Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b41919f2-4e07-4adf-8fc6-43f8940080d4.roa
File: b41919f2-4e07-4adf-8fc6-43f8940080d4.roa (raw, json)
Hash identifier: 4D37xVHs+4jhAfYbfweQgsITRF440DPSds9+cA176xg=
Subject key identifier: D0:55:8D:10:1D:2E:A2:16:83:1C:F2:D6:F1:74:E6:D7:8C:18:2E:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47E2432F9665805697C304B3977FBB69ACD334AF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b41919f2-4e07-4adf-8fc6-43f8940080d4.roa
Signing time: Tue 01 Jul 2025 15:10:50 +0000
ROA not before: Tue 01 Jul 2025 15:10:50 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:e2:43:2f:96:65:80:56:97:c3:04:b3:97:7f:bb:69:ac:d3:34:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:10:50 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=e915d51d0578dcfa78685b344a855b4d469b98e60343feb6779479cfdd8915d5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3d:d8:a0:ea:0f:ee:67:9e:bd:3a:ae:e7:ba:
d8:80:bc:a8:59:90:8c:66:d3:fe:ad:2c:df:78:ad:
c0:25:21:89:3d:92:7e:ef:a7:4b:01:d6:ac:cd:9f:
90:c7:47:82:a8:f3:4a:4e:15:28:be:f7:a0:87:f6:
20:1a:58:be:11:6d:16:4e:0b:54:6f:c9:65:5e:d5:
8a:bb:26:84:a7:3d:69:65:39:69:e4:8b:79:99:bd:
15:05:1f:20:74:82:7e:06:85:f0:b9:49:a2:d7:c2:
74:f9:ed:da:1f:c4:56:46:b5:05:61:ae:1e:e5:29:
86:68:bc:7d:e2:46:58:c4:01:a8:ba:cd:cb:91:f4:
e1:73:49:2f:0c:5b:24:4d:89:a9:9d:a2:ae:a1:e6:
cc:be:67:ba:d9:85:9f:a5:bb:33:4a:18:b1:dc:df:
8e:46:6c:98:24:5d:e7:ec:79:d3:57:af:dd:59:db:
2b:6e:78:ce:83:e6:bb:55:84:d6:ad:fc:a2:84:1f:
f1:71:da:ba:48:d6:89:36:64:3f:92:0d:99:8b:0a:
4b:bc:84:e2:43:74:14:4d:77:12:dc:2d:ad:62:cc:
0f:b6:f6:07:bd:28:c7:4b:be:46:12:e1:bf:42:26:
b3:c8:78:2e:99:45:84:12:3b:b4:d2:f2:d8:f5:c9:
6a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:55:8D:10:1D:2E:A2:16:83:1C:F2:D6:F1:74:E6:D7:8C:18:2E:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b41919f2-4e07-4adf-8fc6-43f8940080d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:9000::/40
Signature Algorithm: sha256WithRSAEncryption
b3:e4:27:64:64:e9:c0:83:8a:64:50:d9:42:57:78:12:d2:97:
19:5d:c2:d0:13:36:90:4b:9d:01:8d:e6:61:cf:dc:d3:e1:70:
06:57:ce:ab:fb:30:26:6a:46:43:b7:47:0d:95:22:80:bb:ed:
6d:3b:88:c9:8e:d3:40:bb:98:6c:62:ca:a8:ba:f4:98:b4:09:
f1:e0:3e:cf:70:a0:c6:15:1f:2d:d4:89:7b:a5:62:fe:35:2c:
5c:5b:3a:e7:f5:b1:5e:20:f6:1a:da:b7:ea:f4:04:b0:63:1c:
b7:e2:b4:a6:b5:52:a5:5a:71:e6:de:26:3e:a1:fc:11:09:29:
6c:aa:2a:b6:4a:6e:41:9e:e2:64:bf:b2:14:de:33:f3:24:de:
2c:57:39:64:ec:0e:af:2a:1a:84:cb:46:d1:f7:68:d3:36:6a:
54:ae:ad:5a:14:b1:43:db:f9:8c:ff:a2:18:6a:7c:cf:f3:77:
30:3f:2d:3a:b0:9c:a5:05:65:d5:36:8b:47:8e:5d:00:99:8b:
1b:95:0c:86:7d:14:56:2c:be:43:e5:2e:a3:e4:53:08:34:b1:
b2:3c:e9:9e:cd:6a:d1:78:7d:41:19:13:62:98:da:a8:6f:4c:
63:a1:24:15:24:e5:25:49:13:9a:30:69:00:fa:d9:30:94:7c:
11:e2:dc:ca
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR+JDL5ZlgFaXwwSzl3+7aazTNK8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTEwNTBaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5MTVkNTFkMDU3OGRjZmE3ODY4NWIzNDRhODU1YjRkNDY5Yjk4ZTYwMzQz
ZmViNjc3OTQ3OWNmZGQ4OTE1ZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM892KDqD+5nnr06rue62IC8qFmQjGbT/q0s33itwCUhiT2Sfu+nSwHWrM2f
kMdHgqjzSk4VKL73oIf2IBpYvhFtFk4LVG/JZV7VirsmhKc9aWU5aeSLeZm9FQUf
IHSCfgaF8LlJotfCdPnt2h/EVka1BWGuHuUphmi8feJGWMQBqLrNy5H04XNJLwxb
JE2JqZ2irqHmzL5nutmFn6W7M0oYsdzfjkZsmCRd5+x501ev3VnbK254zoPmu1WE
1q38ooQf8XHaukjWiTZkP5INmYsKS7yE4kN0FE13EtwtrWLMD7b2B70ox0u+RhLh
v0Ims8h4LplFhBI7tNLy2PXJaoMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTQVY0Q
HS6iFoMc8tbxdObXjBgujDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjQxOTE5ZjItNGUwNy00YWRmLThmYzYtNDNmODk0MDA4MGQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCz5CdkZOnAg4pkUNlCV3gS0pcZXcLQEzaQS50B
jeZhz9zT4XAGV86r+zAmakZDt0cNlSKAu+1tO4jJjtNAu5hsYsqouvSYtAnx4D7P
cKDGFR8t1Il7pWL+NSxcWzrn9bFeIPYa2rfq9ASwYxy34rSmtVKlWnHm3iY+ofwR
CSlsqiq2Sm5BnuJkv7IU3jPzJN4sVzlk7A6vKhqEy0bR92jTNmpUrq1aFLFD2/mM
/6IYanzP83cwPy06sJylBWXVNotHjl0AmYsblQyGfRRWLL5D5S6j5FMINLGyPOme
zWrReH1BGRNimNqob0xjoSQVJOUlSROaMGkA+tkwlHwR4tzK
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:36:33 2025 by rpki-client