Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0588f7a2-2477-4be0-87d6-89d1a4c7df08.roa
File: 0588f7a2-2477-4be0-87d6-89d1a4c7df08.roa (raw, json)
Hash identifier: RZ8SMKRT3tqt3gpkqFN9obrvN450WN8D9uraCJU7lS0=
Subject key identifier: AC:2A:34:8D:27:94:49:91:1A:AE:57:2A:75:55:74:68:C4:0C:32:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4CC87B1569D2A66D6FE5800A27F2654CA050895B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0588f7a2-2477-4be0-87d6-89d1a4c7df08.roa
Signing time: Mon 07 Jul 2025 18:20:09 +0000
ROA not before: Mon 07 Jul 2025 18:20:09 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:c8:7b:15:69:d2:a6:6d:6f:e5:80:0a:27:f2:65:4c:a0:50:89:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:20:09 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=2dab6107f4ca4e49a8b9d21dbd406d2e18092549fa956b4ab7b76730613da3f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:92:9b:e4:fe:e7:33:10:af:70:61:f7:da:26:
01:09:33:4e:0f:e0:11:dd:e5:0d:f5:dc:c3:f4:4e:
8b:ad:7d:18:9a:86:bd:8b:5a:44:d3:a1:83:51:30:
2f:5a:72:8c:d3:36:7d:eb:48:05:3f:75:a6:e6:c7:
a6:85:5c:19:52:41:a3:70:da:c2:12:c4:ae:6d:e6:
6a:68:35:d0:14:b6:ee:cd:5f:37:25:f8:ef:f1:02:
67:30:f8:1c:68:46:a2:5a:21:42:1a:c0:9a:3d:8e:
39:01:91:a3:9e:aa:a0:27:10:88:cd:08:55:fc:65:
a5:47:75:ea:f0:47:6b:26:2c:cb:ff:89:50:a4:dd:
28:a2:b6:f4:96:4c:a9:47:32:5f:1f:31:41:fd:86:
54:38:87:d8:2b:b2:26:a3:b2:76:6d:eb:88:06:d6:
a1:7b:56:69:97:37:c5:69:03:87:34:cd:85:43:7d:
26:ce:7e:0c:5f:4d:21:76:05:43:e1:b0:2d:4a:b0:
31:ef:b3:f0:f5:a7:32:7b:e6:95:54:53:23:af:84:
c2:37:a7:c9:d1:22:a4:4c:e8:04:7b:af:e1:1b:42:
09:59:a8:a3:a5:a6:63:d3:b2:28:f3:17:b9:a0:9b:
4e:ca:05:f6:52:d8:96:77:fa:4c:11:87:d0:04:e9:
b7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:2A:34:8D:27:94:49:91:1A:AE:57:2A:75:55:74:68:C4:0C:32:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0588f7a2-2477-4be0-87d6-89d1a4c7df08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:800::/40
Signature Algorithm: sha256WithRSAEncryption
70:ff:fc:7e:6c:34:ce:42:95:86:40:44:c9:5b:6d:b3:0f:14:
01:bd:1c:98:35:9d:be:e5:d1:82:93:d9:90:41:66:2a:e4:5b:
37:8e:f2:4d:04:66:32:67:95:a7:5f:93:af:62:6b:99:aa:29:
f9:64:84:b5:37:21:ca:a3:9d:e4:e4:49:5d:2d:db:fd:83:df:
f3:fb:aa:90:bc:4c:dc:81:9f:b8:db:1e:91:7d:87:a4:eb:3e:
84:a5:27:63:99:a2:68:80:e8:b2:d3:b9:83:6a:e3:90:1f:88:
8d:6b:c9:f4:27:f0:f4:69:fc:1e:49:cc:da:a1:a2:e1:a2:f2:
75:c7:35:88:de:54:86:9d:e0:51:79:c7:f2:be:11:d2:b3:11:
7e:47:8a:29:c7:21:78:0a:3f:e6:63:00:3c:ec:b7:05:a4:d3:
5f:70:98:a4:72:9e:53:d4:c2:0c:64:86:10:41:40:0b:ca:5b:
a8:d2:0c:8b:23:80:04:49:4f:22:f9:ad:22:11:a7:bd:10:4e:
e0:61:27:87:d8:31:4d:81:1f:08:1e:37:fb:2e:01:a7:de:e2:
d5:43:b7:75:a1:60:ad:6d:ef:dc:7b:95:36:11:6a:7e:b6:2d:
3b:cd:9c:66:5d:3c:c5:a6:f6:c1:50:e9:72:37:4d:81:55:1e:
10:6c:44:69
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTMh7FWnSpm1v5YAKJ/JlTKBQiVswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIwMDlaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkYWI2MTA3ZjRjYTRlNDlhOGI5ZDIxZGJkNDA2ZDJlMTgwOTI1NDlmYTk1
NmI0YWI3Yjc2NzMwNjEzZGEzZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCSm+T+5zMQr3Bh99omAQkzTg/gEd3lDfXcw/ROi619GJqGvYtaRNOhg1Ew
L1pyjNM2fetIBT91pubHpoVcGVJBo3DawhLErm3mamg10BS27s1fNyX47/ECZzD4
HGhGolohQhrAmj2OOQGRo56qoCcQiM0IVfxlpUd16vBHayYsy/+JUKTdKKK29JZM
qUcyXx8xQf2GVDiH2CuyJqOydm3riAbWoXtWaZc3xWkDhzTNhUN9Js5+DF9NIXYF
Q+GwLUqwMe+z8PWnMnvmlVRTI6+EwjenydEipEzoBHuv4RtCCVmoo6WmY9OyKPMX
uaCbTsoF9lLYlnf6TBGH0ATpt8ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSsKjSN
J5RJkRquVyp1VXRoxAwyKzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDU4OGY3YTItMjQ3Ny00YmUwLTg3ZDYtODlkMWE0YzdkZjA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HcI
MA0GCSqGSIb3DQEBCwUAA4IBAQBw//x+bDTOQpWGQETJW22zDxQBvRyYNZ2+5dGC
k9mQQWYq5Fs3jvJNBGYyZ5WnX5OvYmuZqin5ZIS1NyHKo53k5EldLdv9g9/z+6qQ
vEzcgZ+42x6RfYek6z6EpSdjmaJogOiy07mDauOQH4iNa8n0J/D0afweSczaoaLh
ovJ1xzWI3lSGneBRecfyvhHSsxF+R4opxyF4Cj/mYwA87LcFpNNfcJikcp5T1MIM
ZIYQQUALyluo0gyLI4AESU8i+a0iEae9EE7gYSeH2DFNgR8IHjf7LgGn3uLVQ7d1
oWCtbe/ce5U2EWp+ti07zZxmXTzFpvbBUOlyN02BVR4QbERp
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:19 2025 by rpki-client