+4BLmvBTBjNO2ZAVuH4CbbMTB5eNvqSMjx/CGc5qseh99A7M2pPo1RxjNuc5ct
NdaCll6EvC0XIY6C75zL0v4qqmq1Yg37/hXxx0mTE1Oss6IWa85mKXw73REdbKx1
5WE0el4sS254KuYmLHFfoiYjaevmBVjXsLhG1N3by2HrGFJDWl6oPKB4KT7cmkY6
+5SNBGGpgs0lS3vS44vjYD51tlUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTSAI58
/5ZxIWxFQPuxQkBdDWX0GjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjEzZjU0NDQtMzc3YS00ZTUxLWExYzctMTBjMmEzYTNkNmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBACqLPZA/IRpmN/cxbqDK8tN9Qo28lz4pO8MjEYqy
zyc/blEbCIRgLKawRUWBVmUEcoAyX7dJ4GkSQWXXa9zxRNR/HVHQUy3CS6P1Tcib
BOiHsBWukkDjNFXtOQHwxyM6mVb1of9FQz6fnPql7GHoa6Y8IcIQAA6apaJjt4DG
/y2cIJ93HtcpY3hZjR2FhXfRNk82Pb0DplPCF4e50gych0rRZOb9CJaJ8OYDktzd
V7tJAqG1OfLoi3NHCl1nUKabftwyNUUkCSwshLmwDoB9AFw7bAUSmpvya1HJZOI+
siaNtAi5v3naN3RnxFmJ2C1hBlLoYOT3mbWL3f2pO7ovtqg=
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:05 2025 by rpki-client