Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c522b3a-46c0-4e5a-8698-21b41418c9a4.roa
File: 4c522b3a-46c0-4e5a-8698-21b41418c9a4.roa (raw, json)
Hash identifier: V5qp8+iynh2IfOJME/xtJjMXcxV2/jmJWrXdWSUZGMM=
Subject key identifier: AB:16:45:44:06:CE:7B:82:10:CF:5A:B3:09:10:79:46:A0:CB:D1:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E8846B53EAE59A0D5C050EA1F50F5BB1A2BAEFA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c522b3a-46c0-4e5a-8698-21b41418c9a4.roa
Signing time: Tue 20 May 2025 19:31:37 +0000
ROA not before: Tue 20 May 2025 19:31:37 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:88:46:b5:3e:ae:59:a0:d5:c0:50:ea:1f:50:f5:bb:1a:2b:ae:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:31:37 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=4940489f8380887aa4ce60dfe3f1c9312caf681a54a362fea9f1638fafc07fac, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:81:41:65:bd:87:68:5e:3e:13:fd:21:fa:fe:
12:16:99:6c:db:d0:38:5f:45:22:05:88:30:2e:db:
53:ce:bd:0d:5b:16:79:0d:6c:8e:53:f7:d7:eb:c4:
fc:1c:86:c9:da:6c:d3:bb:fe:d8:56:fe:dd:40:3f:
0e:99:9d:03:94:8d:7d:b1:bc:00:4d:db:99:69:2a:
5e:86:d8:a7:1c:3d:26:bc:49:15:9c:45:1b:ce:ab:
4c:3d:bf:8b:9c:57:8f:dd:bd:82:c5:00:96:96:5f:
d0:af:48:1c:c7:d6:35:4a:41:5a:4d:84:e3:7b:67:
e6:11:d9:5a:82:4b:de:44:3e:ed:aa:6b:dd:4d:8b:
33:20:83:4c:b0:22:c5:25:91:d9:fe:db:d9:a1:85:
9a:4a:fe:c6:29:a7:f8:80:6a:50:38:ca:90:1d:61:
93:6b:93:4b:60:73:e7:61:9f:d9:33:7f:34:3b:b7:
ff:ba:19:0b:15:dd:c0:82:a5:11:c2:93:97:75:78:
b5:1c:0e:76:86:41:5f:c6:77:a0:35:79:7c:b8:59:
1c:a0:f0:22:c7:14:d8:b7:0a:9c:20:0b:96:4e:c1:
9d:0e:6c:2f:a5:ee:6d:08:df:6f:87:a8:14:fb:81:
10:78:58:1b:9c:89:f9:50:be:3b:12:3d:4a:37:22:
f4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:16:45:44:06:CE:7B:82:10:CF:5A:B3:09:10:79:46:A0:CB:D1:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c522b3a-46c0-4e5a-8698-21b41418c9a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:4000::/40
Signature Algorithm: sha256WithRSAEncryption
b6:73:b5:c0:60:f8:69:60:5d:25:33:75:bb:fc:f4:2d:1f:54:
41:5c:d5:1b:7c:79:6d:b6:94:22:77:4f:d0:78:f3:90:07:91:
49:e6:3f:19:64:57:7e:f0:ac:54:eb:b4:44:8c:0d:ba:c2:0c:
a0:fa:bf:5f:18:15:f0:9c:a3:d3:21:b8:45:bb:73:b2:ae:d2:
27:32:1f:8b:51:e5:fd:fa:bd:37:b4:49:c2:7c:9e:26:08:57:
f0:1b:57:ba:0f:b7:16:cc:d3:29:2f:5e:da:55:d9:2b:1e:f8:
80:de:1b:a2:3b:26:06:84:e7:69:6c:db:7c:98:b0:4b:9f:76:
b7:2b:78:54:86:4a:b4:18:d2:34:57:cc:5f:ee:f7:18:de:69:
d9:b8:29:04:36:b2:84:7e:93:36:e4:62:e2:5e:bf:79:79:35:
87:ec:24:0e:47:4a:56:a0:5d:de:41:9c:b6:cb:8c:4a:c1:12:
06:dc:61:2a:f0:0c:b3:2f:dc:9d:59:94:50:e1:42:4d:c5:b5:
ef:21:2f:d9:16:73:02:fd:7e:38:b9:e2:e1:8b:16:85:5d:0b:
a2:0b:64:19:43:ff:be:c5:8c:5d:b1:61:26:c9:02:bd:9a:36:
00:ec:a5:5f:ee:66:31:30:ba:9a:64:85:6c:f3:e7:61:4b:51:
b4:b7:11:2e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbohGtT6uWaDVwFDqH1D1uxorrvowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTMxMzdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5NDA0ODlmODM4MDg4N2FhNGNlNjBkZmUzZjFjOTMxMmNhZjY4MWE1NGEz
NjJmZWE5ZjE2MzhmYWZjMDdmYWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALiBQWW9h2hePhP9Ifr+EhaZbNvQOF9FIgWIMC7bU869DVsWeQ1sjlP31+vE
/ByGydps07v+2Fb+3UA/DpmdA5SNfbG8AE3bmWkqXobYpxw9JrxJFZxFG86rTD2/
i5xXj929gsUAlpZf0K9IHMfWNUpBWk2E43tn5hHZWoJL3kQ+7apr3U2LMyCDTLAi
xSWR2f7b2aGFmkr+ximn+IBqUDjKkB1hk2uTS2Bz52Gf2TN/NDu3/7oZCxXdwIKl
EcKTl3V4tRwOdoZBX8Z3oDV5fLhZHKDwIscU2LcKnCALlk7BnQ5sL6XubQjfb4eo
FPuBEHhYG5yJ+VC+OxI9Sjci9FkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSrFkVE
Bs57ghDPWrMJEHlGoMvRUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM1MjJiM2EtNDZjMC00ZTVhLTg2OTgtMjFiNDE0MThjOWE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HtA
MA0GCSqGSIb3DQEBCwUAA4IBAQC2c7XAYPhpYF0lM3W7/PQtH1RBXNUbfHlttpQi
d0/QePOQB5FJ5j8ZZFd+8KxU67REjA26wgyg+r9fGBXwnKPTIbhFu3OyrtInMh+L
UeX9+r03tEnCfJ4mCFfwG1e6D7cWzNMpL17aVdkrHviA3huiOyYGhOdpbNt8mLBL
n3a3K3hUhkq0GNI0V8xf7vcY3mnZuCkENrKEfpM25GLiXr95eTWH7CQOR0pWoF3e
QZy2y4xKwRIG3GEq8AyzL9ydWZRQ4UJNxbXvIS/ZFnMC/X44ueLhixaFXQuiC2QZ
Q/++xYxdsWEmyQK9mjYA7KVf7mYxMLqaZIVs8+dhS1G0txEu
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:30 2025 by rpki-client