Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
File: 4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa (raw, json)
Hash identifier: IDBs3UZ0Z7nssMD25zjjXcl1E+OUmj706J2W4NtiTjA=
Subject key identifier: 64:79:3C:FA:B2:A5:C6:4E:44:64:11:CE:A3:A0:8B:D7:F2:44:AE:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D30B65272C93545D0939D2E5DB1BB4C81BB626D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
Signing time: Fri 11 Jul 2025 20:11:05 +0000
ROA not before: Fri 11 Jul 2025 20:11:05 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:30:b6:52:72:c9:35:45:d0:93:9d:2e:5d:b1:bb:4c:81:bb:62:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:11:05 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=03ac8e0808d18092a4ec76a746407a19a8a79a51e22f41119f55428a51d50e99, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:67:74:cd:89:22:1c:bc:a5:44:9c:1f:12:e1:
82:3e:8d:3e:bb:fc:4c:c6:f0:a6:fa:b8:11:9c:58:
17:12:0a:bf:f7:69:e0:c5:fb:23:a9:84:49:34:0a:
ad:e0:0a:02:cb:0a:da:47:5c:96:a5:9f:60:dc:2c:
e3:6f:67:bc:4a:06:15:44:e4:e4:93:a2:ec:15:e1:
92:1d:5b:68:ca:02:63:c0:f9:9b:70:2d:39:60:b2:
bc:e9:01:62:e9:7a:0b:0d:0f:39:21:d0:79:73:5a:
09:38:39:9b:98:1d:6d:03:0d:39:4e:1a:e8:4a:3d:
46:b7:7b:73:d2:e4:6c:bb:2b:1f:b5:18:e6:e5:d6:
42:57:c1:33:da:5f:b0:e6:4b:54:7b:07:25:9d:a8:
60:93:5c:e5:aa:b9:27:2e:6d:ab:14:1d:6f:64:74:
46:0f:79:e5:42:e1:a0:2e:eb:0a:2c:bf:d7:8a:fe:
f4:e0:53:44:e9:6c:1e:75:e5:2f:bf:94:bd:b6:26:
b7:2b:f1:44:4f:05:8b:bb:4b:f7:60:37:6f:d1:6b:
f5:99:59:fb:62:56:94:f3:f8:b6:24:96:86:c4:d5:
a4:78:91:2e:be:c1:c3:57:62:c6:29:76:cc:7e:7a:
a6:c0:ab:59:4a:4b:3b:8e:c8:d3:41:f0:29:f1:36:
8b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:79:3C:FA:B2:A5:C6:4E:44:64:11:CE:A3:A0:8B:D7:F2:44:AE:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:8000::/40
Signature Algorithm: sha256WithRSAEncryption
66:82:32:b3:ba:0a:a6:cc:4c:8f:1a:e3:4b:d3:cf:7a:ea:19:
39:ee:55:27:e9:d7:5e:0e:a2:e3:26:8b:45:1b:69:90:79:f0:
f1:4c:f8:bd:a3:6c:6b:d6:93:66:0e:0e:da:bd:26:09:5c:f8:
db:3a:df:1a:7e:a7:72:7b:94:d5:fe:61:74:2a:2a:92:fa:02:
94:7d:92:3a:3d:f4:ac:50:79:56:63:73:48:8c:73:f8:af:a0:
ed:e9:b0:e5:3f:e9:7f:e8:0a:e4:08:d0:44:cb:8d:26:e2:f7:
c5:8a:ec:a8:6a:4c:0c:73:cd:ac:93:6d:02:8c:9f:a0:27:b1:
e4:b8:7c:02:dd:33:bf:05:7c:4d:84:0a:e4:e2:e0:a2:46:0a:
90:b5:22:04:56:b8:05:64:e9:45:6f:34:0d:08:bf:d3:62:18:
1f:d0:ad:e9:af:e8:e2:92:19:ce:7a:2d:2f:35:04:ab:65:ca:
66:39:99:d0:87:75:b5:53:a3:2d:25:9d:00:05:5c:33:4a:32:
df:10:a0:3f:7b:b8:bb:cc:da:cd:f4:0d:69:c4:4e:fc:cc:94:
3b:74:d6:e4:42:e2:0b:d0:f4:4a:09:fc:1b:dd:a1:29:b5:c1:
db:d9:41:b9:d9:17:9f:94:82:a9:fb:f1:d0:8c:bd:9f:30:9e:
2e:1c:2a:7a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPTC2UnLJNUXQk50uXbG7TIG7Ym0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDExMDVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzYWM4ZTA4MDhkMTgwOTJhNGVjNzZhNzQ2NDA3YTE5YThhNzlhNTFlMjJm
NDExMTlmNTU0MjhhNTFkNTBlOTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMRndM2JIhy8pUScHxLhgj6NPrv8TMbwpvq4EZxYFxIKv/dp4MX7I6mESTQK
reAKAssK2kdclqWfYNws429nvEoGFUTk5JOi7BXhkh1baMoCY8D5m3AtOWCyvOkB
Yul6Cw0POSHQeXNaCTg5m5gdbQMNOU4a6Eo9Rrd7c9LkbLsrH7UY5uXWQlfBM9pf
sOZLVHsHJZ2oYJNc5aq5Jy5tqxQdb2R0Rg955ULhoC7rCiy/14r+9OBTROlsHnXl
L7+UvbYmtyvxRE8Fi7tL92A3b9Fr9ZlZ+2JWlPP4tiSWhsTVpHiRLr7Bw1dixil2
zH56psCrWUpLO47I00HwKfE2i9ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRkeTz6
sqXGTkRkEc6joIvX8kSuHDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGMyY2Y3YjYtM2ZiYi00ZDc0LTg4NmQtMjFjNThiMzQ3ZjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6A
MA0GCSqGSIb3DQEBCwUAA4IBAQBmgjKzugqmzEyPGuNL08966hk57lUn6ddeDqLj
JotFG2mQefDxTPi9o2xr1pNmDg7avSYJXPjbOt8afqdye5TV/mF0KiqS+gKUfZI6
PfSsUHlWY3NIjHP4r6Dt6bDlP+l/6ArkCNBEy40m4vfFiuyoakwMc82sk20CjJ+g
J7HkuHwC3TO/BXxNhArk4uCiRgqQtSIEVrgFZOlFbzQNCL/TYhgf0K3pr+jikhnO
ei0vNQSrZcpmOZnQh3W1U6MtJZ0ABVwzSjLfEKA/e7i7zNrN9A1pxE78zJQ7dNbk
QuIL0PRKCfwb3aEptcHb2UG52ReflIKp+/HQjL2fMJ4uHCp6
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:41:31 2025 by rpki-client