Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/117f6e2e-2cfa-4aaf-9a5c-97d19f1e24db.roa
File: 117f6e2e-2cfa-4aaf-9a5c-97d19f1e24db.roa (raw, json)
Hash identifier: rmBSTqK5O+zn1WcJ6/Km10dJ7Rz1+HZu05pHxK7Jc58=
Subject key identifier: A6:D1:3A:73:74:F7:42:03:BF:1C:17:30:14:AD:C8:13:32:27:9E:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36C19ED0A5EB08F53DDEC4464F3BDB6461574FB6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/117f6e2e-2cfa-4aaf-9a5c-97d19f1e24db.roa
Signing time: Fri 11 Jul 2025 19:50:47 +0000
ROA not before: Fri 11 Jul 2025 19:50:47 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:a0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:c1:9e:d0:a5:eb:08:f5:3d:de:c4:46:4f:3b:db:64:61:57:4f:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:50:47 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=59f2e2bf3c3be7a270d4e5f33099e6d9081c79cbc77c7b7e429f5ff694a6bf5a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:f5:ce:5b:f4:44:3f:af:bf:e6:3b:f2:0a:32:
a6:88:b6:5c:1f:eb:e1:9e:f0:d0:ad:e3:85:35:eb:
21:89:58:d7:4e:9b:c1:c2:f1:7b:71:70:22:3f:3d:
1b:3b:cc:17:a2:66:27:10:d1:95:88:13:b0:40:fd:
14:ff:4b:e7:fe:1a:e0:4d:eb:0a:47:ad:99:df:31:
e6:71:2e:89:e9:ac:18:14:d4:54:38:ad:3a:4c:46:
94:c4:66:b5:9d:c3:e6:a9:70:b2:19:0b:c3:a0:97:
9f:bc:d3:4c:71:9b:4e:92:a6:29:8b:c0:27:1d:7f:
57:4e:6b:f4:e4:04:a8:cc:9d:5b:fc:84:46:8d:c7:
37:70:7f:9f:43:f1:d3:0c:e1:5a:ca:a2:3c:3e:9d:
46:64:1e:fe:3a:7b:6b:97:0c:4f:c0:05:9b:6d:5c:
df:25:be:7e:d9:73:1c:b1:34:cb:34:32:a9:26:8b:
2c:e6:9f:84:ad:c1:05:46:ac:ca:e4:d5:ea:c0:43:
1f:05:4c:79:fa:86:59:d1:7f:10:74:bb:64:6e:e1:
0d:28:a5:7a:2e:59:1a:73:f1:46:a8:7b:bc:06:bd:
19:b8:2d:1d:cc:02:16:a3:9f:22:a8:1e:4c:9d:2e:
1b:c2:ac:ba:67:c8:f3:48:db:31:9b:50:4d:1f:5c:
d9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:D1:3A:73:74:F7:42:03:BF:1C:17:30:14:AD:C8:13:32:27:9E:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/117f6e2e-2cfa-4aaf-9a5c-97d19f1e24db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:a0c0::/46
Signature Algorithm: sha256WithRSAEncryption
57:83:82:0c:04:d5:91:77:13:56:de:df:c3:53:93:c0:3e:46:
49:63:25:be:dc:9a:95:1f:29:ce:a7:2f:45:d8:7e:b2:b5:fa:
b9:8d:82:05:db:73:fa:6a:c0:88:ee:ec:ab:25:f0:50:6a:9c:
d3:cf:ae:24:46:09:cc:21:f5:cc:8a:bd:96:8c:39:f6:70:f9:
f6:18:13:15:6c:2f:89:97:ac:35:be:17:d8:39:7a:27:42:f1:
5e:42:2e:de:13:b0:86:3d:8d:ad:07:bb:59:2b:3e:31:0b:da:
94:00:79:f8:3d:49:dc:23:1f:72:8b:da:9c:d4:48:af:bd:f2:
20:1e:af:ad:e4:f5:66:8e:4b:f0:bf:0f:d1:12:90:3e:18:71:
56:3e:10:0a:c9:f4:18:d7:99:93:35:61:2f:7f:14:d0:50:01:
05:cc:da:ec:f9:b3:b2:d9:62:7f:2a:7b:82:10:0e:46:ee:ac:
12:49:fe:84:2e:0d:f9:b1:e8:1e:b5:86:10:1f:3e:7a:60:0a:
95:1f:30:f5:aa:c2:76:9d:9c:ec:31:39:b7:91:bd:24:d2:18:
69:4a:a1:d7:a2:c0:1b:76:9f:aa:61:18:89:61:0f:32:cf:58:
bc:50:75:07:d9:47:a2:d4:e4:b7:8f:2a:45:84:32:36:4b:d7:
87:cf:d3:ef
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNsGe0KXrCPU93sRGTzvbZGFXT7YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUwNDdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5ZjJlMmJmM2MzYmU3YTI3MGQ0ZTVmMzMwOTllNmQ5MDgxYzc5Y2JjNzdj
N2I3ZTQyOWY1ZmY2OTRhNmJmNWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOf1zlv0RD+vv+Y78goypoi2XB/r4Z7w0K3jhTXrIYlY106bwcLxe3FwIj89
GzvMF6JmJxDRlYgTsED9FP9L5/4a4E3rCketmd8x5nEuiemsGBTUVDitOkxGlMRm
tZ3D5qlwshkLw6CXn7zTTHGbTpKmKYvAJx1/V05r9OQEqMydW/yERo3HN3B/n0Px
0wzhWsqiPD6dRmQe/jp7a5cMT8AFm21c3yW+ftlzHLE0yzQyqSaLLOafhK3BBUas
yuTV6sBDHwVMefqGWdF/EHS7ZG7hDSilei5ZGnPxRqh7vAa9GbgtHcwCFqOfIqge
TJ0uG8KsumfI80jbMZtQTR9c2UcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSm0Tpz
dPdCA78cFzAUrcgTMieeZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTE3ZjZlMmUtMmNmYS00YWFmLTlhNWMtOTdkMTlmMWUyNGRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Heg
wDANBgkqhkiG9w0BAQsFAAOCAQEAV4OCDATVkXcTVt7fw1OTwD5GSWMlvtyalR8p
zqcvRdh+srX6uY2CBdtz+mrAiO7sqyXwUGqc08+uJEYJzCH1zIq9low59nD59hgT
FWwviZesNb4X2Dl6J0LxXkIu3hOwhj2NrQe7WSs+MQvalAB5+D1J3CMfcovanNRI
r73yIB6vreT1Zo5L8L8P0RKQPhhxVj4QCsn0GNeZkzVhL38U0FABBcza7Pmzstli
fyp7ghAORu6sEkn+hC4N+bHoHrWGEB8+emAKlR8w9arCdp2c7DE5t5G9JNIYaUqh
16LAG3afqmEYiWEPMs9YvFB1B9lHotTkt48qRYQyNkvXh8/T7w==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:36:27 2025 by rpki-client