Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
File: 4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa (raw, json)
Hash identifier: Zae63fYVgsU+ctvLQ711wzm1sqmxb+nP8D/bHmAe45s=
Subject key identifier: 09:7D:70:58:83:43:AD:D6:6A:65:5C:F8:4F:8F:14:87:42:6A:F0:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A9B47960B9CD2F6B347FE5129EFF059DC3AAE06
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
Signing time: Fri 11 Jul 2025 20:31:35 +0000
ROA not before: Fri 11 Jul 2025 20:31:35 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:9b:47:96:0b:9c:d2:f6:b3:47:fe:51:29:ef:f0:59:dc:3a:ae:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:31:35 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=f3820733b733f4cee0409b136fdc773f63ad9803b7aa9ae2becb4a09f74ff19d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9a:9b:0f:99:92:68:d2:ad:3e:30:de:80:c7:
76:ab:a4:af:95:fa:76:ff:22:b7:a1:03:b7:e4:00:
37:70:c1:a7:82:ba:9b:a3:a1:79:04:35:41:5b:a1:
35:1f:39:b0:5a:c7:59:de:95:b9:0d:b1:a9:19:08:
2a:b8:4c:42:06:e2:db:30:51:1d:8f:d5:a4:ca:bb:
2a:c3:cc:af:80:ab:b5:c7:80:1a:8d:df:1e:f0:77:
90:5d:5a:f4:b6:e3:70:22:05:f7:b5:12:f5:17:f8:
36:8c:91:d2:86:8c:49:4c:24:f7:9e:ca:67:e9:67:
eb:a8:a7:f2:cf:21:1a:68:fc:7f:44:0d:75:58:28:
5e:28:5c:b1:79:d0:89:6b:5d:82:81:e0:40:78:52:
23:6d:f3:3a:c1:63:4d:fb:a5:17:5c:eb:79:58:f1:
2d:5a:97:28:9c:a3:8a:1a:84:45:7a:44:9d:53:db:
83:0d:c0:94:de:42:17:4a:70:7b:60:d5:f4:92:7d:
5f:98:04:df:60:2d:7f:10:59:74:b7:73:96:a5:7a:
f5:79:10:24:a1:0f:9c:52:4c:da:59:5e:b2:66:b6:
b7:e6:c4:75:fb:73:9e:ca:07:11:1e:47:99:be:c9:
8e:96:4e:bc:a1:ef:29:22:d4:e3:86:08:9c:56:b1:
06:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:7D:70:58:83:43:AD:D6:6A:65:5C:F8:4F:8F:14:87:42:6A:F0:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:c000::/40
Signature Algorithm: sha256WithRSAEncryption
a6:32:3f:07:38:06:c1:d5:fc:a1:f6:9f:15:cb:b3:5a:b8:d0:
fa:ae:b3:fd:ff:3b:99:7d:7d:42:a3:9c:f6:aa:81:27:b0:0a:
04:1f:77:22:6c:4b:2d:16:3a:90:c4:7e:e5:d4:b5:b0:f1:81:
bc:28:33:8c:8f:0c:dd:e2:14:37:2e:60:2d:14:00:4a:51:be:
12:f4:38:64:50:a9:9d:2f:6e:11:40:07:24:a4:84:97:06:af:
a5:d3:89:ea:09:5c:24:db:74:53:8c:6e:ab:f4:f7:4b:67:e9:
7a:86:0f:42:ad:45:b6:de:dc:e3:c1:b9:89:9c:0b:fe:72:7f:
11:a0:df:0c:8b:63:c4:26:25:c9:f3:21:88:dd:4d:10:aa:2b:
98:70:66:9c:08:ba:94:4f:01:ce:fe:25:97:54:8f:2c:f7:b6:
a5:bf:d2:84:3e:61:a4:f7:2e:f9:9f:f5:93:8a:0d:e9:15:5f:
ba:01:38:bd:63:a5:e1:46:3a:6a:b4:fd:ce:37:68:b7:0f:dc:
98:5a:9f:38:15:d7:f9:f1:2c:8a:44:2b:31:ec:d9:a8:ab:d3:
58:be:a7:7e:67:49:6d:bb:21:6a:51:7e:9a:fc:c1:82:24:74:
43:90:83:48:af:bd:5e:12:69:cd:d9:2f:ee:41:2a:df:c6:c8:
b0:a4:af:b4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaptHlguc0vazR/5RKe/wWdw6rgYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMxMzVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzODIwNzMzYjczM2Y0Y2VlMDQwOWIxMzZmZGM3NzNmNjNhZDk4MDNiN2Fh
OWFlMmJlY2I0YTA5Zjc0ZmYxOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6amw+ZkmjSrT4w3oDHdqukr5X6dv8it6EDt+QAN3DBp4K6m6OheQQ1QVuh
NR85sFrHWd6VuQ2xqRkIKrhMQgbi2zBRHY/VpMq7KsPMr4CrtceAGo3fHvB3kF1a
9LbjcCIF97US9Rf4NoyR0oaMSUwk957KZ+ln66in8s8hGmj8f0QNdVgoXihcsXnQ
iWtdgoHgQHhSI23zOsFjTfulF1zreVjxLVqXKJyjihqERXpEnVPbgw3AlN5CF0pw
e2DV9JJ9X5gE32AtfxBZdLdzlqV69XkQJKEPnFJM2llesma2t+bEdftznsoHER5H
mb7JjpZOvKHvKSLU44YInFaxBh8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQJfXBY
g0Ot1mplXPhPjxSHQmrw6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFkNGIxZDUtMTczZS00YzEzLTgwMzItYWIyZGQxZmFmZWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FDA
MA0GCSqGSIb3DQEBCwUAA4IBAQCmMj8HOAbB1fyh9p8Vy7NauND6rrP9/zuZfX1C
o5z2qoEnsAoEH3cibEstFjqQxH7l1LWw8YG8KDOMjwzd4hQ3LmAtFABKUb4S9Dhk
UKmdL24RQAckpISXBq+l04nqCVwk23RTjG6r9PdLZ+l6hg9CrUW23tzjwbmJnAv+
cn8RoN8Mi2PEJiXJ8yGI3U0QqiuYcGacCLqUTwHO/iWXVI8s97alv9KEPmGk9y75
n/WTig3pFV+6ATi9Y6XhRjpqtP3ON2i3D9yYWp84Fdf58SyKRCsx7Nmoq9NYvqd+
Z0ltuyFqUX6a/MGCJHRDkINIr71eEmnN2S/uQSrfxsiwpK+0
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:16 2025 by rpki-client