Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
File: 05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa (raw, json)
Hash identifier: 6uUMMT+LHcHL1HkDCpgpMsZaGj1i2uQs0ThGeLltw50=
Subject key identifier: E8:E4:66:5D:06:EF:F0:99:5E:E7:87:02:23:2A:2C:0C:C3:FD:64:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B273A23F0089B6F09DF4BA49E6DEAAC3C3824B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
Signing time: Fri 11 Jul 2025 19:20:17 +0000
ROA not before: Fri 11 Jul 2025 19:20:17 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8050::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:27:3a:23:f0:08:9b:6f:09:df:4b:a4:9e:6d:ea:ac:3c:38:24:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:20:17 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=e4cc50ed4f3110a9e4fe2b01f8152ed6725a63995f1465ce673b3770ba58164b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:35:3b:fd:4f:3b:ed:3a:65:8a:28:ee:25:96:
82:55:80:d3:09:0a:1a:98:01:f6:41:e7:b1:38:02:
26:92:fb:56:a0:9d:4d:cc:42:50:65:10:f3:7d:78:
ae:e9:c2:78:8a:5b:f0:96:30:4e:04:40:f7:11:3b:
0d:99:73:b5:61:05:8e:06:a6:c9:6c:0e:08:e6:a8:
50:aa:55:06:24:75:43:46:83:e8:d2:85:92:fb:d3:
88:65:6e:88:67:33:11:76:8c:98:c0:75:6d:76:42:
d4:53:a0:fc:cb:29:59:67:d1:af:5a:19:ed:a2:5d:
1f:4f:48:ed:30:13:00:1b:90:2d:2b:b5:ed:be:08:
05:c4:14:40:ad:f9:27:4a:f4:d1:6e:57:e4:5c:90:
e3:d1:40:3c:64:0e:cb:55:95:e9:d3:4d:1e:ae:0d:
ec:f5:16:88:f5:4f:7c:55:6d:8e:47:51:7d:3d:10:
6f:df:73:25:fe:ba:e5:40:9b:47:eb:4e:4f:0d:4a:
a2:12:89:21:7b:92:0f:59:27:fc:ac:df:d3:0c:44:
af:d1:3b:64:07:76:3d:62:1a:e0:a2:15:cb:da:c2:
4d:65:c5:93:17:1c:71:96:83:8b:b3:ee:49:eb:51:
a4:e0:d2:77:1c:8b:db:f1:d9:57:8c:9e:7c:d7:54:
2e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:E4:66:5D:06:EF:F0:99:5E:E7:87:02:23:2A:2C:0C:C3:FD:64:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8050::/48
Signature Algorithm: sha256WithRSAEncryption
76:56:b3:fe:1b:e4:bc:52:52:ac:67:fe:41:d6:4a:a9:31:57:
3e:54:9e:fb:ce:5c:99:25:27:8b:97:b8:e9:b7:3b:82:fe:14:
89:b2:6b:b4:fd:c4:f8:9c:0b:54:6b:7d:40:d6:44:b4:f2:4e:
34:0e:8c:88:a7:5f:4a:b3:29:42:5b:86:d1:b5:9f:c2:0c:f2:
aa:c3:34:b0:1e:a7:88:0c:4f:44:92:98:54:39:47:d5:f1:87:
ed:cb:53:bb:84:9c:02:c8:50:3b:f3:04:eb:01:8a:87:60:bf:
a5:e7:1a:f2:d9:ed:a9:d6:c9:5c:25:75:d6:40:4b:d0:3e:1c:
44:9b:0b:c1:26:5c:d3:14:d7:58:af:fe:de:2d:54:a2:c9:52:
b7:97:a3:66:11:a4:53:33:a5:f3:1e:6c:a0:12:8b:e6:ee:d6:
71:b4:66:28:d3:97:3b:af:96:42:e0:25:44:4e:f7:c6:18:79:
f0:4a:52:ff:1d:f1:16:ec:b6:a6:fc:fa:b4:2d:cc:b7:f0:3d:
6e:b9:88:55:7a:35:70:0d:1a:9b:d6:0b:64:ff:b4:f9:8d:38:
1b:b8:60:60:d4:5d:00:81:4d:62:93:77:82:b2:8f:b6:81:d3:
ef:04:74:19:08:d6:bf:4f:78:57:43:2d:c4:3e:f1:1c:68:d3:
96:53:a1:2f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCyc6I/AIm28J30uknm3qrDw4JLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIwMTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0Y2M1MGVkNGYzMTEwYTllNGZlMmIwMWY4MTUyZWQ2NzI1YTYzOTk1ZjE0
NjVjZTY3M2IzNzcwYmE1ODE2NGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKk1O/1PO+06ZYoo7iWWglWA0wkKGpgB9kHnsTgCJpL7VqCdTcxCUGUQ8314
runCeIpb8JYwTgRA9xE7DZlztWEFjgamyWwOCOaoUKpVBiR1Q0aD6NKFkvvTiGVu
iGczEXaMmMB1bXZC1FOg/MspWWfRr1oZ7aJdH09I7TATABuQLSu17b4IBcQUQK35
J0r00W5X5FyQ49FAPGQOy1WV6dNNHq4N7PUWiPVPfFVtjkdRfT0Qb99zJf665UCb
R+tOTw1KohKJIXuSD1kn/Kzf0wxEr9E7ZAd2PWIa4KIVy9rCTWXFkxcccZaDi7Pu
SetRpODSdxyL2/HZV4yefNdULt0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTo5GZd
Bu/wmV7nhwIjKiwMw/1krzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDVmN2FiM2YtY2I3My00OWE2LWFhZGEtNDQwYmY0ZGJmM2I1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
UDANBgkqhkiG9w0BAQsFAAOCAQEAdlaz/hvkvFJSrGf+QdZKqTFXPlSe+85cmSUn
i5e46bc7gv4UibJrtP3E+JwLVGt9QNZEtPJONA6MiKdfSrMpQluG0bWfwgzyqsM0
sB6niAxPRJKYVDlH1fGH7ctTu4ScAshQO/ME6wGKh2C/peca8tntqdbJXCV11kBL
0D4cRJsLwSZc0xTXWK/+3i1UoslSt5ejZhGkUzOl8x5soBKL5u7WcbRmKNOXO6+W
QuAlRE73xhh58EpS/x3xFuy2pvz6tC3Mt/A9brmIVXo1cA0am9YLZP+0+Y04G7hg
YNRdAIFNYpN3grKPtoHT7wR0GQjWv094V0MtxD7xHGjTllOhLw==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:48 2025 by rpki-client