Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
File: 4aa6172c-f263-4645-8d7a-40a15aee233f.roa (raw, json)
Hash identifier: 6f24SQ1UUuKNeMJvjB9++aC0F2kD3a8ooZZ5a1s7qW0=
Subject key identifier: B1:EA:6B:AF:1B:EA:B8:B9:AA:EE:71:8E:FD:25:69:04:83:A6:B0:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: A8E260F327D0E7FAA6977E24D2427E542491D2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
Signing time: Tue 20 May 2025 20:01:02 +0000
ROA not before: Tue 20 May 2025 20:01:02 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
a8:e2:60:f3:27:d0:e7:fa:a6:97:7e:24:d2:42:7e:54:24:91:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:01:02 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=41a36de8ae8589267709ab3377f948a3c72d28280f51414d7804b909bf4fa2f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9b:f7:7a:25:10:79:43:4d:5a:c7:0b:83:36:
88:4c:49:93:7a:75:46:39:ce:27:23:9c:12:91:f9:
b8:3a:a4:bd:11:cc:90:64:48:7e:64:bd:d7:c9:17:
80:a8:b4:ee:e6:b2:a7:39:e6:18:0d:14:99:42:bb:
d3:7f:0e:d7:c3:b0:8b:03:d4:e5:90:40:2f:9e:f2:
a2:80:76:73:5d:30:be:62:7c:a3:69:88:06:b0:21:
14:fb:21:6a:fa:b8:c4:a5:d6:eb:2d:33:03:ff:7f:
4a:85:e7:54:8b:21:4a:3a:34:3b:70:f2:04:d7:fd:
e8:0f:e8:02:22:44:22:4f:2f:51:40:02:31:e3:a4:
33:5f:bb:7d:04:f7:8e:9c:cd:71:8d:1c:ab:fa:0d:
e4:0b:46:0e:49:a6:94:29:20:4c:0c:cc:d4:37:15:
e9:ab:71:1f:2b:45:5b:c1:4a:a3:16:22:b2:09:80:
92:c9:ff:22:1d:be:fb:c6:c0:e6:1b:2f:88:9d:ea:
b3:56:0a:68:1a:9d:e2:b3:37:36:8b:27:bb:5e:2e:
a4:55:4a:2b:ef:a9:b1:d4:c9:90:92:3c:6f:8a:2f:
93:62:91:b2:d2:6c:f6:48:52:23:75:d2:e1:ab:22:
2b:ed:bc:6c:86:df:52:8a:da:ae:61:c9:4d:5e:80:
c9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:EA:6B:AF:1B:EA:B8:B9:AA:EE:71:8E:FD:25:69:04:83:A6:B0:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:8000::/40
Signature Algorithm: sha256WithRSAEncryption
40:a4:60:33:19:b2:81:ab:b3:9d:74:6e:71:53:43:78:37:93:
83:cc:8b:5e:84:a3:ef:33:ef:59:14:99:52:fd:9a:55:e6:3b:
8d:c4:8d:96:09:9e:34:1f:54:82:bf:53:60:4a:70:e8:08:ae:
e1:c4:f5:1a:05:b0:11:b3:e1:db:f0:1c:69:96:6c:63:99:2c:
df:44:b7:f0:b5:d3:a1:ad:27:f6:1b:b9:40:23:44:4c:2a:02:
3b:6a:34:6e:46:68:8d:f5:ea:78:0c:8b:ce:22:1b:e2:9f:9b:
46:2a:7d:cc:d7:e6:6b:9e:22:e8:80:1e:b6:10:f8:21:c4:d2:
11:6e:d8:23:f6:a7:93:7c:39:1e:8d:09:60:3a:0c:b2:3a:97:
2d:ae:a1:fd:fe:0b:c3:88:43:23:ea:ec:81:3c:43:ba:6b:a7:
e7:e6:01:9f:7b:de:0c:4e:b5:b6:15:29:44:ae:a9:78:17:dc:
8e:78:e7:87:5b:e1:ba:33:a9:9c:ba:73:57:5c:99:9d:16:43:
2c:3e:1e:f9:59:39:89:a7:db:2f:15:d8:99:bb:58:1b:b3:be:
87:0b:bf:3d:4f:ba:9e:a3:52:b2:6e:c0:bd:b9:ab:d2:ff:90:
69:f1:6a:1a:8a:e1:ae:f6:87:4e:0b:b4:37:8f:0f:58:fa:03:
6c:7c:3d:b8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAKjiYPMn0Of6ppd+JNJCflQkkdIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAxMDJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxYTM2ZGU4YWU4NTg5MjY3NzA5YWIzMzc3Zjk0OGEzYzcyZDI4MjgwZjUx
NDE0ZDc4MDRiOTA5YmY0ZmEyZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyb93olEHlDTVrHC4M2iExJk3p1RjnOJyOcEpH5uDqkvRHMkGRIfmS918kX
gKi07uaypznmGA0UmUK7038O18OwiwPU5ZBAL57yooB2c10wvmJ8o2mIBrAhFPsh
avq4xKXW6y0zA/9/SoXnVIshSjo0O3DyBNf96A/oAiJEIk8vUUACMeOkM1+7fQT3
jpzNcY0cq/oN5AtGDkmmlCkgTAzM1DcV6atxHytFW8FKoxYisgmAksn/Ih2++8bA
5hsviJ3qs1YKaBqd4rM3Nosnu14upFVKK++psdTJkJI8b4ovk2KRstJs9khSI3XS
4asiK+28bIbfUorarmHJTV6AyYsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSx6muv
G+q4uarucY79JWkEg6awiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhNjE3MmMtZjI2My00NjQ1LThkN2EtNDBhMTVhZWUyMzNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGA
MA0GCSqGSIb3DQEBCwUAA4IBAQBApGAzGbKBq7OddG5xU0N4N5ODzItehKPvM+9Z
FJlS/ZpV5juNxI2WCZ40H1SCv1NgSnDoCK7hxPUaBbARs+Hb8BxplmxjmSzfRLfw
tdOhrSf2G7lAI0RMKgI7ajRuRmiN9ep4DIvOIhvin5tGKn3M1+ZrniLogB62EPgh
xNIRbtgj9qeTfDkejQlgOgyyOpctrqH9/gvDiEMj6uyBPEO6a6fn5gGfe94MTrW2
FSlErql4F9yOeOeHW+G6M6mcunNXXJmdFkMsPh75WTmJp9svFdiZu1gbs76HC789
T7qeo1KybsC9uavS/5Bp8WoaiuGu9odOC7Q3jw9Y+gNsfD24
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:44 2025 by rpki-client