Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
File: 4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa (raw, json)
Hash identifier: T5oe+k00cxQXmF8fRH5ubTfQ6xW6qDHXfMG2HCZI88Q=
Subject key identifier: 05:96:09:21:82:F3:FB:5D:E2:1B:28:DA:03:F7:20:E6:E8:DE:A2:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78071F1524A6577424EFAD28900CABE658412B18
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
Signing time: Fri 06 Jun 2025 15:10:47 +0000
ROA not before: Fri 06 Jun 2025 15:10:47 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:07:1f:15:24:a6:57:74:24:ef:ad:28:90:0c:ab:e6:58:41:2b:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:10:47 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=2a72b71321919538273de8339a42666e796120555f6c5e459a9661575a07d735, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:8a:60:03:be:23:3b:3c:61:d7:19:7c:6d:35:
8e:1b:cb:00:29:d6:16:91:c3:ed:bd:76:de:9b:d9:
40:a1:32:6a:e9:8a:60:a4:3b:fc:65:e0:cc:29:6f:
ae:8b:b7:a1:80:e5:90:eb:cf:fa:01:be:a8:c3:61:
16:71:8c:e9:b5:30:74:00:e6:6a:a2:e5:c3:cb:03:
ce:a4:6f:d4:36:f9:63:5c:14:da:d2:19:3e:0c:b1:
80:57:6f:6d:87:91:a3:04:14:f1:ed:c2:db:c9:49:
e1:ab:5f:8b:04:a4:85:6d:ce:cb:23:44:99:a4:e6:
e1:5b:30:fc:35:9a:e9:67:57:d9:b7:6a:b3:85:bd:
2f:c1:3f:2f:b6:b0:73:39:dc:79:dd:a0:7e:60:5e:
58:71:dc:09:99:93:74:1f:6c:0a:f1:b9:b4:2a:b4:
60:2d:af:fc:42:8c:64:00:ad:ee:44:6c:26:06:d3:
d9:e2:3f:9d:f9:72:6b:a2:d7:1d:a8:a6:81:c5:0c:
6f:e2:d7:d4:6a:f5:c1:90:cc:8f:ae:3e:9b:4c:cb:
96:aa:e5:63:4c:44:37:2a:ca:ad:5d:ab:02:b2:0a:
00:8d:d8:ef:e4:08:67:76:bc:73:23:b4:ee:a2:79:
e0:4b:85:fc:7a:6b:b9:47:a0:3a:20:d9:f1:2b:81:
14:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:96:09:21:82:F3:FB:5D:E2:1B:28:DA:03:F7:20:E6:E8:DE:A2:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:a000::/40
Signature Algorithm: sha256WithRSAEncryption
18:21:62:d4:21:7d:8b:85:cc:ef:a4:c3:13:e1:2a:f4:4d:c3:
58:5f:12:17:37:ce:5c:53:94:a0:2a:da:7d:08:a8:74:4d:80:
d0:09:08:b9:00:b0:6f:65:95:a4:1d:a1:f6:50:4a:46:77:57:
66:d3:4b:20:31:ce:2d:2a:4f:3c:b7:3b:56:f6:76:75:36:87:
a3:0a:48:38:f7:a9:1b:05:fa:2e:09:cf:3f:b2:a2:35:7b:30:
3b:82:fe:e2:70:43:18:5d:1d:56:d3:27:00:ec:10:28:2c:7b:
5e:1b:64:3f:a3:ab:01:38:95:a1:bf:4c:af:86:63:37:77:77:
00:1f:69:51:38:81:35:f9:c9:ec:5b:9a:9d:68:26:30:24:51:
79:04:be:65:a3:e3:95:3a:dc:83:a8:ab:92:7c:88:2d:c5:aa:
9d:ab:65:1d:f5:14:03:a6:09:f3:75:17:0f:23:4c:24:4a:1f:
29:ac:3e:21:c5:f4:68:79:cb:8b:ac:db:f4:63:b1:58:ed:0d:
52:43:f7:7d:61:cb:62:2d:8f:81:3b:a0:cb:10:a2:f8:be:f2:
bd:19:a3:c8:1a:10:7f:13:b5:6d:16:7d:71:dc:35:10:d1:6e:
7e:00:42:ba:14:6f:ea:62:26:13:5e:ba:c8:e2:64:5e:29:d7:
92:a1:97:dc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeAcfFSSmV3Qk760okAyr5lhBKxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTEwNDdaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhNzJiNzEzMjE5MTk1MzgyNzNkZTgzMzlhNDI2NjZlNzk2MTIwNTU1ZjZj
NWU0NTlhOTY2MTU3NWEwN2Q3MzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOqKYAO+Izs8YdcZfG01jhvLACnWFpHD7b123pvZQKEyaumKYKQ7/GXgzClv
rou3oYDlkOvP+gG+qMNhFnGM6bUwdADmaqLlw8sDzqRv1Db5Y1wU2tIZPgyxgFdv
bYeRowQU8e3C28lJ4atfiwSkhW3OyyNEmaTm4Vsw/DWa6WdX2bdqs4W9L8E/L7aw
cznced2gfmBeWHHcCZmTdB9sCvG5tCq0YC2v/EKMZACt7kRsJgbT2eI/nflya6LX
HaimgcUMb+LX1Gr1wZDMj64+m0zLlqrlY0xENyrKrV2rArIKAI3Y7+QIZ3a8cyO0
7qJ54EuF/HpruUegOiDZ8SuBFDsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQFlgkh
gvP7XeIbKNoD9yDm6N6iaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGJhNTRlNGYtMDI5NC00ZTgzLTgwMzctN2QyNjZjMzdmMGM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCg
MA0GCSqGSIb3DQEBCwUAA4IBAQAYIWLUIX2LhczvpMMT4Sr0TcNYXxIXN85cU5Sg
Ktp9CKh0TYDQCQi5ALBvZZWkHaH2UEpGd1dm00sgMc4tKk88tztW9nZ1NoejCkg4
96kbBfouCc8/sqI1ezA7gv7icEMYXR1W0ycA7BAoLHteG2Q/o6sBOJWhv0yvhmM3
d3cAH2lROIE1+cnsW5qdaCYwJFF5BL5lo+OVOtyDqKuSfIgtxaqdq2Ud9RQDpgnz
dRcPI0wkSh8prD4hxfRoecuLrNv0Y7FY7Q1SQ/d9YctiLY+BO6DLEKL4vvK9GaPI
GhB/E7VtFn1x3DUQ0W5+AEK6FG/qYiYTXrrI4mReKdeSoZfc
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:07 2025 by rpki-client