Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ec3ef54-a209-4902-b036-4d329fe00df1.roa
File: 4ec3ef54-a209-4902-b036-4d329fe00df1.roa (raw, json)
Hash identifier: POKJxq4fClLRHjnLxA9fXtAAhfuO1RT3VxsHfIylwDQ=
Subject key identifier: 59:6E:26:D3:0B:B8:D3:00:A8:26:AA:0B:2A:A1:C9:54:EE:31:7B:51
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E5FCB63A98EA769660B8FC8862E038BFA13F7C6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ec3ef54-a209-4902-b036-4d329fe00df1.roa
Signing time: Fri 11 Jul 2025 19:41:41 +0000
ROA not before: Fri 11 Jul 2025 19:41:41 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:8020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:5f:cb:63:a9:8e:a7:69:66:0b:8f:c8:86:2e:03:8b:fa:13:f7:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:41:41 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=337974daafcfd9b7c820d62646f3e730c4f520c23594ba90cebfff6ffea89e04, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d8:a1:c8:e2:8c:65:b6:35:e5:37:7c:e5:77:
1a:0b:d1:9c:af:19:d8:61:05:d0:be:e1:95:0f:a3:
d5:c3:19:40:97:6b:72:26:47:01:4e:9b:e1:d2:e6:
53:f1:56:f6:91:02:67:22:1a:56:08:2d:00:5e:ff:
b6:0f:ac:c8:aa:02:6d:d8:f8:73:44:09:44:a4:38:
ae:ef:15:78:28:be:8a:31:01:d9:43:af:af:f0:c3:
bb:fb:58:e1:74:39:e1:8b:41:d0:c3:c6:fa:c0:f6:
56:28:e4:9d:a9:e6:36:00:8e:25:ab:d3:4d:c4:62:
6d:f3:6e:ab:54:1a:7e:93:fb:0e:e7:70:72:20:d8:
30:9f:58:05:df:4f:6f:06:70:24:a7:e9:86:4e:a3:
5e:8c:b7:d5:d4:33:ff:62:b8:8a:8d:92:61:de:05:
ec:95:f9:66:c0:e6:d6:c7:c0:35:f9:59:77:b5:bd:
74:61:1c:46:a1:7c:1e:ed:9e:32:0c:77:c2:f2:03:
c8:f5:d1:cb:d8:23:76:81:4e:0b:87:40:1b:c0:bc:
02:29:34:44:8d:ae:97:9d:8b:b8:de:3d:93:bd:ff:
5e:23:a2:55:69:ec:93:5b:8b:eb:a5:fa:df:fb:93:
9f:82:30:b3:e7:38:6e:37:51:74:bd:7d:62:32:d6:
ff:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:6E:26:D3:0B:B8:D3:00:A8:26:AA:0B:2A:A1:C9:54:EE:31:7B:51
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ec3ef54-a209-4902-b036-4d329fe00df1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:8020::/46
Signature Algorithm: sha256WithRSAEncryption
0a:aa:32:4f:bb:61:af:96:b9:ac:66:3d:8c:29:16:23:a9:73:
90:59:73:63:3c:a5:77:02:e9:54:bc:39:68:2f:8a:14:f3:ca:
88:f4:a9:3c:9a:ac:40:b3:f2:cd:19:51:59:2b:1a:8c:21:fe:
f9:5c:01:e0:55:96:5b:5e:37:cd:b5:21:45:7b:55:54:fa:c2:
09:53:bb:96:64:9a:83:f4:19:30:b4:c7:04:e9:cb:8d:46:21:
ae:71:1a:c0:83:52:a1:07:de:8a:a2:9b:9e:f9:55:d2:46:a4:
75:bb:aa:a8:8e:07:0f:f6:ba:9a:fe:80:14:99:7f:60:2c:28:
4a:e7:ba:24:40:7f:6a:d8:3b:88:9c:68:ce:87:7b:c9:7e:d2:
64:19:ff:37:16:1d:38:ed:0f:c0:4a:c3:08:20:93:e2:3c:6b:
51:5e:20:b1:15:2e:ee:2a:49:4b:ec:46:96:f3:dc:25:ac:fd:
38:90:31:e8:56:cd:45:15:d4:71:a7:a8:54:ca:53:3d:41:ad:
b2:36:e6:6a:4f:52:49:a8:47:8a:6e:45:c1:79:91:2d:98:b0:
ba:c4:14:5a:51:1f:e0:d5:25:77:7c:5f:5a:18:7e:c2:45:50:
3a:d4:f9:19:d6:72:93:c7:fc:90:78:98:77:83:65:4c:d5:5f:
3d:a5:38:6d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHl/LY6mOp2lmC4/Ihi4Di/oT98YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTQxNDFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzNzk3NGRhYWZjZmQ5YjdjODIwZDYyNjQ2ZjNlNzMwYzRmNTIwYzIzNTk0
YmE5MGNlYmZmZjZmZmVhODllMDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3YocjijGW2NeU3fOV3GgvRnK8Z2GEF0L7hlQ+j1cMZQJdrciZHAU6b4dLm
U/FW9pECZyIaVggtAF7/tg+syKoCbdj4c0QJRKQ4ru8VeCi+ijEB2UOvr/DDu/tY
4XQ54YtB0MPG+sD2VijknanmNgCOJavTTcRibfNuq1QafpP7DudwciDYMJ9YBd9P
bwZwJKfphk6jXoy31dQz/2K4io2SYd4F7JX5ZsDm1sfANflZd7W9dGEcRqF8Hu2e
Mgx3wvIDyPXRy9gjdoFOC4dAG8C8Aik0RI2ul52LuN49k73/XiOiVWnsk1uL66X6
3/uTn4Iws+c4bjdRdL19YjLW/9MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRZbibT
C7jTAKgmqgsqoclU7jF7UTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGVjM2VmNTQtYTIwOS00OTAyLWIwMzYtNGQzMjlmZTAwZGYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeA
IDANBgkqhkiG9w0BAQsFAAOCAQEACqoyT7thr5a5rGY9jCkWI6lzkFlzYzyldwLp
VLw5aC+KFPPKiPSpPJqsQLPyzRlRWSsajCH++VwB4FWWW143zbUhRXtVVPrCCVO7
lmSag/QZMLTHBOnLjUYhrnEawINSoQfeiqKbnvlV0kakdbuqqI4HD/a6mv6AFJl/
YCwoSue6JEB/atg7iJxozod7yX7SZBn/NxYdOO0PwErDCCCT4jxrUV4gsRUu7ipJ
S+xGlvPcJaz9OJAx6FbNRRXUcaeoVMpTPUGtsjbmak9SSahHim5FwXmRLZiwusQU
WlEf4NUld3xfWhh+wkVQOtT5GdZyk8f8kHiYd4NlTNVfPaU4bQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:10 2025 by rpki-client