Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa
File: 4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa (raw, json)
Hash identifier: /LremoBGi+BE3btPts+jopVdPfsmfsY8VZ7KheHIyqU=
Subject key identifier: 5E:23:7C:14:86:0E:87:D1:62:BF:03:5E:A6:3E:24:57:37:F2:10:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 26BFDBF483F53416347EC2C390EBE69FAD546D39
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa
Signing time: Tue 10 Jun 2025 17:20:10 +0000
ROA not before: Tue 10 Jun 2025 17:20:10 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:bf:db:f4:83:f5:34:16:34:7e:c2:c3:90:eb:e6:9f:ad:54:6d:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:10 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=49c518185063bd1c7f6af9e1738bc24296cd1d5819ab7c53589ddd7ed6431639, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:67:2a:d2:b6:33:e5:f1:a8:de:f5:52:f5:21:
68:17:68:76:d7:8a:41:d4:64:8d:bc:92:54:a5:cf:
b9:5c:f4:ab:ff:a0:ee:d0:c1:38:60:c7:d0:3f:ad:
24:55:95:82:8c:35:3d:3d:8a:f7:85:35:67:df:b7:
42:c6:91:67:bc:bb:ef:11:90:a7:76:68:6f:f6:e8:
fc:fc:f4:e3:71:7a:c9:a1:9e:7e:d8:6b:52:ed:b2:
7c:f2:30:cf:a0:4a:ca:3f:6b:e9:72:df:26:78:a7:
27:5b:9b:72:13:64:39:c4:78:cb:d9:93:af:6c:7a:
7b:e7:db:cb:be:2e:f0:4a:31:bf:79:be:d9:7f:3d:
73:80:ec:87:1c:bb:a4:b0:f6:c7:2a:b8:bd:e1:f7:
09:26:69:9f:da:7d:51:4b:16:81:ed:d7:cd:82:91:
49:a1:f7:8a:44:73:a6:d2:04:29:ee:8e:1e:99:24:
86:30:58:33:d7:29:8f:46:4c:cb:8a:28:1c:12:f2:
ef:0d:d1:9c:73:3f:75:10:71:cf:eb:54:a1:ad:6a:
b9:2a:7c:3c:ac:83:0e:7a:7f:f3:7e:5c:a4:a9:6b:
3c:82:d4:15:4c:74:06:3f:bd:7e:ee:bd:fc:e1:3a:
64:45:0e:64:af:b2:7c:97:8a:ac:2f:81:af:01:9e:
60:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:23:7C:14:86:0E:87:D1:62:BF:03:5E:A6:3E:24:57:37:F2:10:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
73:12:0f:81:90:d2:59:21:69:5c:3f:1e:cc:69:35:32:21:79:
3c:44:57:c3:21:f5:0b:cb:66:73:3a:a9:05:e4:c5:12:af:11:
4f:77:5a:70:f9:6b:00:5b:bd:5e:80:fc:8c:45:1b:3b:d7:14:
33:ce:88:2d:76:ff:68:5b:82:91:e8:4c:80:b4:55:0b:43:9e:
11:7f:27:9b:fb:22:59:92:1b:fd:f4:33:a0:56:84:16:34:de:
54:a5:e5:a5:62:44:cf:12:c1:5e:72:e3:b0:e2:5d:d7:e9:db:
06:49:fd:19:86:d1:a3:58:a6:a3:20:ae:65:47:b6:27:d9:fb:
a7:a8:d5:49:85:37:d8:89:2e:02:0d:3d:0e:d2:62:1c:21:7b:
fc:0e:31:e1:65:1b:7b:e9:50:33:f2:a7:02:e7:83:42:05:1b:
62:9f:e1:83:92:67:64:2b:c9:19:9c:98:6a:20:e4:3e:06:f9:
c6:2f:cf:9e:d6:19:67:59:70:bf:c8:1e:ea:87:a4:0d:96:74:
6b:bb:a3:17:17:5b:97:39:b9:61:97:d7:ec:9a:ca:fe:91:ea:
ac:3a:b7:62:aa:6d:54:5b:81:6a:8d:c5:93:51:2f:9a:f9:fd:
96:e3:6b:0e:cc:35:71:f7:c0:51:35:cb:76:8c:ed:f6:8b:15:
a0:fb:b3:21
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJr/b9IP1NBY0fsLDkOvmn61UbTkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwMTBaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5YzUxODE4NTA2M2JkMWM3ZjZhZjllMTczOGJjMjQyOTZjZDFkNTgxOWFi
N2M1MzU4OWRkZDdlZDY0MzE2MzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpnKtK2M+XxqN71UvUhaBdodteKQdRkjbySVKXPuVz0q/+g7tDBOGDH0D+t
JFWVgow1PT2K94U1Z9+3QsaRZ7y77xGQp3Zob/bo/Pz043F6yaGefthrUu2yfPIw
z6BKyj9r6XLfJninJ1ubchNkOcR4y9mTr2x6e+fby74u8Eoxv3m+2X89c4Dshxy7
pLD2xyq4veH3CSZpn9p9UUsWge3XzYKRSaH3ikRzptIEKe6OHpkkhjBYM9cpj0ZM
y4ooHBLy7w3RnHM/dRBxz+tUoa1quSp8PKyDDnp/835cpKlrPILUFUx0Bj+9fu69
/OE6ZEUOZK+yfJeKrC+BrwGeYDMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBReI3wU
hg6H0WK/A16mPiRXN/IQjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI2YTdjMGEtM2U0YS00NzM3LWI5MmItZmFjMjJkZTg3NTdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DgI
wDANBgkqhkiG9w0BAQsFAAOCAQEAcxIPgZDSWSFpXD8ezGk1MiF5PERXwyH1C8tm
czqpBeTFEq8RT3dacPlrAFu9XoD8jEUbO9cUM86ILXb/aFuCkehMgLRVC0OeEX8n
m/siWZIb/fQzoFaEFjTeVKXlpWJEzxLBXnLjsOJd1+nbBkn9GYbRo1imoyCuZUe2
J9n7p6jVSYU32IkuAg09DtJiHCF7/A4x4WUbe+lQM/KnAueDQgUbYp/hg5JnZCvJ
GZyYaiDkPgb5xi/PntYZZ1lwv8ge6oekDZZ0a7ujFxdblzm5YZfX7JrK/pHqrDq3
YqptVFuBao3Fk1Evmvn9luNrDsw1cffAUTXLdozt9osVoPuzIQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:26 2025 by rpki-client