Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa
File: 04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa (raw, json)
Hash identifier: tmWeXVpVETo5ePKIlEPzVm8d6atYv9dlb/hsaoVp/8Y=
Subject key identifier: A6:65:D5:12:63:E0:B6:43:14:16:9E:BD:9C:47:32:57:3E:35:9F:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D275A7C7A51FEB5C2F22A17F2D4E14B251F4F82
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa
Signing time: Mon 21 Jul 2025 16:40:09 +0000
ROA not before: Mon 21 Jul 2025 16:40:09 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:27:5a:7c:7a:51:fe:b5:c2:f2:2a:17:f2:d4:e1:4b:25:1f:4f:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:40:09 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=9b00bd796f2bdbe3a227c2b8aa52a0731af5e609c2ce1b8b1269ddfb9ac27a88, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c3:d4:34:12:7d:15:9e:fc:71:7f:ea:90:ef:
f7:56:8f:52:70:45:db:d0:26:28:09:8c:5d:09:92:
fe:6e:70:a4:5a:a2:1c:03:cd:a2:4d:79:5a:90:54:
3f:a5:b0:f9:79:54:06:65:b7:99:16:83:2c:bd:51:
5b:64:b8:2c:0c:eb:c8:53:88:c1:d6:38:ce:f9:46:
a6:b5:e8:55:fa:13:da:92:c2:a8:40:0b:f3:c5:e8:
f2:00:1e:f6:c9:5a:56:cb:c3:09:87:41:5f:f4:23:
2f:dd:50:1b:e5:91:9a:d1:7a:2c:c6:9e:ee:a1:46:
e3:05:a2:04:c0:9f:65:1c:6a:7b:a4:b3:d5:d2:7f:
2a:8e:05:42:2e:19:51:51:d5:0b:9b:7f:10:3c:c3:
dc:1e:81:cc:0b:7a:4f:a9:7f:30:5a:f2:1e:2e:14:
b9:f5:46:57:26:61:1f:52:2e:60:3d:0b:82:41:a4:
62:8c:9f:ed:b0:cb:28:e6:e7:62:81:4e:3b:de:95:
52:4b:c2:85:4c:06:27:8b:8c:b8:9f:e4:1a:1d:29:
43:1d:09:f4:d3:0a:9b:84:fb:a0:d2:73:3f:3e:d6:
e6:21:91:29:1d:85:49:6f:ef:f6:da:87:56:c1:c1:
65:e1:50:9a:8e:a5:7a:a1:40:dd:01:03:92:95:69:
66:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:65:D5:12:63:E0:B6:43:14:16:9E:BD:9C:47:32:57:3E:35:9F:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c000::/40
Signature Algorithm: sha256WithRSAEncryption
b7:d0:44:ac:cc:a4:ba:a3:6d:17:33:b5:61:d7:56:dd:5f:75:
40:8d:3b:65:31:51:2a:57:81:b0:fb:32:f0:6d:6d:a2:b1:1d:
04:6d:25:c8:e8:e8:42:11:89:5f:79:dd:ba:39:76:e9:ac:53:
ac:7e:ce:df:b4:d1:a4:04:14:05:f0:4a:68:ef:1e:0b:60:43:
c4:88:dd:c9:31:81:b4:45:15:81:bf:73:08:fa:c3:c2:49:a5:
99:1b:fd:11:ad:72:d0:da:39:60:3e:c5:7f:c7:90:2a:fe:5d:
f9:fa:68:3a:3e:19:43:f2:13:09:b7:68:39:fb:5e:b4:7c:87:
d3:6e:6d:2c:aa:f7:3e:e8:f2:54:6d:86:d0:62:0c:c5:cb:4d:
9a:c9:43:eb:18:9d:0d:c3:c9:ad:35:f7:8c:46:9f:0a:1a:e7:
31:49:ff:84:36:35:94:70:5f:2d:59:3c:c3:fe:76:b8:4b:dc:
7a:17:f5:99:b4:b8:4d:db:8d:59:49:a0:d8:65:44:a9:3e:0e:
69:2b:7f:5e:eb:52:c8:81:f8:31:9b:56:a4:4f:55:f0:c6:e9:
2e:55:28:69:42:46:7c:b9:19:40:a2:39:66:d1:26:be:49:70:
dc:c7:49:18:2e:cf:37:a9:24:14:e5:a5:75:5f:70:d8:07:3e:
b8:ef:58:af
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPSdafHpR/rXC8ioX8tThSyUfT4IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjQwMDlaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDliMDBiZDc5NmYyYmRiZTNhMjI3YzJiOGFhNTJhMDczMWFmNWU2MDljMmNl
MWI4YjEyNjlkZGZiOWFjMjdhODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOrD1DQSfRWe/HF/6pDv91aPUnBF29AmKAmMXQmS/m5wpFqiHAPNok15WpBU
P6Ww+XlUBmW3mRaDLL1RW2S4LAzryFOIwdY4zvlGprXoVfoT2pLCqEAL88Xo8gAe
9slaVsvDCYdBX/QjL91QG+WRmtF6LMae7qFG4wWiBMCfZRxqe6Sz1dJ/Ko4FQi4Z
UVHVC5t/EDzD3B6BzAt6T6l/MFryHi4UufVGVyZhH1IuYD0LgkGkYoyf7bDLKObn
YoFOO96VUkvChUwGJ4uMuJ/kGh0pQx0J9NMKm4T7oNJzPz7W5iGRKR2FSW/v9tqH
VsHBZeFQmo6leqFA3QEDkpVpZi8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSmZdUS
Y+C2QxQWnr2cRzJXPjWf5zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRjMzRlYTEtY2RkYi00NWFhLTk3OWYtYmZlMWZhMDk5NWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DHA
MA0GCSqGSIb3DQEBCwUAA4IBAQC30ESszKS6o20XM7Vh11bdX3VAjTtlMVEqV4Gw
+zLwbW2isR0EbSXI6OhCEYlfed26OXbprFOsfs7ftNGkBBQF8Epo7x4LYEPEiN3J
MYG0RRWBv3MI+sPCSaWZG/0RrXLQ2jlgPsV/x5Aq/l35+mg6PhlD8hMJt2g5+160
fIfTbm0sqvc+6PJUbYbQYgzFy02ayUPrGJ0Nw8mtNfeMRp8KGucxSf+ENjWUcF8t
WTzD/na4S9x6F/WZtLhN241ZSaDYZUSpPg5pK39e61LIgfgxm1akT1XwxukuVShp
QkZ8uRlAojlm0Sa+SXDcx0kYLs83qSQU5aV1X3DYBz6471iv
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:23:10 2025 by rpki-client