Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10ac5d21-ac79-460b-9e20-5ffa366ca0ed.roa
File: 10ac5d21-ac79-460b-9e20-5ffa366ca0ed.roa (raw, json)
Hash identifier: XZ5d5y92x+xppg0C220SadboPhrAlyg6SwiM3voxTOk=
Subject key identifier: 71:C6:A4:EB:D7:37:41:5A:0B:50:A0:85:5D:25:54:E1:7A:B2:F5:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5148C6986126C5815E96F308B5CFD228B357A9D1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10ac5d21-ac79-460b-9e20-5ffa366ca0ed.roa
Signing time: Fri 11 Jul 2025 20:01:11 +0000
ROA not before: Fri 11 Jul 2025 20:01:11 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:20c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:48:c6:98:61:26:c5:81:5e:96:f3:08:b5:cf:d2:28:b3:57:a9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:01:11 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=fc095d9b9fd02cc25b43fcbf0fdf0b2e5daf7da8bc08f75cb97165497369ec4a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:fb:bb:58:04:9a:d2:8c:18:91:cf:53:a2:c1:
12:ac:18:52:fb:05:cc:e5:81:e5:29:d6:4e:9e:b6:
9f:f4:3c:da:f1:25:45:1c:e1:5a:04:cc:9d:7b:ab:
1d:7e:af:68:27:ff:9a:43:f2:7f:1a:3f:4b:41:d0:
68:d3:c5:d8:e8:16:0e:90:a1:5a:22:19:1a:5d:e7:
e7:5e:c9:05:ee:83:a7:81:67:1e:09:66:0b:ea:03:
a4:56:ce:08:89:43:5b:ec:94:59:cb:e3:9c:9f:68:
05:a3:1d:19:26:7e:53:ac:09:9a:8e:45:88:50:f5:
7c:c8:06:c0:32:f9:2a:f5:32:37:99:fb:f1:2a:9b:
a9:b7:b3:3c:a6:01:00:37:ef:ae:21:dd:c5:e0:ea:
07:b4:e3:61:8b:91:1c:de:00:a6:18:81:fd:8d:83:
8a:97:55:66:f3:22:42:ec:75:7a:0f:d6:71:35:95:
6e:0f:f9:42:08:fb:a4:33:9c:73:1f:c4:02:64:18:
03:2d:89:6a:b9:4f:4c:bb:3a:39:c2:25:21:8b:38:
0a:02:0f:aa:d4:54:13:e0:d6:72:1a:cf:f1:37:e8:
4f:27:96:79:a8:bf:8a:65:7a:7e:54:b8:87:fe:f2:
b5:41:8a:1c:bb:eb:e2:28:8e:db:23:af:1c:91:2a:
ce:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C6:A4:EB:D7:37:41:5A:0B:50:A0:85:5D:25:54:E1:7A:B2:F5:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10ac5d21-ac79-460b-9e20-5ffa366ca0ed.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:20c0::/46
Signature Algorithm: sha256WithRSAEncryption
b9:c2:71:e6:0b:6e:7f:a2:91:09:f9:46:f6:1d:f6:66:b7:fd:
cc:bf:1d:8b:c6:a3:3e:9c:21:b4:11:57:1c:45:4f:4b:88:5f:
e8:e7:04:24:82:83:13:ad:59:1e:3d:21:c2:b3:05:dd:e4:8d:
2e:24:57:b2:d3:cc:d8:69:61:e2:91:1d:b2:9e:0f:c7:37:ee:
f6:ec:18:9a:86:51:e5:bb:d9:51:e9:3c:fe:26:c3:35:b0:5a:
d1:67:a1:69:c1:e1:7c:3e:f5:62:89:1c:95:51:f6:cf:60:f0:
ea:46:0d:16:b5:d4:a8:3f:13:5b:b6:d7:e9:95:56:a0:99:8d:
73:db:5d:49:06:37:20:86:10:39:9e:8a:b6:11:b3:b4:fb:bb:
39:fb:c7:ee:c0:a3:5c:0c:ff:98:b4:77:67:8d:c5:71:cf:b3:
1e:81:60:d3:81:11:a9:27:dc:4c:80:d7:4e:04:a1:bb:10:00:
92:d6:42:2a:69:0e:9c:4e:f4:54:14:5a:91:d9:55:c2:ad:1a:
03:dc:3a:25:c6:99:f0:a4:c6:ed:7a:f9:01:b8:ff:e4:da:9c:
36:b6:36:a0:89:ca:8c:a7:9c:65:09:a7:24:6c:58:84:41:a0:
ec:be:d5:88:da:4f:8a:98:ae:a3:79:25:8e:02:1e:3b:3d:c9:
ae:90:c5:99
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUUjGmGEmxYFelvMItc/SKLNXqdEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAxMTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjMDk1ZDliOWZkMDJjYzI1YjQzZmNiZjBmZGYwYjJlNWRhZjdkYThiYzA4
Zjc1Y2I5NzE2NTQ5NzM2OWVjNGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM77u1gEmtKMGJHPU6LBEqwYUvsFzOWB5SnWTp62n/Q82vElRRzhWgTMnXur
HX6vaCf/mkPyfxo/S0HQaNPF2OgWDpChWiIZGl3n517JBe6Dp4FnHglmC+oDpFbO
CIlDW+yUWcvjnJ9oBaMdGSZ+U6wJmo5FiFD1fMgGwDL5KvUyN5n78SqbqbezPKYB
ADfvriHdxeDqB7TjYYuRHN4AphiB/Y2DipdVZvMiQux1eg/WcTWVbg/5Qgj7pDOc
cx/EAmQYAy2JarlPTLs6OcIlIYs4CgIPqtRUE+DWchrP8TfoTyeWeai/imV6flS4
h/7ytUGKHLvr4iiO2yOvHJEqzoECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRxxqTr
1zdBWgtQoIVdJVTherL1gzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTBhYzVkMjEtYWM3OS00NjBiLTllMjAtNWZmYTM2NmNhMGVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DUg
wDANBgkqhkiG9w0BAQsFAAOCAQEAucJx5gtuf6KRCflG9h32Zrf9zL8di8ajPpwh
tBFXHEVPS4hf6OcEJIKDE61ZHj0hwrMF3eSNLiRXstPM2Glh4pEdsp4Pxzfu9uwY
moZR5bvZUek8/ibDNbBa0WehacHhfD71YokclVH2z2Dw6kYNFrXUqD8TW7bX6ZVW
oJmNc9tdSQY3IIYQOZ6KthGztPu7OfvH7sCjXAz/mLR3Z43Fcc+zHoFg04ERqSfc
TIDXTgShuxAAktZCKmkOnE70VBRakdlVwq0aA9w6JcaZ8KTG7Xr5Abj/5NqcNrY2
oInKjKecZQmnJGxYhEGg7L7ViNpPipiuo3kljgIeOz3JrpDFmQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:44:31 2025 by rpki-client