Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
File: 4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa (raw, json)
Hash identifier: hlenYKTjvhRlpmG/8QootYd/g7swboQP2aXK1bbdOBg=
Subject key identifier: EC:27:BB:7A:1C:5C:AB:09:F6:B2:43:B8:5C:6B:70:68:AC:72:C3:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F86DD5242BFB2478F9D0BD15F47E14E2066BC27
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
Signing time: Tue 01 Jul 2025 15:10:13 +0000
ROA not before: Tue 01 Jul 2025 15:10:13 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:86:dd:52:42:bf:b2:47:8f:9d:0b:d1:5f:47:e1:4e:20:66:bc:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:10:13 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=2149847608afe281dc71a75d7e94a03995615e8dc33431a79a7f3154b0568ece, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ca:72:2f:a0:ef:b7:30:f3:da:f6:32:05:8a:
36:9d:2e:a1:37:0d:38:6d:16:1c:b0:cf:80:4b:b1:
3f:cb:a9:28:26:64:60:99:3c:e3:bc:9f:9b:13:5d:
24:dc:3c:e9:98:c5:fe:03:32:61:ed:01:00:be:b6:
35:ff:e1:5b:37:ab:5b:c9:c2:4f:ec:f5:b0:bc:e9:
4c:ea:5a:39:a0:a8:2d:6d:4a:95:67:b3:8d:ad:c2:
c6:07:d4:95:47:aa:59:4e:2e:d0:ab:7e:e2:00:e7:
e6:ef:c1:f2:a9:5f:98:71:66:3f:0d:29:9e:43:e9:
4a:c8:be:de:b7:11:38:0a:8f:5e:f6:ca:bc:21:71:
43:51:ab:3f:a3:b6:60:6c:98:bb:e2:4e:da:fc:50:
76:66:49:4b:05:17:4b:39:5c:5c:68:df:1f:83:cc:
15:da:8d:86:64:fa:c8:cf:82:bd:c1:e6:2c:b5:a4:
07:fb:59:1e:d0:30:05:49:7d:97:b0:4e:8d:10:e0:
c2:02:c0:67:a4:ec:28:ce:1a:db:10:fd:45:76:d7:
d7:0f:1b:3a:10:f9:a1:73:d6:06:f1:82:8d:bf:8e:
be:c6:b3:ec:f6:83:91:40:a5:1c:82:08:22:81:40:
77:39:93:14:6c:4e:a5:2e:36:ee:70:34:9a:49:37:
00:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:27:BB:7A:1C:5C:AB:09:F6:B2:43:B8:5C:6B:70:68:AC:72:C3:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:a000::/40
Signature Algorithm: sha256WithRSAEncryption
a6:d0:d0:39:6d:ac:14:b8:ee:54:bd:67:20:20:8e:9c:b2:16:
d6:0a:91:8b:5d:a0:78:58:a8:ce:ba:69:7a:f4:0c:f6:4e:f9:
9e:a7:aa:dc:c3:f1:e5:cb:ce:48:fb:b2:47:35:be:bf:a8:d2:
26:28:d9:35:51:35:d0:d4:a2:31:4c:13:80:fb:e3:6a:fb:e3:
f7:5c:a4:09:63:88:d5:76:d5:ef:11:aa:27:75:35:23:cf:65:
c4:f4:23:8a:98:48:b0:4b:c5:cd:19:4b:04:7d:5f:bc:67:ce:
d9:86:5e:b3:c7:bc:d0:34:21:ad:cb:cf:42:ca:a9:14:2e:67:
a8:a1:39:a3:5c:6a:98:37:c7:bd:56:bb:fd:1e:26:4b:3a:4d:
4a:ec:e9:af:31:af:0f:ad:7f:76:7a:ba:54:e1:6d:e1:40:bf:
fb:ad:77:29:0e:67:1b:b3:38:d3:01:bb:9c:2a:66:34:59:d2:
a0:ab:6c:4b:83:bd:6a:f1:38:d6:d3:75:c1:ef:3b:ef:52:c0:
0d:8e:c3:98:f2:44:1f:f5:c1:ee:aa:d9:a4:a9:89:39:62:30:
19:4a:c7:b5:49:9c:3b:b5:a3:80:7d:5b:63:cc:2f:09:50:a6:
97:61:cd:53:9f:59:e7:61:93:c1:b2:be:dd:4d:10:c8:ce:40:
27:93:7f:da
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb4bdUkK/skePnQvRX0fhTiBmvCcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTEwMTNaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxNDk4NDc2MDhhZmUyODFkYzcxYTc1ZDdlOTRhMDM5OTU2MTVlOGRjMzM0
MzFhNzlhN2YzMTU0YjA1NjhlY2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMfKci+g77cw89r2MgWKNp0uoTcNOG0WHLDPgEuxP8upKCZkYJk847yfmxNd
JNw86ZjF/gMyYe0BAL62Nf/hWzerW8nCT+z1sLzpTOpaOaCoLW1KlWezja3CxgfU
lUeqWU4u0Kt+4gDn5u/B8qlfmHFmPw0pnkPpSsi+3rcROAqPXvbKvCFxQ1GrP6O2
YGyYu+JO2vxQdmZJSwUXSzlcXGjfH4PMFdqNhmT6yM+CvcHmLLWkB/tZHtAwBUl9
l7BOjRDgwgLAZ6TsKM4a2xD9RXbX1w8bOhD5oXPWBvGCjb+Ovsaz7PaDkUClHIII
IoFAdzmTFGxOpS427nA0mkk3AFsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTsJ7t6
HFyrCfayQ7hca3BorHLDYjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGJhNTRlNGYtMDI5NC00ZTgzLTgwMzctN2QyNjZjMzdmMGM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCg
MA0GCSqGSIb3DQEBCwUAA4IBAQCm0NA5bawUuO5UvWcgII6cshbWCpGLXaB4WKjO
uml69Az2Tvmep6rcw/Hly85I+7JHNb6/qNImKNk1UTXQ1KIxTBOA++Nq++P3XKQJ
Y4jVdtXvEaondTUjz2XE9COKmEiwS8XNGUsEfV+8Z87Zhl6zx7zQNCGty89CyqkU
LmeooTmjXGqYN8e9Vrv9HiZLOk1K7OmvMa8PrX92erpU4W3hQL/7rXcpDmcbszjT
AbucKmY0WdKgq2xLg71q8TjW03XB7zvvUsANjsOY8kQf9cHuqtmkqYk5YjAZSse1
SZw7taOAfVtjzC8JUKaXYc1Tn1nnYZPBsr7dTRDIzkAnk3/a
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:21 2025 by rpki-client