Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
File: 0cadec3e-a35e-4321-b172-825de7a521d7.roa (raw, json)
Hash identifier: tbG7d8hcyfPePcj2h2BZx+EMxqQa0g00oi5QAc39P58=
Subject key identifier: C1:AB:AB:D9:62:EB:08:63:0B:CA:75:F0:A4:54:FE:F3:8C:8D:A9:CC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3AE8FD06472BB68DDAFECDF9119B6129F2160CCF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
Signing time: Fri 11 Jul 2025 18:50:05 +0000
ROA not before: Fri 11 Jul 2025 18:50:05 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:e8:fd:06:47:2b:b6:8d:da:fe:cd:f9:11:9b:61:29:f2:16:0c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:50:05 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=dce12f8d4956337fe250398c30df77702e9d2790749bf8e72cd08bd1edcb720d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b1:c7:bf:80:c0:1e:29:47:63:5a:2f:bb:97:
4b:3b:f7:56:42:33:53:9c:07:88:ca:ba:1a:95:68:
dc:23:51:8c:1b:50:2d:12:02:57:4f:9c:78:a7:a7:
36:3a:c7:7a:b6:83:a8:9b:f9:3d:1a:14:04:8a:7e:
9c:3f:ac:7b:12:7f:e8:85:78:bc:73:fb:ec:2a:07:
2d:b7:f9:b0:a7:49:d9:82:af:3c:ed:69:f6:13:91:
af:d7:f8:23:a1:84:f7:94:f9:86:47:66:2b:26:0b:
d9:7a:e9:a6:b4:25:bd:f1:bb:0d:05:5f:de:f9:71:
aa:f2:37:b7:46:94:74:f3:5d:bc:91:3c:82:e7:05:
f2:3c:7c:e4:8f:57:b8:d7:d7:18:fa:d4:51:ad:7a:
a3:5a:7c:28:a5:e3:e9:d8:64:5a:97:77:40:70:f8:
17:12:6c:6c:60:ac:2c:a8:a8:eb:fe:20:b4:0d:67:
59:c3:ba:0b:8b:cc:ce:db:40:5a:de:b2:a4:1e:46:
63:66:0d:3f:c3:69:6e:1f:d5:55:0a:35:33:9e:32:
06:41:b5:a3:38:e5:13:d1:b3:d3:12:4f:10:84:7d:
9e:3f:49:f4:68:16:ca:4b:5f:f7:e2:6c:5d:de:2b:
53:47:ba:b6:2a:7a:dc:f7:b8:c8:b7:97:0c:b3:b3:
b1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:AB:AB:D9:62:EB:08:63:0B:CA:75:F0:A4:54:FE:F3:8C:8D:A9:CC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
9a:50:0a:57:56:4a:d8:b5:f7:86:35:72:a0:d7:3c:13:4c:e8:
c2:9d:58:88:6a:c5:3d:8a:bc:41:12:09:d1:1a:f8:95:e5:b6:
10:c4:3f:cf:71:fa:b1:81:78:97:29:32:74:c7:03:97:41:d8:
31:70:30:fc:78:73:8c:ef:5e:61:08:c8:69:82:7c:69:20:34:
02:53:9d:75:40:eb:51:06:d2:95:e7:a8:e6:02:ee:e5:79:92:
52:be:77:df:0f:ec:80:c1:33:4a:2e:42:64:2a:d9:45:39:0d:
de:39:0c:8b:8f:49:0b:98:ec:aa:a4:9e:92:8f:5f:cf:74:0b:
0a:d3:44:67:cd:33:e0:df:71:75:0f:ca:b1:b6:19:01:0d:1a:
74:02:73:18:df:01:46:16:78:84:6b:4f:18:0a:c7:f9:28:f7:
5a:01:db:6f:db:6a:c6:dd:a3:3b:be:14:d6:46:f5:03:61:57:
e3:b7:f4:a6:17:9c:e2:35:6d:f3:95:20:ef:a8:21:09:ba:71:
31:ce:be:c1:3a:44:64:a4:5c:a7:b0:e4:3e:cc:92:02:2d:da:
91:3f:3f:b1:b6:83:c9:b7:71:a2:56:e3:17:1d:51:91:88:21:
7e:75:9a:22:86:f7:cc:e5:a9:3a:7f:57:83:32:df:26:f6:4b:
b9:3b:e8:56
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOuj9Bkcrto3a/s35EZthKfIWDM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODUwMDVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjZTEyZjhkNDk1NjMzN2ZlMjUwMzk4YzMwZGY3NzcwMmU5ZDI3OTA3NDli
ZjhlNzJjZDA4YmQxZWRjYjcyMGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANaxx7+AwB4pR2NaL7uXSzv3VkIzU5wHiMq6GpVo3CNRjBtQLRICV0+ceKen
NjrHeraDqJv5PRoUBIp+nD+sexJ/6IV4vHP77CoHLbf5sKdJ2YKvPO1p9hORr9f4
I6GE95T5hkdmKyYL2XrpprQlvfG7DQVf3vlxqvI3t0aUdPNdvJE8gucF8jx85I9X
uNfXGPrUUa16o1p8KKXj6dhkWpd3QHD4FxJsbGCsLKio6/4gtA1nWcO6C4vMzttA
Wt6ypB5GY2YNP8Npbh/VVQo1M54yBkG1ozjlE9Gz0xJPEIR9nj9J9GgWyktf9+Js
Xd4rU0e6tip63Pe4yLeXDLOzsXECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTBq6vZ
YusIYwvKdfCkVP7zjI2pzDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGNhZGVjM2UtYTM1ZS00MzIxLWIxNzItODI1ZGU3YTUyMWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAmlAKV1ZK2LX3hjVyoNc8E0zowp1YiGrFPYq8
QRIJ0Rr4leW2EMQ/z3H6sYF4lykydMcDl0HYMXAw/HhzjO9eYQjIaYJ8aSA0AlOd
dUDrUQbSleeo5gLu5XmSUr533w/sgMEzSi5CZCrZRTkN3jkMi49JC5jsqqSeko9f
z3QLCtNEZ80z4N9xdQ/KsbYZAQ0adAJzGN8BRhZ4hGtPGArH+Sj3WgHbb9tqxt2j
O74U1kb1A2FX47f0phec4jVt85Ug76ghCbpxMc6+wTpEZKRcp7DkPsySAi3akT8/
sbaDybdxolbjFx1RkYghfnWaIob3zOWpOn9XgzLfJvZLuTvoVg==
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:17 2025 by rpki-client