Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4875c926-8b00-4b21-bffa-08659e5c223d.roa
File: 4875c926-8b00-4b21-bffa-08659e5c223d.roa (raw, json)
Hash identifier: t2y8B1pn5Q8aoH4Rky+T0OnmZU1k/vAsiUiT+hg5rdU=
Subject key identifier: F5:FF:D9:E5:EE:0B:DF:30:27:20:4B:00:6F:C7:4C:FB:89:FC:02:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C20FE2BB96AD0AF30CBCEEE339BF869F158902B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4875c926-8b00-4b21-bffa-08659e5c223d.roa
Signing time: Mon 09 Jun 2025 19:20:21 +0000
ROA not before: Mon 09 Jun 2025 19:20:21 +0000
ROA not after: Mon 14 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:20:fe:2b:b9:6a:d0:af:30:cb:ce:ee:33:9b:f8:69:f1:58:90:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 9 19:20:21 2025 GMT
Not After : Jul 14 23:59:59 2025 GMT
Subject: serialNumber=4249bddf73107d8f1ef17d86a7bf0426ecce86e4e3955ab25f05d41d46fe112f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e1:58:96:3d:36:72:e0:0f:08:b3:c5:12:08:
60:7b:f8:61:54:82:85:3a:71:c0:36:b4:38:67:89:
cd:1c:4e:9f:3e:1d:7a:33:c5:e9:ad:ac:97:1f:ac:
6a:7a:3c:da:b2:0f:f2:17:d0:d6:18:bc:bc:21:ba:
cb:a5:19:d2:1c:8e:73:be:2a:36:b0:4a:da:a6:59:
00:cc:9f:d1:07:3b:4c:ef:a1:8f:94:82:63:25:3e:
c4:b1:2f:38:37:cd:74:7e:e8:61:32:d5:9a:2d:ff:
05:d4:37:11:a7:5e:83:dc:bd:37:b1:64:e7:0f:6a:
c6:a4:32:4b:a7:29:3d:f6:7f:c7:42:97:3e:0d:bd:
0d:87:a9:b1:2c:25:d7:15:2e:00:8a:e9:a5:07:0a:
79:d2:be:1c:44:c9:c6:ec:f8:40:f2:8c:12:14:fd:
a7:3d:69:d5:b9:7f:bd:9f:45:b7:79:b4:ee:03:83:
9b:24:75:bc:a8:6f:c7:f7:b2:c8:1f:b7:24:24:96:
f3:3d:cd:29:c7:4b:4d:af:36:9b:d5:d5:60:b8:14:
83:cb:3b:39:3a:f6:70:fe:ee:52:28:3b:5c:8b:d6:
19:80:27:d5:9d:8f:ef:e8:f9:1b:6e:fe:24:ce:80:
e4:5b:1e:40:fa:90:d5:cd:e1:4e:7e:56:21:60:01:
12:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:FF:D9:E5:EE:0B:DF:30:27:20:4B:00:6F:C7:4C:FB:89:FC:02:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4875c926-8b00-4b21-bffa-08659e5c223d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:1000::/40
Signature Algorithm: sha256WithRSAEncryption
54:21:71:e5:79:1a:d6:1e:bb:0e:2f:1b:26:45:a9:40:26:33:
31:68:b8:7c:fd:44:a8:09:3b:0f:1f:fc:64:48:af:54:11:c0:
25:b9:00:02:0f:40:97:e1:cd:b5:84:b4:0d:8f:97:c3:2c:45:
26:57:ed:7c:8e:72:39:94:ac:af:d0:86:7e:2d:f9:86:26:39:
23:fd:b6:64:20:9e:66:8a:99:c6:75:e0:e6:9a:ec:50:f4:10:
a1:f2:61:e1:10:e7:8d:86:78:8b:95:dd:da:69:9d:d3:f3:50:
73:d8:e0:47:56:c2:f2:c8:d6:5d:46:9b:a3:00:43:4e:ed:1d:
79:d0:b7:78:e2:f2:50:2b:72:83:44:0b:c9:39:7e:37:63:f1:
af:9a:0b:ed:2b:a8:3f:3b:f4:56:e8:06:dc:c6:85:bb:a7:0d:
07:49:81:ed:5d:ce:41:8f:48:fc:ad:8c:54:72:dd:e0:e8:da:
13:52:34:a4:2c:2d:ea:29:ad:55:a3:4a:77:26:11:df:1b:a2:
be:b6:6d:95:f6:64:62:73:4f:ed:02:09:1f:a5:f4:e4:7b:fa:
94:04:f3:7c:6b:ce:5e:02:9b:67:b0:f1:18:f1:c2:08:55:8a:
7f:57:e9:78:1c:5f:51:5c:ac:d6:07:fd:37:a2:84:60:16:f0:
3a:42:95:e7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfCD+K7lq0K8wy87uM5v4afFYkCswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDkxOTIwMjFaFw0yNTA3MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyNDliZGRmNzMxMDdkOGYxZWYxN2Q4NmE3YmYwNDI2ZWNjZTg2ZTRlMzk1
NWFiMjVmMDVkNDFkNDZmZTExMmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbhWJY9NnLgDwizxRIIYHv4YVSChTpxwDa0OGeJzRxOnz4dejPF6a2slx+s
ano82rIP8hfQ1hi8vCG6y6UZ0hyOc74qNrBK2qZZAMyf0Qc7TO+hj5SCYyU+xLEv
ODfNdH7oYTLVmi3/BdQ3Eadeg9y9N7Fk5w9qxqQyS6cpPfZ/x0KXPg29DYepsSwl
1xUuAIrppQcKedK+HETJxuz4QPKMEhT9pz1p1bl/vZ9Ft3m07gODmyR1vKhvx/ey
yB+3JCSW8z3NKcdLTa82m9XVYLgUg8s7OTr2cP7uUig7XIvWGYAn1Z2P7+j5G27+
JM6A5FseQPqQ1c3hTn5WIWABErECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT1/9nl
7gvfMCcgSwBvx0z7ifwCgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDg3NWM5MjYtOGIwMC00YjIxLWJmZmEtMDg2NTllNWMyMjNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBUIXHleRrWHrsOLxsmRalAJjMxaLh8/USoCTsP
H/xkSK9UEcAluQACD0CX4c21hLQNj5fDLEUmV+18jnI5lKyv0IZ+LfmGJjkj/bZk
IJ5mipnGdeDmmuxQ9BCh8mHhEOeNhniLld3aaZ3T81Bz2OBHVsLyyNZdRpujAENO
7R150Ld44vJQK3KDRAvJOX43Y/GvmgvtK6g/O/RW6AbcxoW7pw0HSYHtXc5Bj0j8
rYxUct3g6NoTUjSkLC3qKa1Vo0p3JhHfG6K+tm2V9mRic0/tAgkfpfTke/qUBPN8
a85eAptnsPEY8cIIVYp/V+l4HF9RXKzWB/03ooRgFvA6QpXn
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:19 2025 by rpki-client