Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a3909fa-da3d-4cd8-918f-7755304d49d1.roa
File: 4a3909fa-da3d-4cd8-918f-7755304d49d1.roa (raw, json)
Hash identifier: 5rVFf4/+kHdHSsKWMTmdVohKKNOoHA0GJr5sPIhyJc0=
Subject key identifier: 3A:93:90:61:E1:77:E7:22:8A:FF:0C:F7:12:B9:5B:25:1C:97:4B:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E05AE0AA3E93BD579C506BE04BFB229E5CB586D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a3909fa-da3d-4cd8-918f-7755304d49d1.roa
Signing time: Fri 23 May 2025 00:41:10 +0000
ROA not before: Fri 23 May 2025 00:41:10 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:05:ae:0a:a3:e9:3b:d5:79:c5:06:be:04:bf:b2:29:e5:cb:58:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:41:10 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=1275528e3143f862a3c059b9a85430ec3f1c9332fc162f342b7456d46bef7e4e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:66:33:db:35:bb:a1:32:51:3e:7d:5b:95:15:
65:1d:df:a1:93:3f:88:be:b7:af:e1:dd:d0:49:b0:
66:23:24:2f:be:b1:62:89:f2:02:e3:88:a6:2b:6d:
97:55:0c:e6:0b:ab:d2:cc:d5:93:5b:01:25:53:21:
22:21:ec:58:bf:a5:de:11:11:5c:15:88:4f:76:56:
5e:37:1b:e9:7a:04:83:cc:6e:fb:6e:3b:8a:29:66:
19:6b:31:0e:9a:1c:2d:77:b0:6b:46:51:f4:4c:c5:
1c:0e:62:a5:96:e6:08:7d:49:36:cc:21:a5:7a:95:
79:83:1f:98:c4:fd:57:ca:21:be:ca:ae:ed:8f:c4:
83:21:4e:ca:07:f0:8d:1d:79:35:38:4e:0a:62:0c:
6e:da:8f:3d:27:12:a8:82:0d:39:6c:fe:51:e5:89:
db:3f:57:27:62:94:8b:04:b1:af:13:d1:9f:6c:b2:
0d:78:fc:ab:9c:f0:54:f3:80:5f:76:dd:ce:7b:31:
61:3f:b9:68:89:a8:34:8b:fa:36:90:cf:97:6a:89:
25:3d:a1:4e:24:86:e6:8a:4e:2b:4d:12:3b:59:bc:
7f:9b:e9:56:e3:c5:3d:7c:af:5f:8f:07:93:f7:bb:
4b:ed:b0:e6:65:6a:49:c5:58:ea:6c:32:75:5a:8d:
ab:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:93:90:61:E1:77:E7:22:8A:FF:0C:F7:12:B9:5B:25:1C:97:4B:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a3909fa-da3d-4cd8-918f-7755304d49d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:a000::/40
Signature Algorithm: sha256WithRSAEncryption
c3:ed:e9:ae:dc:6f:77:30:07:24:8f:77:eb:55:e3:cb:19:84:
6e:9f:82:4a:0a:ea:7b:35:d2:4e:60:fa:3c:1b:ce:d5:7e:7a:
d5:5f:57:e3:d4:4f:56:04:2a:e5:ff:09:7a:25:de:65:74:d7:
63:68:e2:ce:4f:e6:bf:9b:a8:f3:d9:d6:5c:c0:51:13:cf:09:
72:09:32:ca:df:9b:df:4f:e7:e2:1d:ec:8d:9a:35:1e:56:58:
00:f8:ed:69:8f:3b:a8:5b:2d:cd:05:7f:f1:37:63:63:1c:a6:
4f:ba:bb:57:b6:36:99:27:e0:2b:82:75:58:8a:38:73:5d:8d:
ec:c2:fb:f9:f7:5c:be:88:eb:9f:55:f2:bd:0b:ec:85:a7:e7:
24:c0:6e:10:b9:43:be:66:9b:e8:f8:3e:6b:84:0b:a0:45:6b:
77:e7:3b:a5:dd:75:09:6f:8e:45:24:3a:5e:cf:7a:eb:b5:1b:
57:70:49:9b:73:64:38:44:94:0c:78:b3:f9:e0:b1:cf:fc:64:
8b:58:27:a6:89:2a:f5:01:fb:af:e8:0a:d6:47:87:8d:1c:f7:
13:3f:88:28:d1:15:6c:2c:d9:47:25:2b:54:8b:50:2a:24:33:
ea:7a:06:59:55:6e:0b:b3:2e:9b:24:2d:e0:66:30:5c:f9:d4:
fa:88:f6:db
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbgWuCqPpO9V5xQa+BL+yKeXLWG0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQxMTBaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyNzU1MjhlMzE0M2Y4NjJhM2MwNTliOWE4NTQzMGVjM2YxYzkzMzJmYzE2
MmYzNDJiNzQ1NmQ0NmJlZjdlNGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtmM9s1u6EyUT59W5UVZR3foZM/iL63r+Hd0EmwZiMkL76xYonyAuOIpitt
l1UM5gur0szVk1sBJVMhIiHsWL+l3hERXBWIT3ZWXjcb6XoEg8xu+247iilmGWsx
DpocLXewa0ZR9EzFHA5ipZbmCH1JNswhpXqVeYMfmMT9V8ohvsqu7Y/EgyFOygfw
jR15NThOCmIMbtqPPScSqIINOWz+UeWJ2z9XJ2KUiwSxrxPRn2yyDXj8q5zwVPOA
X3bdznsxYT+5aImoNIv6NpDPl2qJJT2hTiSG5opOK00SO1m8f5vpVuPFPXyvX48H
k/e7S+2w5mVqScVY6mwydVqNq88CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ6k5Bh
4XfnIor/DPcSuVslHJdLYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGEzOTA5ZmEtZGEzZC00Y2Q4LTkxOGYtNzc1NTMwNGQ0OWQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+g
MA0GCSqGSIb3DQEBCwUAA4IBAQDD7emu3G93MAckj3frVePLGYRun4JKCup7NdJO
YPo8G87VfnrVX1fj1E9WBCrl/wl6Jd5ldNdjaOLOT+a/m6jz2dZcwFETzwlyCTLK
35vfT+fiHeyNmjUeVlgA+O1pjzuoWy3NBX/xN2NjHKZPurtXtjaZJ+ArgnVYijhz
XY3swvv591y+iOufVfK9C+yFp+ckwG4QuUO+Zpvo+D5rhAugRWt35zul3XUJb45F
JDpez3rrtRtXcEmbc2Q4RJQMeLP54LHP/GSLWCemiSr1Afuv6ArWR4eNHPcTP4go
0RVsLNlHJStUi1AqJDPqegZZVW4Lsy6bJC3gZjBc+dT6iPbb
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:37:46 2025 by rpki-client