Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
File: 04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa (raw, json)
Hash identifier: TMTRc9hsJOPj+/FA5IQDWpEjEyb3tpYJ+5w8NgzaMaY=
Subject key identifier: 2A:05:94:76:8C:2A:42:AA:B6:C0:5D:59:D4:08:B3:25:66:2E:3C:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5707889C70F56E8B984B8B0CCD92C445C455462C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
Signing time: Sat 12 Jul 2025 00:50:51 +0000
ROA not before: Sat 12 Jul 2025 00:50:51 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:07:88:9c:70:f5:6e:8b:98:4b:8b:0c:cd:92:c4:45:c4:55:46:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:50:51 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=4f8e2b974deeb93a609d4af7c23e2efe387efe82d477113ee7c88f9e692731e5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:85:0d:7e:0c:19:1e:91:1d:0c:fa:cc:ee:ba:
cd:c9:33:40:f1:e1:c5:10:bf:c2:06:cd:5b:27:43:
5f:e8:d0:25:cf:e6:bd:64:14:99:f6:1e:44:57:95:
f7:15:32:d4:d1:8a:36:33:20:d9:e9:69:8f:d1:b7:
56:a4:60:c2:e2:8d:c4:91:31:83:cb:3c:63:21:b3:
d5:45:e9:94:ec:fb:29:a1:37:46:ee:74:20:a6:24:
04:fa:50:41:a1:ca:c0:96:8f:88:b5:d3:01:ac:64:
6d:d5:34:d2:1c:d3:8a:7d:fa:35:79:fe:ec:45:c3:
b0:cd:dd:59:41:ac:bf:03:1d:8b:1c:e0:2e:07:91:
d4:18:6f:05:6f:31:88:1d:fc:19:36:06:13:7c:1d:
fc:66:11:fc:87:e0:7a:dc:f7:43:33:3f:c1:a6:7a:
16:de:81:4f:25:d6:0f:be:85:93:c6:77:88:5c:d9:
81:42:26:70:05:7e:14:61:48:7c:6b:44:9e:2c:19:
7c:39:a3:10:df:60:a1:36:ea:fc:8a:15:d4:eb:1e:
ef:66:a5:69:ba:78:63:42:ac:91:b3:2c:8b:7e:6f:
2c:82:fe:3d:57:88:1a:b4:0e:1e:f7:f4:c5:a0:14:
f7:3c:9e:fe:96:66:29:51:14:c2:54:af:57:8d:a4:
db:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:05:94:76:8C:2A:42:AA:B6:C0:5D:59:D4:08:B3:25:66:2E:3C:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8800::/38
Signature Algorithm: sha256WithRSAEncryption
29:e8:eb:02:12:34:07:39:b2:9c:51:6b:96:1b:b2:53:d0:09:
68:30:e7:bb:d6:2c:6e:0c:91:10:08:98:05:0e:0f:99:e2:77:
84:8b:fb:69:46:1f:e1:fe:7b:a0:dc:bd:0b:09:68:2e:4e:40:
32:d3:33:58:bc:f5:d8:a1:43:22:b6:e2:a6:c0:ca:c5:36:ac:
2d:24:21:b4:9f:54:d4:54:b2:cb:27:c1:04:67:04:0a:22:ca:
b1:4a:4e:78:2d:a9:ee:8c:9a:86:13:4a:ff:18:8f:9b:42:4c:
eb:74:8f:22:93:5f:37:4a:ff:c9:6b:f0:8b:f7:11:51:e5:07:
e4:86:3e:f2:0d:03:b0:2c:fe:35:55:91:31:ed:cf:3d:0d:e1:
3f:22:4f:0b:dc:45:fa:c9:e3:46:4a:f1:1e:e8:eb:9f:81:92:
3e:53:55:6a:f6:cb:2f:2b:43:c8:02:a8:76:6a:f6:b2:e2:7b:
d2:76:d7:a4:3a:ce:d7:f1:26:82:7b:22:15:da:98:8b:5e:2f:
9e:de:04:ef:a6:fa:7c:5b:00:de:3e:7c:df:60:d9:24:18:88:
2a:e5:86:78:d8:77:26:86:74:9b:84:58:a8:3f:4b:7b:6b:59:
18:26:7e:07:50:26:27:ce:df:7b:47:fd:93:ac:4d:7c:d6:8a:
a3:a3:d6:c9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVweInHD1bouYS4sMzZLERcRVRiwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUwNTFaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmOGUyYjk3NGRlZWI5M2E2MDlkNGFmN2MyM2UyZWZlMzg3ZWZlODJkNDc3
MTEzZWU3Yzg4ZjllNjkyNzMxZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOFDX4MGR6RHQz6zO66zckzQPHhxRC/wgbNWydDX+jQJc/mvWQUmfYeRFeV
9xUy1NGKNjMg2elpj9G3VqRgwuKNxJExg8s8YyGz1UXplOz7KaE3Ru50IKYkBPpQ
QaHKwJaPiLXTAaxkbdU00hzTin36NXn+7EXDsM3dWUGsvwMdixzgLgeR1BhvBW8x
iB38GTYGE3wd/GYR/Ifgetz3QzM/waZ6Ft6BTyXWD76Fk8Z3iFzZgUImcAV+FGFI
fGtEniwZfDmjEN9goTbq/IoV1Ose72alabp4Y0KskbMsi35vLIL+PVeIGrQOHvf0
xaAU9zye/pZmKVEUwlSvV42k29UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQqBZR2
jCpCqrbAXVnUCLMlZi48YzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRhNDY0ZmYtN2I5ZC00M2YwLTg2OWQtN2U3YzY2YTdhNWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCI
MA0GCSqGSIb3DQEBCwUAA4IBAQAp6OsCEjQHObKcUWuWG7JT0AloMOe71ixuDJEQ
CJgFDg+Z4neEi/tpRh/h/nug3L0LCWguTkAy0zNYvPXYoUMituKmwMrFNqwtJCG0
n1TUVLLLJ8EEZwQKIsqxSk54LanujJqGE0r/GI+bQkzrdI8ik183Sv/Ja/CL9xFR
5Qfkhj7yDQOwLP41VZEx7c89DeE/Ik8L3EX6yeNGSvEe6OufgZI+U1Vq9ssvK0PI
Aqh2avay4nvSdtekOs7X8SaCeyIV2piLXi+e3gTvpvp8WwDePnzfYNkkGIgq5YZ4
2HcmhnSbhFioP0t7a1kYJn4HUCYnzt97R/2TrE181oqjo9bJ
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:14 2025 by rpki-client