Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
File: 4e84f0a8-9d20-4219-b641-9a6905a033d9.roa (raw, json)
Hash identifier: 0gJOo3V+VC3Dps/aZZwqHTgLx8q7Yyqtdxl3qXYJNEo=
Subject key identifier: 22:46:09:B2:B1:E2:21:92:71:31:51:A5:51:24:B1:2A:2A:1D:EB:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B6B348D02A6FC0F7648225A097088EC2CF2DC47
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
Signing time: Fri 11 Jul 2025 18:50:51 +0000
ROA not before: Fri 11 Jul 2025 18:50:51 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:6b:34:8d:02:a6:fc:0f:76:48:22:5a:09:70:88:ec:2c:f2:dc:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:50:51 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=75934fbe4941cd6ed8b12754ab15fc4a79e960c1089fe145b8fd513096e0a128, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c9:48:ff:55:8c:8c:ee:08:90:f1:8f:17:71:
69:0a:03:ae:3b:4c:87:10:f6:68:ad:cf:ac:6c:e3:
4f:b3:be:ef:2f:c3:94:3f:7a:82:d4:fa:2d:ff:9a:
7d:e9:57:70:e9:e5:55:71:72:37:68:e0:5b:69:34:
a4:81:97:98:8b:7d:93:e8:91:83:6a:4a:f9:21:72:
cd:bf:fe:84:d0:c7:db:7e:8d:0f:38:ca:38:c3:a7:
10:96:08:8b:29:1a:bd:81:45:3e:9a:6e:b9:be:2e:
a0:c8:47:6e:85:5b:91:82:16:9b:3d:9f:93:bb:42:
f2:52:b6:6a:78:b6:03:61:b3:cc:dd:d4:22:82:02:
df:35:5d:2e:a7:af:19:5a:b5:ab:6a:54:4d:f1:a5:
a9:e1:40:bf:c5:c1:a3:cd:75:f2:e9:12:5b:2e:18:
12:a1:07:8b:dc:bf:34:56:a7:99:b2:8d:ed:42:cc:
5b:29:86:02:e3:f1:fc:b7:64:16:e2:64:5e:b7:00:
79:89:78:13:8f:6c:30:e0:8c:f1:27:1f:51:53:0e:
8a:94:dc:3b:56:d1:e0:26:22:3a:8f:31:7e:59:b2:
78:99:b0:cd:14:13:a3:79:eb:8d:6c:9f:6a:0f:17:
6d:4e:15:5a:26:06:7e:da:04:8b:e3:b1:59:60:c9:
4c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:46:09:B2:B1:E2:21:92:71:31:51:A5:51:24:B1:2A:2A:1D:EB:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a040::/48
Signature Algorithm: sha256WithRSAEncryption
c5:d6:90:58:51:d3:76:32:6d:f3:8c:ba:6b:11:57:35:49:66:
fb:31:53:8f:5b:64:a7:d2:6a:08:a2:0e:e4:ae:2d:1b:92:1c:
0b:03:75:a1:77:57:ed:27:ec:13:df:dc:c7:1e:c6:67:22:66:
5a:e5:21:9d:d3:9a:81:22:37:21:d5:a9:56:41:82:4e:2c:5d:
a1:ec:0e:4c:0a:ce:18:5a:03:71:3c:5c:97:86:7a:b9:5f:73:
06:d0:45:77:f4:e9:16:50:a6:16:95:ef:33:bb:84:0a:94:d9:
9f:f8:6c:49:1c:77:99:7c:d3:7b:51:44:bf:09:ff:af:55:d5:
35:4e:97:43:bf:3b:9d:73:99:9d:6f:2b:54:af:57:e6:7b:9c:
2e:38:df:e0:3d:19:82:bc:95:36:a9:0b:7d:48:a5:16:0e:78:
94:7d:9f:88:c9:ed:e2:d0:2c:14:87:8d:ab:36:5e:85:aa:21:
80:35:22:d2:0d:85:3a:cb:98:25:16:8d:b0:58:33:6e:6b:c4:
7c:92:e5:e5:c7:ab:6a:5d:4b:1b:77:e7:b6:84:cf:1b:5e:a1:
7a:7d:45:4f:f9:07:f9:2e:f3:99:05:6d:d3:08:9a:a9:57:b8:
48:bf:d5:a1:21:00:37:38:e1:97:1d:22:0b:6a:7a:64:16:d6:
b5:92:5f:d0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUK2s0jQKm/A92SCJaCXCI7Czy3EcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODUwNTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1OTM0ZmJlNDk0MWNkNmVkOGIxMjc1NGFiMTVmYzRhNzllOTYwYzEwODlm
ZTE0NWI4ZmQ1MTMwOTZlMGExMjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDJSP9VjIzuCJDxjxdxaQoDrjtMhxD2aK3PrGzjT7O+7y/DlD96gtT6Lf+a
felXcOnlVXFyN2jgW2k0pIGXmIt9k+iRg2pK+SFyzb/+hNDH236NDzjKOMOnEJYI
iykavYFFPppuub4uoMhHboVbkYIWmz2fk7tC8lK2ani2A2GzzN3UIoIC3zVdLqev
GVq1q2pUTfGlqeFAv8XBo8118ukSWy4YEqEHi9y/NFanmbKN7ULMWymGAuPx/Ldk
FuJkXrcAeYl4E49sMOCM8ScfUVMOipTcO1bR4CYiOo8xflmyeJmwzRQTo3nrjWyf
ag8XbU4VWiYGftoEi+OxWWDJTD0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQiRgmy
seIhknExUaVRJLEqKh3r3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGU4NGYwYTgtOWQyMC00MjE5LWI2NDEtOWE2OTA1YTAzM2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg
QDANBgkqhkiG9w0BAQsFAAOCAQEAxdaQWFHTdjJt84y6axFXNUlm+zFTj1tkp9Jq
CKIO5K4tG5IcCwN1oXdX7SfsE9/cxx7GZyJmWuUhndOagSI3IdWpVkGCTixdoewO
TArOGFoDcTxcl4Z6uV9zBtBFd/TpFlCmFpXvM7uECpTZn/hsSRx3mXzTe1FEvwn/
r1XVNU6XQ787nXOZnW8rVK9X5nucLjjf4D0ZgryVNqkLfUilFg54lH2fiMnt4tAs
FIeNqzZehaohgDUi0g2FOsuYJRaNsFgzbmvEfJLl5ceral1LG3fntoTPG16hen1F
T/kH+S7zmQVt0wiaqVe4SL/VoSEANzjhlx0iC2p6ZBbWtZJf0A==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:44 2025 by rpki-client