Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a30ed8c-d021-436c-b923-753b22158048.roa
File: 0a30ed8c-d021-436c-b923-753b22158048.roa (raw, json)
Hash identifier: sZS8Ai5hs4A8QKStQe8ROOAxzR/h5JaJbljDYYDqI60=
Subject key identifier: 4E:1F:42:3B:64:BF:CC:6C:F8:50:E1:2C:39:9A:9A:18:80:8A:74:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 09C7F9FBCDEF034EBBC655FB5E6417B4619E2510
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a30ed8c-d021-436c-b923-753b22158048.roa
Signing time: Fri 11 Jul 2025 20:01:29 +0000
ROA not before: Fri 11 Jul 2025 20:01:29 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:c7:f9:fb:cd:ef:03:4e:bb:c6:55:fb:5e:64:17:b4:61:9e:25:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:01:29 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=c3ea0893e128a3b756032525d3564398b04e30837f78c4f43cbc32d9a005dfac, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:15:5a:22:79:28:1f:0e:bd:6d:72:10:9d:bf:
af:01:fd:54:72:9c:e3:fa:37:a3:cc:fd:f2:c2:45:
f0:ab:46:31:d9:6f:8d:6e:05:f6:1e:b7:79:84:09:
3c:86:c7:62:13:2a:6d:dc:5a:0b:0b:b8:90:5f:0e:
d3:fe:86:56:53:2d:8e:42:c5:e1:2c:0a:87:6f:5f:
5a:1e:60:11:0e:a3:75:7c:bc:ce:68:f2:6b:a7:08:
63:74:4b:8f:78:9b:7e:14:81:62:4d:3c:69:05:ae:
f9:83:ff:43:e2:49:6f:45:ae:c5:21:ac:e7:57:46:
b7:71:4e:85:99:02:5f:53:39:8a:61:79:b6:b2:d8:
63:ed:a4:41:2b:57:a3:09:a6:8f:d7:16:7f:17:62:
1b:e5:3b:4a:4d:5d:79:ed:f6:66:0a:bf:52:24:ef:
57:78:af:90:c0:98:7c:54:82:3a:47:ab:31:44:3e:
9b:cd:16:88:66:45:1d:47:6f:41:22:ec:73:90:8e:
60:da:d0:58:d3:a5:af:80:81:73:e5:23:8e:64:c2:
de:e6:f4:ef:2b:02:d2:ac:64:39:20:dd:6f:f7:6f:
f1:83:81:01:a1:e1:bc:fb:8c:3c:d0:19:a5:37:34:
05:39:28:cc:9b:d7:a5:c7:3c:32:27:7d:19:0a:d6:
c6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:1F:42:3B:64:BF:CC:6C:F8:50:E1:2C:39:9A:9A:18:80:8A:74:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a30ed8c-d021-436c-b923-753b22158048.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:e000::/40
Signature Algorithm: sha256WithRSAEncryption
1e:ee:3e:e8:22:03:56:84:4a:64:b6:33:d0:87:26:c3:3b:41:
b4:f5:b8:27:ed:78:4b:3b:a6:59:7c:83:3d:6a:8d:dd:fa:12:
5d:12:ff:65:78:1c:ab:c9:ef:15:1d:79:d7:5d:c7:33:c4:aa:
f3:9e:c8:1f:9c:9e:76:76:e7:cb:b6:00:3e:69:16:72:17:a0:
4c:cf:51:66:b3:f7:9b:84:66:01:dd:4b:a2:41:84:67:b9:ec:
50:ba:18:6d:3d:0c:a1:69:65:98:70:2c:1e:5f:9c:16:92:61:
0d:e3:73:8e:6a:73:cc:ff:b6:13:c5:60:ae:5a:82:9e:14:03:
24:c4:15:91:be:02:1d:a2:6c:50:0b:67:4e:a2:83:a0:4f:52:
b9:23:44:d2:85:62:15:8e:3e:0d:af:96:6f:5e:e9:52:fa:15:
01:82:04:bc:ad:51:52:2f:9e:52:69:2b:5a:ed:cb:d3:f2:76:
49:bf:72:7f:c4:6e:60:b2:d4:0d:fd:4e:9b:9c:d7:0b:0c:2a:
42:dd:b1:c0:ca:16:b8:20:d0:c9:6c:cf:d7:a6:7f:b3:e0:07:
f7:27:af:fb:c9:a7:29:2f:53:ad:dc:ea:ee:f5:3b:86:40:d1:
65:84:a1:7a:f5:7a:ce:4e:4f:fb:d5:73:5c:3c:6e:a3:15:dc:
9e:ff:a0:ca
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCcf5+83vA067xlX7XmQXtGGeJRAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAxMjlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzZWEwODkzZTEyOGEzYjc1NjAzMjUyNWQzNTY0Mzk4YjA0ZTMwODM3Zjc4
YzRmNDNjYmMzMmQ5YTAwNWRmYWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ4VWiJ5KB8OvW1yEJ2/rwH9VHKc4/o3o8z98sJF8KtGMdlvjW4F9h63eYQJ
PIbHYhMqbdxaCwu4kF8O0/6GVlMtjkLF4SwKh29fWh5gEQ6jdXy8zmjya6cIY3RL
j3ibfhSBYk08aQWu+YP/Q+JJb0WuxSGs51dGt3FOhZkCX1M5imF5trLYY+2kQStX
owmmj9cWfxdiG+U7Sk1dee32Zgq/UiTvV3ivkMCYfFSCOkerMUQ+m80WiGZFHUdv
QSLsc5COYNrQWNOlr4CBc+UjjmTC3ub07ysC0qxkOSDdb/dv8YOBAaHhvPuMPNAZ
pTc0BTkozJvXpcc8Mid9GQrWxlECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBROH0I7
ZL/MbPhQ4Sw5mpoYgIp0yDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGEzMGVkOGMtZDAyMS00MzZjLWI5MjMtNzUzYjIyMTU4MDQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DXg
MA0GCSqGSIb3DQEBCwUAA4IBAQAe7j7oIgNWhEpktjPQhybDO0G09bgn7XhLO6ZZ
fIM9ao3d+hJdEv9leByrye8VHXnXXcczxKrznsgfnJ52dufLtgA+aRZyF6BMz1Fm
s/ebhGYB3UuiQYRnuexQuhhtPQyhaWWYcCweX5wWkmEN43OOanPM/7YTxWCuWoKe
FAMkxBWRvgIdomxQC2dOooOgT1K5I0TShWIVjj4Nr5ZvXulS+hUBggS8rVFSL55S
aSta7cvT8nZJv3J/xG5gstQN/U6bnNcLDCpC3bHAyha4INDJbM/Xpn+z4Af3J6/7
yacpL1Ot3Oru9TuGQNFlhKF69XrOTk/71XNcPG6jFdye/6DK
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:08 2025 by rpki-client