Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa
File: 0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa (raw, json)
Hash identifier: u8gzo+Ds+SK28HqjIf9fQZfopN+0eplWnMjI+fYMe9k=
Subject key identifier: F3:A9:52:EF:5E:20:84:75:86:89:D6:96:9B:E8:39:EF:0E:7E:AB:53
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 046F095CE3AB372B58F7F7BA41EF836A183054CA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa
Signing time: Fri 11 Jul 2025 18:50:09 +0000
ROA not before: Fri 11 Jul 2025 18:50:09 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:6f:09:5c:e3:ab:37:2b:58:f7:f7:ba:41:ef:83:6a:18:30:54:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:50:09 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=09f7c92b216a6e94e18adc48a9498ef0e153a82c2a4d970438f6123cae581c88, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6b:c1:4c:41:71:80:12:1e:a5:17:eb:f0:59:
b1:85:82:ca:d4:3d:89:27:23:3d:5c:da:92:73:b9:
84:58:41:52:5f:19:b3:9d:72:a1:f2:bf:48:61:c6:
22:7c:d6:1d:c2:21:20:b0:42:78:fa:32:49:ad:f9:
46:9d:41:76:10:f4:b4:7f:06:ea:a0:9c:d0:51:5e:
70:6c:3f:71:69:d9:d7:38:55:84:4a:83:38:33:00:
29:13:ed:a4:7b:73:cd:b4:41:f4:dd:d4:68:9d:10:
c5:ff:cc:29:28:3d:35:10:f7:9a:a8:e4:c0:71:69:
83:d1:45:f0:59:aa:1c:95:a8:d4:56:10:30:85:39:
86:3c:86:72:9e:67:f6:3e:3e:40:66:46:5f:86:e8:
4c:b4:7a:ee:ac:bb:ef:d0:7e:4b:4e:e0:cc:ec:7a:
0a:da:96:6e:08:98:2b:a2:97:9d:cc:26:44:c5:e4:
28:95:15:71:b8:70:22:50:e0:62:1b:c6:e7:d3:63:
9a:a3:f2:ac:e0:d3:37:74:4b:8d:a8:4f:7d:54:0f:
3d:a7:e0:6c:98:5e:98:88:4c:9e:30:35:e8:e5:36:
45:6c:9b:cb:fa:80:9e:14:af:10:8d:a6:cd:e4:52:
a9:94:e0:59:5f:71:20:1c:7d:0c:c1:db:28:d5:2d:
01:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A9:52:EF:5E:20:84:75:86:89:D6:96:9B:E8:39:EF:0E:7E:AB:53
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
30:48:78:99:1e:5e:1c:84:0c:1e:63:4e:fc:cb:92:8f:77:9c:
a7:61:c5:66:3b:95:c8:7d:e0:a0:b4:03:0f:65:02:a3:05:72:
9d:83:40:9b:5b:87:8d:bb:d9:52:64:31:72:f7:89:00:ae:54:
97:2c:eb:05:24:e3:92:39:e1:24:37:02:b2:63:d6:64:cb:d5:
b9:fd:2a:d8:21:0d:e2:46:05:aa:b0:83:41:f8:96:62:a3:00:
46:04:0c:60:5c:2f:d8:ca:88:ff:81:13:14:42:1a:ab:3e:c3:
33:de:7f:07:89:da:b2:d1:09:06:8f:45:b8:f5:0a:58:4e:36:
d8:4e:b4:2b:44:3a:c3:df:75:7c:4d:28:13:22:b4:9d:a6:97:
53:bb:c2:d3:72:db:89:fe:1b:f3:8b:83:2d:1d:92:92:f3:a8:
87:c3:5b:bd:19:89:17:95:1f:5f:94:86:46:8a:eb:3b:8c:77:
d5:b4:96:a7:36:4b:98:9a:38:bf:8e:51:76:f5:3d:eb:55:e7:
5c:3b:c1:10:17:cc:2c:3f:b1:f8:a7:6d:43:4d:a9:16:aa:1f:
33:2c:33:d8:6a:17:bf:5a:5d:d2:92:d3:71:42:d5:e8:90:b6:
42:96:29:9e:b7:a4:ef:6a:01:a4:10:f1:82:0c:0c:34:d3:0f:
ca:e5:3d:db
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBG8JXOOrNytY9/e6Qe+DahgwVMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODUwMDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5ZjdjOTJiMjE2YTZlOTRlMThhZGM0OGE5NDk4ZWYwZTE1M2E4MmMyYTRk
OTcwNDM4ZjYxMjNjYWU1ODFjODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFrwUxBcYASHqUX6/BZsYWCytQ9iScjPVzaknO5hFhBUl8Zs51yofK/SGHG
InzWHcIhILBCePoySa35Rp1BdhD0tH8G6qCc0FFecGw/cWnZ1zhVhEqDODMAKRPt
pHtzzbRB9N3UaJ0Qxf/MKSg9NRD3mqjkwHFpg9FF8FmqHJWo1FYQMIU5hjyGcp5n
9j4+QGZGX4boTLR67qy779B+S07gzOx6CtqWbgiYK6KXncwmRMXkKJUVcbhwIlDg
YhvG59NjmqPyrODTN3RLjahPfVQPPafgbJhemIhMnjA16OU2RWyby/qAnhSvEI2m
zeRSqZTgWV9xIBx9DMHbKNUtAdECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTzqVLv
XiCEdYaJ1pab6DnvDn6rUzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIyZTMwOWUtZTlkNC00NTQ2LTg5NjktMmQ3YjRiOWQ1MTNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAMEh4mR5eHIQMHmNO/MuSj3ecp2HFZjuVyH3g
oLQDD2UCowVynYNAm1uHjbvZUmQxcveJAK5UlyzrBSTjkjnhJDcCsmPWZMvVuf0q
2CEN4kYFqrCDQfiWYqMARgQMYFwv2MqI/4ETFEIaqz7DM95/B4nastEJBo9FuPUK
WE422E60K0Q6w991fE0oEyK0naaXU7vC03Lbif4b84uDLR2SkvOoh8NbvRmJF5Uf
X5SGRorrO4x31bSWpzZLmJo4v45RdvU961XnXDvBEBfMLD+x+KdtQ02pFqofMywz
2GoXv1pd0pLTcULV6JC2QpYpnrek72oBpBDxggwMNNMPyuU92w==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:41:38 2025 by rpki-client