Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a64076-9adb-4301-817c-2be1c1e1d57e.roa
File: 04a64076-9adb-4301-817c-2be1c1e1d57e.roa (raw, json)
Hash identifier: dzuUvvqJo86/1iTYDZXpG5WiMfY6aXqw26cmRqjJ8j4=
Subject key identifier: D9:86:6E:9A:22:04:39:CA:03:77:3E:51:34:DA:17:F3:D2:5E:CD:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 310519EA58DF4DBA73578AC49315F1F3DE99A1A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a64076-9adb-4301-817c-2be1c1e1d57e.roa
Signing time: Mon 07 Jul 2025 18:21:11 +0000
ROA not before: Mon 07 Jul 2025 18:21:11 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:05:19:ea:58:df:4d:ba:73:57:8a:c4:93:15:f1:f3:de:99:a1:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:21:11 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=f4855da47e2f844ace7ed90450460db24c96ccd7d7ef159a8c97450f78157076, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:24:87:bc:16:35:0b:a5:05:3f:e3:80:d4:6b:
71:ac:5a:64:c1:86:2f:84:f6:83:6a:81:50:a4:80:
4b:6b:db:9a:a0:0e:a6:60:a6:3f:e5:29:ce:71:ae:
4b:c3:d8:6a:f2:44:c4:6f:46:e5:e9:92:b6:b5:a8:
0e:09:db:47:d1:e9:19:01:58:97:cb:11:45:0a:35:
d6:bd:c8:84:c0:a5:ea:c1:5a:ae:5f:ed:18:66:c3:
31:2b:8c:52:5d:02:d2:35:34:47:44:3b:40:57:c3:
77:7e:56:e2:34:de:41:67:79:0a:f0:22:4d:3d:1d:
bb:a7:f8:b2:1f:74:40:27:88:5e:76:b8:e2:b6:a0:
69:be:7e:e6:6d:70:ca:47:9e:d4:a9:d7:af:45:42:
41:e1:f3:c3:34:e5:2d:38:db:e8:bf:01:26:fc:c2:
8d:61:66:cb:8e:b4:fa:70:f8:a0:16:df:86:18:d3:
51:97:44:2e:83:ad:0b:40:65:4c:36:5c:68:7d:8e:
de:4f:76:01:10:df:f5:a0:9d:78:46:04:bf:58:67:
e4:12:8b:e1:98:51:03:0c:3e:5d:bf:b0:bc:67:2b:
fa:9e:d2:b1:9c:47:c2:a8:23:b1:0f:24:7e:c2:47:
53:2d:8d:ad:6a:5c:e9:ff:cb:e8:a6:d0:51:84:c6:
01:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:86:6E:9A:22:04:39:CA:03:77:3E:51:34:DA:17:F3:D2:5E:CD:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a64076-9adb-4301-817c-2be1c1e1d57e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:800::/40
Signature Algorithm: sha256WithRSAEncryption
51:62:1f:81:18:12:ce:50:e1:2c:b1:b4:ad:65:89:0e:84:75:
91:02:b9:ca:6f:fb:65:f9:db:b0:85:68:a0:92:dc:c0:1b:77:
b6:9a:95:43:8e:80:c5:ec:cf:5a:65:43:e0:43:47:87:75:48:
62:5a:27:f4:03:73:b8:02:a7:29:f4:58:cf:06:1c:5c:db:61:
f0:15:1a:5d:22:91:a8:eb:44:dd:aa:ca:b1:23:56:ff:b9:b4:
a8:ea:3c:3b:33:88:49:a6:c4:75:3e:20:46:1c:5d:12:bd:9c:
b8:37:eb:44:c9:e5:c9:4a:9e:e2:f8:e1:fe:ef:51:9f:a6:8a:
c3:3d:4a:3b:c4:84:7d:86:ac:27:74:9a:f4:84:67:a6:6e:62:
bc:2e:56:34:b2:f6:2f:31:1d:0c:04:65:84:1e:dd:e0:73:da:
c3:89:a2:60:ee:d3:1f:3a:f6:21:15:7a:01:8d:35:89:f0:e5:
42:fb:e4:84:51:6a:8a:ca:04:78:e9:25:09:cc:8c:f3:49:cf:
f5:f3:a8:b9:c1:78:9f:69:73:9d:bc:fd:56:4c:c5:d5:42:2a:
0f:0f:b0:bb:38:5a:c5:73:73:2e:fd:7a:c0:a4:58:ea:38:72:
d4:04:64:26:8c:ec:ef:a5:30:43:c4:a7:5b:e7:39:6c:ef:da:
4c:7d:e7:9f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMQUZ6ljfTbpzV4rEkxXx896ZoaMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIxMTFaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0ODU1ZGE0N2UyZjg0NGFjZTdlZDkwNDUwNDYwZGIyNGM5NmNjZDdkN2Vm
MTU5YThjOTc0NTBmNzgxNTcwNzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJEkh7wWNQulBT/jgNRrcaxaZMGGL4T2g2qBUKSAS2vbmqAOpmCmP+UpznGu
S8PYavJExG9G5emStrWoDgnbR9HpGQFYl8sRRQo11r3IhMCl6sFarl/tGGbDMSuM
Ul0C0jU0R0Q7QFfDd35W4jTeQWd5CvAiTT0du6f4sh90QCeIXna44ragab5+5m1w
ykee1KnXr0VCQeHzwzTlLTjb6L8BJvzCjWFmy460+nD4oBbfhhjTUZdELoOtC0Bl
TDZcaH2O3k92ARDf9aCdeEYEv1hn5BKL4ZhRAww+Xb+wvGcr+p7SsZxHwqgjsQ8k
fsJHUy2NrWpc6f/L6KbQUYTGATcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTZhm6a
IgQ5ygN3PlE02hfz0l7NMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRhNjQwNzYtOWFkYi00MzAxLTgxN2MtMmJlMWMxZTFkNTdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HEI
MA0GCSqGSIb3DQEBCwUAA4IBAQBRYh+BGBLOUOEssbStZYkOhHWRArnKb/tl+duw
hWigktzAG3e2mpVDjoDF7M9aZUPgQ0eHdUhiWif0A3O4Aqcp9FjPBhxc22HwFRpd
IpGo60TdqsqxI1b/ubSo6jw7M4hJpsR1PiBGHF0SvZy4N+tEyeXJSp7i+OH+71Gf
porDPUo7xIR9hqwndJr0hGembmK8LlY0svYvMR0MBGWEHt3gc9rDiaJg7tMfOvYh
FXoBjTWJ8OVC++SEUWqKygR46SUJzIzzSc/186i5wXifaXOdvP1WTMXVQioPD7C7
OFrFc3Mu/XrApFjqOHLUBGQmjOzvpTBDxKdb5zls79pMfeef
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:34:20 2025 by rpki-client