Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
File: 4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa (raw, json)
Hash identifier: DMLIYRqKayNyPhknPGKoNrXtXNi04swMHpF6gUt7Njc=
Subject key identifier: A9:BA:40:34:DB:18:FC:40:23:88:EA:0B:84:24:BB:40:AA:D0:C8:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38CBD28A77E88B2495AFE4CB4B7242A92AB78796
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
Signing time: Tue 20 May 2025 20:01:24 +0000
ROA not before: Tue 20 May 2025 20:01:24 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:cb:d2:8a:77:e8:8b:24:95:af:e4:cb:4b:72:42:a9:2a:b7:87:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 20:01:24 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=aecd7043a83b145028ce3f5a7a4835ad0b780d8e2010f2c8e0ad09b44c4df049, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fa:e1:2e:da:dd:22:00:6d:c0:be:f3:44:93:
cd:9f:31:c6:5e:10:40:fd:82:50:84:50:7b:4b:89:
d7:28:15:f7:50:04:1e:8f:f8:3a:a5:13:01:83:2c:
40:1d:b7:b2:91:0e:7e:2e:14:f8:42:f4:e1:b9:06:
82:e7:76:60:df:13:d6:e6:a8:94:64:ab:66:7e:e0:
76:a4:41:56:d1:6e:a3:c8:1c:20:fa:f0:a8:49:45:
34:c2:ba:fa:ef:d2:44:e7:e0:b6:1c:8f:95:b0:8a:
56:6a:54:4f:dd:35:a6:0f:6d:8a:67:7a:e7:9f:93:
a5:90:59:b4:df:23:9a:42:ee:a2:41:13:30:39:53:
3f:8c:ca:7c:5f:a3:25:42:39:e7:e0:f6:b3:dc:8d:
93:0e:c8:36:d0:cb:08:e7:73:96:5d:53:56:80:71:
96:21:35:0b:96:d1:58:4d:8a:75:24:65:76:00:56:
66:82:25:b4:ee:5b:40:fc:5c:00:25:13:f6:66:d2:
45:f5:2b:81:4f:65:c4:df:ce:8c:c9:16:31:ca:f9:
0b:09:f9:6c:ab:ac:92:96:82:bd:2f:f9:a7:7f:49:
a4:ac:5b:6a:4c:7a:29:ec:74:80:63:88:54:54:c3:
c9:2f:d1:33:62:9f:63:43:9f:4f:af:e5:71:4b:26:
4b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:BA:40:34:DB:18:FC:40:23:88:EA:0B:84:24:BB:40:AA:D0:C8:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:4000::/40
Signature Algorithm: sha256WithRSAEncryption
27:a5:2d:e6:53:48:e3:cf:f7:47:18:41:3b:80:3d:2e:dd:f4:
4b:be:e6:96:6f:58:94:61:0c:b1:fc:38:d4:02:3a:f0:0b:b6:
54:e6:0a:96:1b:b6:6f:1f:e9:36:6d:f4:65:44:3f:61:44:c8:
96:2e:e0:5a:3d:c2:a9:d9:d9:e6:9b:5f:0d:16:86:67:f0:8a:
8e:ea:2d:60:50:de:e2:7a:12:aa:57:5e:a6:80:7b:77:e6:5f:
0e:4f:89:52:71:77:25:b6:20:f6:7f:c7:2b:4a:79:de:f8:a8:
a3:e0:c9:10:26:72:09:b7:88:6c:e8:a8:f3:4e:f1:f2:de:fb:
3b:c7:35:50:11:29:95:31:8b:01:72:68:6e:2d:74:ed:42:00:
00:e3:0e:f2:66:fc:61:ed:ca:c9:8f:01:85:36:8d:e6:63:13:
49:41:6e:11:c3:2c:1c:65:ad:12:b3:6c:0e:f7:d7:31:28:4c:
7c:16:94:dc:f1:24:a4:de:8e:d9:23:ab:48:8a:fe:f5:95:03:
b9:b1:78:68:c1:e0:04:eb:c5:f4:a0:7b:66:20:ff:ae:4a:6e:
cc:f3:2b:61:6c:6c:54:14:33:1a:e9:04:a7:b6:21:52:e9:ba:
7b:27:4d:0f:b7:61:75:3d:96:17:07:01:59:1c:38:52:ee:bc:
fd:e6:10:bc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOMvSinfoiySVr+TLS3JCqSq3h5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAyMDAxMjRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlY2Q3MDQzYTgzYjE0NTAyOGNlM2Y1YTdhNDgzNWFkMGI3ODBkOGUyMDEw
ZjJjOGUwYWQwOWI0NGM0ZGYwNDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKT64S7a3SIAbcC+80STzZ8xxl4QQP2CUIRQe0uJ1ygV91AEHo/4OqUTAYMs
QB23spEOfi4U+EL04bkGgud2YN8T1uaolGSrZn7gdqRBVtFuo8gcIPrwqElFNMK6
+u/SROfgthyPlbCKVmpUT901pg9timd655+TpZBZtN8jmkLuokETMDlTP4zKfF+j
JUI55+D2s9yNkw7INtDLCOdzll1TVoBxliE1C5bRWE2KdSRldgBWZoIltO5bQPxc
ACUT9mbSRfUrgU9lxN/OjMkWMcr5Cwn5bKuskpaCvS/5p39JpKxbakx6Kex0gGOI
VFTDyS/RM2KfY0OfT6/lcUsmS0sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSpukA0
2xj8QCOI6guEJLtAqtDIUDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI2ZGRjYTctMTcyZi00ZjBlLTlhODMtOWEzNTlmNjJjNDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVA
MA0GCSqGSIb3DQEBCwUAA4IBAQAnpS3mU0jjz/dHGEE7gD0u3fRLvuaWb1iUYQyx
/DjUAjrwC7ZU5gqWG7ZvH+k2bfRlRD9hRMiWLuBaPcKp2dnmm18NFoZn8IqO6i1g
UN7iehKqV16mgHt35l8OT4lScXcltiD2f8crSnne+Kij4MkQJnIJt4hs6KjzTvHy
3vs7xzVQESmVMYsBcmhuLXTtQgAA4w7yZvxh7crJjwGFNo3mYxNJQW4RwywcZa0S
s2wO99cxKEx8FpTc8SSk3o7ZI6tIiv71lQO5sXhoweAE68X0oHtmIP+uSm7M8yth
bGxUFDMa6QSntiFS6bp7J00Pt2F1PZYXBwFZHDhS7rz95hC8
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:52 2025 by rpki-client