Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
File: 0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa (raw, json)
Hash identifier: MNKQV5lfUO/TWB4AXHk2WCXELLPP6DjgDE4MsrDjQgI=
Subject key identifier: 6C:8E:E0:54:AC:17:4D:28:EA:CB:39:EC:01:26:98:73:B1:E8:3A:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 740F2D9920B071B4F75A5C825F0FECD01CE25837
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
Signing time: Fri 11 Jul 2025 20:30:22 +0000
ROA not before: Fri 11 Jul 2025 20:30:22 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:0f:2d:99:20:b0:71:b4:f7:5a:5c:82:5f:0f:ec:d0:1c:e2:58:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:30:22 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=6c1b06ecf217ace767a88a1811b7cb16f6e9093f9869b4902e3c6a8dae422b12, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f8:89:1d:00:39:76:ae:ec:d1:64:45:84:a5:
b5:df:3a:63:20:41:6e:23:32:fc:1d:61:d5:83:88:
01:90:37:ca:86:25:82:20:36:c0:aa:6d:3e:dc:89:
cc:47:6f:bd:7a:7f:5f:4b:07:44:60:cf:86:44:84:
81:5c:9a:a4:23:4c:42:12:dc:c6:42:a9:f0:0f:c7:
08:59:db:79:cf:c9:36:22:87:d5:9b:77:2b:78:57:
b2:02:f0:d5:bc:eb:0d:77:73:51:da:85:a2:b7:5d:
4d:a1:6f:56:01:ba:e3:55:5b:b8:9f:77:ca:9c:73:
33:05:fb:e7:f2:c6:47:00:06:44:0b:b1:97:58:ae:
46:03:f1:42:59:bc:35:57:ed:96:1a:fa:15:74:49:
2f:c9:ba:94:3a:f5:52:1b:80:7d:35:8f:76:99:3d:
5d:33:fc:db:ee:ae:ce:84:4c:e7:96:de:f4:42:0f:
3e:05:de:2f:48:29:91:76:d9:1f:a6:30:29:89:eb:
73:2d:8e:32:40:89:01:db:87:bc:1c:cd:d4:f5:f9:
41:1e:5b:43:90:02:45:c5:58:95:90:01:63:b7:82:
b4:46:d0:11:8c:ca:3b:02:a8:46:3c:68:89:41:6a:
76:6e:67:bc:e9:f1:c2:5a:93:61:a9:06:d3:2d:9e:
38:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:8E:E0:54:AC:17:4D:28:EA:CB:39:EC:01:26:98:73:B1:E8:3A:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
2e:ca:e3:0d:21:ad:09:07:fb:81:69:2b:93:1c:99:fb:4f:ec:
78:1f:ad:67:fb:78:e0:6f:10:fd:9a:0d:67:73:bc:c0:2a:5c:
4c:a7:50:1c:d5:12:a4:90:4b:fe:80:14:68:d3:82:08:d6:31:
67:80:2a:51:a7:95:b5:e6:ac:8c:13:ab:da:dd:c8:da:00:cd:
f8:8f:f9:f5:e3:22:91:65:ad:13:56:37:41:14:3f:c2:bd:89:
3e:3a:97:50:28:df:42:ff:71:e3:f2:40:9d:a0:a5:7f:f2:bd:
78:b6:54:2e:38:16:ad:10:8e:26:66:2b:13:ac:cd:e1:ea:10:
51:5f:e9:45:24:4c:03:a8:95:91:31:1f:47:2f:71:65:05:c2:
10:75:13:7d:1f:23:6e:b4:d2:1d:fa:9f:df:00:6b:ed:ac:d7:
d1:14:45:41:4f:53:98:a0:e4:f0:30:75:b8:1b:b4:94:55:4a:
d8:b4:8f:fd:ac:f6:f5:a6:77:fb:21:1b:78:d0:11:74:e1:d9:
99:5d:ee:c7:1c:a9:13:17:d1:15:47:13:62:8a:df:85:b7:25:
cf:29:72:3d:5b:f7:9b:a3:4e:4d:91:09:34:c1:21:22:7d:fc:
87:6a:7b:f3:04:2e:e7:17:af:96:3b:78:18:ba:e6:29:dc:b0:
63:7f:d9:f9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdA8tmSCwcbT3WlyCXw/s0BziWDcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMwMjJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjMWIwNmVjZjIxN2FjZTc2N2E4OGExODExYjdjYjE2ZjZlOTA5M2Y5ODY5
YjQ5MDJlM2M2YThkYWU0MjJiMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANv4iR0AOXau7NFkRYSltd86YyBBbiMy/B1h1YOIAZA3yoYlgiA2wKptPtyJ
zEdvvXp/X0sHRGDPhkSEgVyapCNMQhLcxkKp8A/HCFnbec/JNiKH1Zt3K3hXsgLw
1bzrDXdzUdqForddTaFvVgG641VbuJ93ypxzMwX75/LGRwAGRAuxl1iuRgPxQlm8
NVftlhr6FXRJL8m6lDr1UhuAfTWPdpk9XTP82+6uzoRM55be9EIPPgXeL0gpkXbZ
H6YwKYnrcy2OMkCJAduHvBzN1PX5QR5bQ5ACRcVYlZABY7eCtEbQEYzKOwKoRjxo
iUFqdm5nvOnxwlqTYakG0y2eOM0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRsjuBU
rBdNKOrLOewBJphzseg6ajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGUwODI1MzctNmUzNi00NzRhLTlmZjgtYjdkM2JjYWFiYjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Drg
MA0GCSqGSIb3DQEBCwUAA4IBAQAuyuMNIa0JB/uBaSuTHJn7T+x4H61n+3jgbxD9
mg1nc7zAKlxMp1Ac1RKkkEv+gBRo04II1jFngCpRp5W15qyME6va3cjaAM34j/n1
4yKRZa0TVjdBFD/CvYk+OpdQKN9C/3Hj8kCdoKV/8r14tlQuOBatEI4mZisTrM3h
6hBRX+lFJEwDqJWRMR9HL3FlBcIQdRN9HyNutNId+p/fAGvtrNfRFEVBT1OYoOTw
MHW4G7SUVUrYtI/9rPb1pnf7IRt40BF04dmZXe7HHKkTF9EVRxNiit+FtyXPKXI9
W/ebo05NkQk0wSEiffyHanvzBC7nF6+WO3gYuuYp3LBjf9n5
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:45 2025 by rpki-client