Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
File: fad76837-d6e1-4885-9781-3088c0b0c06c.roa (raw, json)
Hash identifier: 5Lkv25NIck+IQtnncttQhQZ/75ra01t7YnwgBMmRLfQ=
Subject key identifier: 65:10:15:C2:5F:8A:FE:FF:57:A5:B8:08:EE:02:6E:06:64:4F:B7:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4013750FD4FB085A67B18DE3DBFEC78C864873BE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
Signing time: Tue 17 Jun 2025 00:41:23 +0000
ROA not before: Tue 17 Jun 2025 00:41:23 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:13:75:0f:d4:fb:08:5a:67:b1:8d:e3:db:fe:c7:8c:86:48:73:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:41:23 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=c54d6e0b18bd2c4a908ce4e6032e24150638e33671df18f6d719c749c4f3f422, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a4:e8:e2:82:09:dc:0b:ce:0b:8c:02:28:9b:
5b:11:dd:eb:c2:60:59:91:43:4d:3b:07:16:91:e0:
6b:6c:30:e7:bd:28:b9:d1:a5:ba:28:31:1c:a9:6e:
2a:ce:3a:03:fd:b8:b5:b2:a2:e2:ae:33:92:97:ce:
4e:4e:f7:2b:bc:28:d0:0f:3f:4f:4d:ca:6b:94:30:
12:7f:b7:3b:88:2a:35:4a:b4:13:73:70:1b:42:f7:
de:55:f5:7a:1a:01:f3:a2:77:ea:06:1e:9a:c4:16:
03:04:c4:f7:57:7e:89:7f:a2:f9:16:80:e9:47:fa:
5f:df:e0:57:81:b0:30:eb:e1:b1:31:25:f2:dd:83:
b2:5a:63:15:ee:83:e0:37:e2:e9:cd:15:f5:90:de:
ef:2f:a9:4d:04:a3:d6:30:84:50:38:0e:73:cf:e5:
a9:1b:7d:d6:af:c6:2b:7d:78:45:1e:5a:08:c7:30:
39:64:79:27:be:9f:9b:86:0f:c3:21:6a:52:ec:0f:
f8:c4:92:4d:bc:ff:47:10:49:b8:ed:a3:c7:b9:ee:
30:08:31:ef:db:13:9d:6a:b5:81:83:8f:fb:b1:17:
d4:90:2f:ba:23:0b:8a:ea:2b:fc:48:06:17:54:84:
77:0e:0c:49:84:e7:00:d1:82:07:55:e4:fc:97:36:
2d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:10:15:C2:5F:8A:FE:FF:57:A5:B8:08:EE:02:6E:06:64:4F:B7:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:6000::/40
Signature Algorithm: sha256WithRSAEncryption
af:af:e7:b8:a0:fa:83:43:00:30:e4:e2:1b:6e:a8:12:7a:cd:
6c:e4:15:b2:58:05:83:ee:92:34:9f:29:1c:04:3f:42:f8:83:
ef:f9:45:de:52:f5:69:91:20:56:49:f5:61:78:47:65:55:f1:
1d:26:1a:bf:5d:b6:29:52:de:f5:3c:fc:4f:6d:3c:e2:e7:9c:
3e:4d:01:a7:e9:e9:0e:60:a8:48:7b:bd:06:6b:9d:aa:8e:c2:
6b:46:3e:e2:0d:d1:4e:16:af:92:b9:ae:a9:47:91:a3:90:f1:
e9:6f:12:8a:20:d6:ef:33:5d:e8:d6:ff:b3:c6:fd:fa:12:3c:
e3:48:4a:32:9b:0f:4a:3c:9e:31:6f:62:54:2e:2b:be:42:a5:
89:cc:23:ff:a3:c2:50:5c:ec:c4:20:9d:34:8a:58:b4:04:6e:
5d:e1:86:b4:bf:c7:36:b6:26:83:ba:b6:98:1e:c1:b8:71:9b:
e6:bf:a1:41:df:e7:d1:64:8d:2b:63:fa:9a:b2:79:f2:36:2d:
dc:8c:c8:7f:96:64:b5:d0:9b:2c:20:da:96:59:2e:5f:f5:fd:
b6:32:81:21:74:74:00:5f:dd:ce:30:0d:4e:93:15:8d:da:fe:
31:02:66:9f:78:26:64:ee:e7:10:cf:f9:e4:9d:58:e5:b6:22:
0f:7f:6a:9a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQBN1D9T7CFpnsY3j2/7HjIZIc74wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQxMjNaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1NGQ2ZTBiMThiZDJjNGE5MDhjZTRlNjAzMmUyNDE1MDYzOGUzMzY3MWRm
MThmNmQ3MTljNzQ5YzRmM2Y0MjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6k6OKCCdwLzguMAiibWxHd68JgWZFDTTsHFpHga2ww570oudGluigxHKlu
Ks46A/24tbKi4q4zkpfOTk73K7wo0A8/T03Ka5QwEn+3O4gqNUq0E3NwG0L33lX1
ehoB86J36gYemsQWAwTE91d+iX+i+RaA6Uf6X9/gV4GwMOvhsTEl8t2DslpjFe6D
4Dfi6c0V9ZDe7y+pTQSj1jCEUDgOc8/lqRt91q/GK314RR5aCMcwOWR5J76fm4YP
wyFqUuwP+MSSTbz/RxBJuO2jx7nuMAgx79sTnWq1gYOP+7EX1JAvuiMLiuor/EgG
F1SEdw4MSYTnANGCB1Xk/Jc2LdcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRlEBXC
X4r+/1eluAjuAm4GZE+3JjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmFkNzY4MzctZDZlMS00ODg1LTk3ODEtMzA4OGMwYjBjMDZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dhg
MA0GCSqGSIb3DQEBCwUAA4IBAQCvr+e4oPqDQwAw5OIbbqgSes1s5BWyWAWD7pI0
nykcBD9C+IPv+UXeUvVpkSBWSfVheEdlVfEdJhq/XbYpUt71PPxPbTzi55w+TQGn
6ekOYKhIe70Ga52qjsJrRj7iDdFOFq+Sua6pR5GjkPHpbxKKINbvM13o1v+zxv36
EjzjSEoymw9KPJ4xb2JULiu+QqWJzCP/o8JQXOzEIJ00ili0BG5d4Ya0v8c2tiaD
uraYHsG4cZvmv6FB3+fRZI0rY/qasnnyNi3cjMh/lmS10JssINqWWS5f9f22MoEh
dHQAX93OMA1OkxWN2v4xAmafeCZk7ucQz/nknVjltiIPf2qa
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:17 2025 by rpki-client