Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
File: 11758a9b-0e07-4929-92b2-ff867af4fa4f.roa (raw, json)
Hash identifier: x7+UTuHWJsyTJpgzCrFERrBk7LleAOHKoyZIzAcxIEU=
Subject key identifier: 8D:91:F3:0D:84:F7:96:0D:27:18:11:D6:54:44:89:73:4A:43:9E:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77B51646A7FDDBA5720631BC1DE9F0CE4FE40B8C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
Signing time: Tue 01 Jul 2025 15:10:54 +0000
ROA not before: Tue 01 Jul 2025 15:10:54 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:b5:16:46:a7:fd:db:a5:72:06:31:bc:1d:e9:f0:ce:4f:e4:0b:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:10:54 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=49f95ba305de4c95e31aa2f451f05d5790ad2856bb22672022706b65809c3505, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:74:ac:fe:62:d2:3e:90:74:d5:18:1e:54:14:
f1:d2:11:1b:9b:bb:80:f5:5d:8c:d5:97:07:55:3b:
c1:54:65:de:a0:a1:94:d7:3a:27:0f:86:6d:fb:d8:
d5:c3:e5:67:16:6d:1f:23:86:88:f0:c5:34:d1:c1:
80:aa:46:91:10:f7:fa:4c:e4:8e:4f:64:c9:3d:0e:
e7:2b:03:36:35:07:3c:2a:26:cc:fa:4c:a0:f8:5d:
f8:88:b5:21:3d:9f:06:60:5b:7a:a7:5d:ce:1b:f7:
61:00:63:06:86:c5:7a:b2:34:19:0d:79:bd:98:d3:
d5:21:1b:29:18:93:84:32:7b:be:90:7a:ab:cf:80:
42:25:11:64:93:0c:eb:b6:c1:7d:98:5f:69:2b:30:
e5:26:6e:e3:b6:c8:5b:f4:a0:7d:e0:6c:84:00:ea:
3b:d0:35:1c:a3:fb:30:ac:1d:95:fd:54:96:47:0c:
f3:c6:24:39:a4:12:49:53:30:ab:76:e5:ce:11:47:
cc:22:7e:91:09:14:3b:4d:ab:ff:05:f5:76:50:a8:
f5:6b:b8:46:1d:45:bc:e8:1c:85:d4:21:a4:b4:ff:
00:bc:f8:1d:c1:a7:c6:65:d1:2e:92:65:4a:3d:fa:
09:16:f2:3e:76:60:30:60:bd:e3:33:8c:cb:a1:ad:
b9:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:91:F3:0D:84:F7:96:0D:27:18:11:D6:54:44:89:73:4A:43:9E:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:2000::/40
Signature Algorithm: sha256WithRSAEncryption
89:27:85:d7:b1:d1:7e:c6:c7:16:47:22:e4:1d:d2:f1:60:27:
66:4c:f2:88:f5:63:46:db:60:77:85:54:a9:92:e0:79:8c:71:
c6:50:92:69:d4:52:93:08:ee:d8:92:98:51:fc:ef:20:85:fc:
cf:89:09:ab:e2:b0:3f:ea:40:99:c2:0e:d2:cc:0c:2b:cd:b0:
01:65:f9:a8:6a:8b:cb:9f:01:54:41:6a:76:97:94:35:be:f4:
04:a2:7b:ec:d8:63:71:5d:0b:c1:a2:c0:3b:ec:3e:0d:59:11:
3d:90:c3:6b:38:63:cb:e5:6d:37:57:31:8f:78:2f:dd:ec:83:
da:ec:22:df:d4:9f:7d:ed:cc:59:ca:74:e5:e2:3b:21:ec:3a:
a0:6a:a4:16:2e:39:69:33:f0:93:30:33:f8:c7:db:d3:2e:b2:
0c:2c:58:f7:11:48:b6:5d:a7:cc:cd:90:2f:f6:4d:f7:35:9f:
4f:a1:e3:c2:f8:90:a3:33:d4:d8:da:ca:d8:4b:72:2b:89:86:
51:44:6e:77:e9:2c:c5:ff:b6:5d:db:d1:d5:07:97:26:71:1d:
16:b8:76:8f:48:ab:19:29:4d:f6:76:35:3b:33:50:f3:5c:81:
b8:e2:97:5c:71:73:f3:cb:df:f5:57:cf:be:b5:3b:9f:55:fd:
b6:5f:37:4d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd7UWRqf926VyBjG8Henwzk/kC4wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTEwNTRaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5Zjk1YmEzMDVkZTRjOTVlMzFhYTJmNDUxZjA1ZDU3OTBhZDI4NTZiYjIy
NjcyMDIyNzA2YjY1ODA5YzM1MDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALx0rP5i0j6QdNUYHlQU8dIRG5u7gPVdjNWXB1U7wVRl3qChlNc6Jw+GbfvY
1cPlZxZtHyOGiPDFNNHBgKpGkRD3+kzkjk9kyT0O5ysDNjUHPComzPpMoPhd+Ii1
IT2fBmBbeqddzhv3YQBjBobFerI0GQ15vZjT1SEbKRiThDJ7vpB6q8+AQiURZJMM
67bBfZhfaSsw5SZu47bIW/SgfeBshADqO9A1HKP7MKwdlf1UlkcM88YkOaQSSVMw
q3blzhFHzCJ+kQkUO02r/wX1dlCo9Wu4Rh1FvOgchdQhpLT/ALz4HcGnxmXRLpJl
Sj36CRbyPnZgMGC94zOMy6GtufMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSNkfMN
hPeWDScYEdZURIlzSkOe3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTE3NThhOWItMGUwNy00OTI5LTkyYjItZmY4NjdhZjRmYTRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQg
MA0GCSqGSIb3DQEBCwUAA4IBAQCJJ4XXsdF+xscWRyLkHdLxYCdmTPKI9WNG22B3
hVSpkuB5jHHGUJJp1FKTCO7YkphR/O8ghfzPiQmr4rA/6kCZwg7SzAwrzbABZfmo
aovLnwFUQWp2l5Q1vvQEonvs2GNxXQvBosA77D4NWRE9kMNrOGPL5W03VzGPeC/d
7IPa7CLf1J997cxZynTl4jsh7DqgaqQWLjlpM/CTMDP4x9vTLrIMLFj3EUi2XafM
zZAv9k33NZ9PoePC+JCjM9TY2srYS3IriYZRRG536SzF/7Zd29HVB5cmcR0WuHaP
SKsZKU32djU7M1DzXIG44pdccXPzy9/1V8++tTufVf22XzdN
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:42:28 2025 by rpki-client