Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
File: 0e68fbde-eead-4e29-b902-4eed053693ac.roa (raw, json)
Hash identifier: 3C6ZkQsWz4ddvjCZCDNXM7Hs8OiUEjBTyZdDvgGy4ag=
Subject key identifier: 41:39:A6:E5:32:2E:05:E3:2D:D6:D2:51:A3:25:92:E1:01:2F:1F:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B13E50E6E219E1016DA4EABA6CB879EED2332B0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
Signing time: Fri 11 Jul 2025 20:50:49 +0000
ROA not before: Fri 11 Jul 2025 20:50:49 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:13:e5:0e:6e:21:9e:10:16:da:4e:ab:a6:cb:87:9e:ed:23:32:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:50:49 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=1d4de2f96f708c67f614d84ed17a93fe49617b94554178c51dbecd1e5f85a1f8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c7:14:b3:b9:b9:a0:b0:04:5c:33:eb:94:cb:
9d:83:da:2c:e5:7d:f5:16:a7:a2:fd:14:01:b7:31:
3d:6f:c4:ec:31:b5:e3:6a:84:31:b4:93:93:47:d3:
df:37:42:7a:a2:64:94:07:16:24:a3:9d:78:9c:55:
4b:9d:f6:a0:b3:66:4c:4d:4b:52:0b:db:22:84:9a:
96:45:4a:be:d1:f9:93:6d:b6:66:02:23:e3:6f:c3:
76:f5:bd:7f:5b:03:2b:07:8c:7f:1e:49:51:44:6e:
e0:f5:ca:bc:62:29:83:7e:10:c5:f9:e8:5c:cb:9d:
60:1e:d8:70:2a:df:10:94:a7:87:79:dd:b8:47:5c:
cd:14:c2:73:b7:82:57:99:e1:9f:24:65:31:8e:81:
50:18:34:52:f1:89:fe:e3:34:94:9f:5e:f8:f9:13:
52:01:e3:b3:f7:f3:0b:b8:cd:6a:06:63:cd:bc:fb:
d3:86:28:9f:8c:09:13:1e:f0:3a:02:c6:9e:8c:4c:
de:93:2f:61:ee:9a:5f:d1:f4:e4:ed:be:99:47:28:
1d:6f:d0:f4:83:fc:23:aa:b6:66:f5:80:db:12:91:
e1:0d:0c:dd:1c:63:25:7d:99:89:0e:9c:06:d8:52:
15:d6:d3:12:8c:dd:cf:75:9b:05:5f:ea:81:8d:a9:
56:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:39:A6:E5:32:2E:05:E3:2D:D6:D2:51:A3:25:92:E1:01:2F:1F:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/36
Signature Algorithm: sha256WithRSAEncryption
36:99:8a:e9:df:b9:9f:a1:6c:24:14:6e:8d:c2:11:1f:7b:75:
04:c2:6d:6d:a9:a3:4e:dd:7d:5e:c8:71:8d:a6:ac:58:6c:c5:
fc:5f:13:1f:3b:6b:50:c9:54:86:61:bc:dc:78:b7:46:06:8c:
40:76:5e:30:54:42:bc:39:9b:30:86:2e:53:ea:94:38:ff:91:
2b:06:6b:b8:ac:f3:02:75:99:4d:c3:35:69:33:e1:e4:e0:2f:
ce:94:02:c1:1a:97:e9:b0:7d:b1:67:b4:73:02:97:90:2c:3c:
d6:2c:d7:7e:c6:e0:a8:95:7b:79:71:82:e5:89:fe:2a:d3:fe:
1b:1c:67:a4:f5:d5:14:91:be:08:b2:06:d3:cf:47:40:cf:8f:
85:1e:9a:1f:93:73:1e:70:95:43:a8:c1:9f:a0:92:c4:96:0d:
2e:9a:ee:67:9f:b7:01:31:0d:48:f1:61:eb:8d:8f:e9:8e:62:
73:77:ac:3d:74:04:be:33:ff:ff:96:c1:c2:3d:f0:13:d3:66:
3a:ea:d9:b4:15:43:6a:58:da:73:c0:f7:fb:87:65:57:6a:b6:
2e:c2:43:73:a3:9a:4f:90:8e:ed:0d:5c:14:ec:da:6b:bf:ca:
6a:9b:4d:a4:b8:5e:2e:7d:cc:66:96:ac:a9:ce:8c:1d:df:1f:
ec:e9:c4:3e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCxPlDm4hnhAW2k6rpsuHnu0jMrAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDUwNDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkNGRlMmY5NmY3MDhjNjdmNjE0ZDg0ZWQxN2E5M2ZlNDk2MTdiOTQ1NTQx
NzhjNTFkYmVjZDFlNWY4NWExZjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPHFLO5uaCwBFwz65TLnYPaLOV99Ranov0UAbcxPW/E7DG142qEMbSTk0fT
3zdCeqJklAcWJKOdeJxVS532oLNmTE1LUgvbIoSalkVKvtH5k222ZgIj42/DdvW9
f1sDKweMfx5JUURu4PXKvGIpg34QxfnoXMudYB7YcCrfEJSnh3nduEdczRTCc7eC
V5nhnyRlMY6BUBg0UvGJ/uM0lJ9e+PkTUgHjs/fzC7jNagZjzbz704Yon4wJEx7w
OgLGnoxM3pMvYe6aX9H05O2+mUcoHW/Q9IP8I6q2ZvWA2xKR4Q0M3RxjJX2ZiQ6c
BthSFdbTEozdz3WbBV/qgY2pVukCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRBOabl
Mi4F4y3W0lGjJZLhAS8fTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGU2OGZiZGUtZWVhZC00ZTI5LWI5MDItNGVlZDA1MzY5M2FjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BsA
MA0GCSqGSIb3DQEBCwUAA4IBAQA2mYrp37mfoWwkFG6NwhEfe3UEwm1tqaNO3X1e
yHGNpqxYbMX8XxMfO2tQyVSGYbzceLdGBoxAdl4wVEK8OZswhi5T6pQ4/5ErBmu4
rPMCdZlNwzVpM+Hk4C/OlALBGpfpsH2xZ7RzApeQLDzWLNd+xuColXt5cYLlif4q
0/4bHGek9dUUkb4IsgbTz0dAz4+FHpofk3MecJVDqMGfoJLElg0umu5nn7cBMQ1I
8WHrjY/pjmJzd6w9dAS+M///lsHCPfAT02Y66tm0FUNqWNpzwPf7h2VXarYuwkNz
o5pPkI7tDVwU7Nprv8pqm02kuF4ufcxmlqypzowd3x/s6cQ+
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:48 2025 by rpki-client