Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
File: 4aa20760-fb28-4393-bec8-9ffb467f03e4.roa (raw, json)
Hash identifier: jaDu2odnMx1XKwxYLw6FLGJ+0mK0SrwLbwD294vE2Dc=
Subject key identifier: B0:6B:80:AE:5A:03:8F:31:9A:B0:24:99:5E:39:20:32:A1:51:F3:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 57F4A6E86C78B7923056B169C0C5A0A3C5D1FBFB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
Signing time: Fri 11 Jul 2025 20:10:04 +0000
ROA not before: Fri 11 Jul 2025 20:10:04 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:f4:a6:e8:6c:78:b7:92:30:56:b1:69:c0:c5:a0:a3:c5:d1:fb:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:10:04 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=7d826a0f7cb63e18c7b38473c91e8d868ace1b96f72f749bee89fc1fa296940c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:59:a5:bb:45:28:9d:2c:fb:2d:39:c3:4b:10:
f6:62:03:3a:d6:c1:81:f4:4c:40:37:c2:8d:1c:27:
62:79:e3:c7:76:fd:a9:ce:c8:48:0f:7c:55:eb:b3:
35:e9:8c:e4:33:cb:59:88:a9:2b:a9:89:59:a5:b1:
c1:b0:6a:c0:f8:c9:1a:7f:45:f0:0c:40:f1:52:a3:
f3:f4:98:0d:a4:f9:04:f8:45:21:47:05:4c:10:bc:
e0:a1:1e:e2:06:62:13:7e:37:1a:8e:1a:91:2c:26:
f7:b8:e2:e0:14:27:b3:ec:85:f1:c8:78:2a:c6:13:
69:8d:bf:10:75:e6:dc:b9:7f:0c:c3:f4:0f:f9:8a:
2c:49:eb:e0:7b:49:29:b6:7b:24:eb:d9:17:93:83:
15:c0:93:e3:88:6b:30:70:72:75:eb:19:04:f5:26:
39:e1:7b:13:7a:66:c6:e2:7c:f9:c3:fa:7a:66:12:
72:78:70:c8:3c:82:5c:38:7d:25:1c:50:0c:f5:0c:
46:05:32:fd:c9:8e:af:2f:e1:ec:8f:88:88:f2:59:
1f:22:0f:68:c8:b9:18:e0:9c:e4:e1:b5:5d:1d:55:
bd:0a:cc:fb:6d:60:35:01:bf:16:c3:d2:82:2d:b8:
45:3e:34:d6:1b:d4:46:ba:7d:85:72:3f:30:1d:1c:
0d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:6B:80:AE:5A:03:8F:31:9A:B0:24:99:5E:39:20:32:A1:51:F3:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
89:5c:ea:a7:5c:f9:5c:57:da:63:6e:4a:6e:ec:7c:9b:43:ea:
d1:aa:77:c4:c8:87:d1:03:7a:a6:4b:af:9f:42:13:01:ab:1c:
7e:12:91:a5:e9:4a:d0:f8:01:ba:87:ba:fc:a8:6e:1e:6c:aa:
02:34:d0:03:fe:33:31:0a:91:b6:a7:65:de:c0:2c:5b:32:56:
e0:87:a6:c0:78:92:05:58:90:09:f1:e8:dd:b5:f7:10:3f:7a:
cd:47:a0:e4:2a:e5:30:d9:93:a0:76:6e:71:e7:07:b8:3b:bd:
2e:ec:8b:94:f1:ce:3f:e4:e3:1f:70:c8:6c:d0:2a:05:07:b1:
3c:b4:a9:0b:33:35:93:28:26:9c:41:61:43:44:1e:fb:c1:04:
8c:ae:6d:15:32:b2:6b:3d:56:fa:2e:99:d7:15:2f:15:04:5c:
76:3d:03:51:e2:60:a3:4f:67:e4:ac:4a:5e:1a:eb:25:46:cc:
88:18:c5:3a:c3:cf:79:32:fc:e6:d8:c7:65:f9:b1:b0:ba:cc:
c7:55:5c:53:14:10:89:e7:8a:9d:b1:e6:c6:f6:76:97:f7:49:
c7:a9:3c:d9:2f:98:87:f6:22:24:b9:3d:f1:5a:6e:30:a8:3b:
7e:0e:e7:78:40:2d:5b:df:f7:31:18:2b:77:f6:e2:53:e6:2a:
74:30:90:4f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUV/Sm6Gx4t5IwVrFpwMWgo8XR+/swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDEwMDRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkODI2YTBmN2NiNjNlMThjN2IzODQ3M2M5MWU4ZDg2OGFjZTFiOTZmNzJm
NzQ5YmVlODlmYzFmYTI5Njk0MGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRZpbtFKJ0s+y05w0sQ9mIDOtbBgfRMQDfCjRwnYnnjx3b9qc7ISA98Veuz
NemM5DPLWYipK6mJWaWxwbBqwPjJGn9F8AxA8VKj8/SYDaT5BPhFIUcFTBC84KEe
4gZiE343Go4akSwm97ji4BQns+yF8ch4KsYTaY2/EHXm3Ll/DMP0D/mKLEnr4HtJ
KbZ7JOvZF5ODFcCT44hrMHBydesZBPUmOeF7E3pmxuJ8+cP6emYScnhwyDyCXDh9
JRxQDPUMRgUy/cmOry/h7I+IiPJZHyIPaMi5GOCc5OG1XR1VvQrM+21gNQG/FsPS
gi24RT401hvURrp9hXI/MB0cDesCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSwa4Cu
WgOPMZqwJJleOSAyoVHzMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhMjA3NjAtZmIyOC00MzkzLWJlYzgtOWZmYjQ2N2YwM2U0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hpg
MA0GCSqGSIb3DQEBCwUAA4IBAQCJXOqnXPlcV9pjbkpu7HybQ+rRqnfEyIfRA3qm
S6+fQhMBqxx+EpGl6UrQ+AG6h7r8qG4ebKoCNNAD/jMxCpG2p2XewCxbMlbgh6bA
eJIFWJAJ8ejdtfcQP3rNR6DkKuUw2ZOgdm5x5we4O70u7IuU8c4/5OMfcMhs0CoF
B7E8tKkLMzWTKCacQWFDRB77wQSMrm0VMrJrPVb6LpnXFS8VBFx2PQNR4mCjT2fk
rEpeGuslRsyIGMU6w895Mvzm2Mdl+bGwuszHVVxTFBCJ54qdsebG9naX90nHqTzZ
L5iH9iIkuT3xWm4wqDt+Dud4QC1b3/cxGCt39uJT5ip0MJBP
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:11 2025 by rpki-client