Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
File: 11f67075-d744-49be-809b-fca0d72c41e0.roa (raw, json)
Hash identifier: 9mFinJXaPVl8ffEKu8S/2xegFE5JC3ZzGqX3ZqT0V6o=
Subject key identifier: 2F:DD:45:DD:0A:51:5A:8E:26:7D:06:37:5D:DA:08:88:3C:57:4D:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54E8B084AA334B5A17E072814A76FA31637F937A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
Signing time: Fri 11 Jul 2025 20:11:26 +0000
ROA not before: Fri 11 Jul 2025 20:11:26 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:e8:b0:84:aa:33:4b:5a:17:e0:72:81:4a:76:fa:31:63:7f:93:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:11:26 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=52086f007d2f5240c39a0cdfe9e0c4c46babb467ab08737f99fe624ef02f8346, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c2:2a:f9:c5:b3:33:31:e1:db:da:15:50:20:
8f:01:64:91:a1:a4:af:97:f2:63:57:6e:a3:96:09:
81:e7:fd:08:77:3b:98:36:ef:3e:f9:39:51:96:b0:
ab:ea:ab:1b:77:13:33:fe:5d:e4:6a:61:4c:49:32:
ed:2c:a0:84:79:7f:d1:f4:e9:bb:02:c1:6c:db:d3:
d8:99:2b:44:82:4b:ab:28:34:2b:90:d1:f1:f8:a5:
fb:68:70:dd:c8:93:b3:45:33:3d:96:67:3d:5b:8d:
8a:94:46:7b:ad:f8:6b:e5:82:dc:7b:d3:de:40:36:
3a:61:2a:31:2c:29:91:95:bd:be:91:69:f0:88:3b:
4b:fb:d8:7d:ee:a1:44:48:68:58:fc:5f:d0:26:83:
97:f2:2d:1a:76:b6:2d:a7:aa:0a:9f:a4:64:78:96:
7b:05:6d:43:24:02:06:73:06:e7:60:9d:38:60:80:
bb:f1:df:f0:57:25:03:01:c8:72:c4:c4:6d:ab:ae:
4c:8c:5d:c3:1e:44:54:ab:e0:ca:33:f2:48:e7:4d:
ab:96:b8:44:85:b7:29:27:1e:bc:3f:df:59:f7:f9:
fb:85:4f:9b:54:f3:ad:8b:7d:a0:1a:1c:e4:19:26:
e6:02:36:f8:93:18:46:71:ea:be:4a:39:b2:16:cf:
c7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:DD:45:DD:0A:51:5A:8E:26:7D:06:37:5D:DA:08:88:3C:57:4D:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:2000::/40
Signature Algorithm: sha256WithRSAEncryption
9f:70:30:49:b7:b5:08:17:4b:bf:40:0c:64:90:d3:bf:ac:38:
48:63:91:64:ae:5c:b5:d0:42:88:e5:42:8f:a4:7b:b7:9e:d3:
f5:38:90:88:dc:17:2e:98:d9:19:df:09:ad:12:e4:7b:79:fe:
83:91:85:ce:77:07:3a:2a:5b:7c:1f:05:23:a0:c2:0c:9a:48:
45:09:7d:db:9d:b5:90:02:cc:5b:17:a5:d6:92:03:ac:be:f6:
1e:8d:44:57:33:e2:7b:de:e2:25:bf:89:9c:a7:67:56:72:66:
ab:6a:6a:d6:57:92:b0:96:19:13:c9:69:ec:19:cf:b4:e5:91:
ce:ef:9a:a0:d9:eb:60:69:ce:65:44:00:dd:55:70:fc:a2:28:
08:63:6b:44:23:e9:1f:12:86:2e:f7:b7:9e:80:8b:45:38:43:
be:05:ad:91:81:9d:19:27:b9:f6:61:d0:7f:4d:27:52:21:1d:
b2:8b:95:48:d3:52:51:93:4c:c4:7d:22:55:36:97:db:1a:64:
10:0d:11:88:98:bd:5b:33:10:6d:fc:b9:94:1e:fa:51:0d:f6:
c7:b5:5f:f7:89:3c:33:26:7f:8e:0b:21:b8:15:b5:39:1c:f4:
5d:57:c5:7c:41:e3:8f:6d:5d:43:c0:f6:32:e2:dc:00:82:e5:
23:12:d9:5d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVOiwhKozS1oX4HKBSnb6MWN/k3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDExMjZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyMDg2ZjAwN2QyZjUyNDBjMzlhMGNkZmU5ZTBjNGM0NmJhYmI0NjdhYjA4
NzM3Zjk5ZmU2MjRlZjAyZjgzNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXCKvnFszMx4dvaFVAgjwFkkaGkr5fyY1duo5YJgef9CHc7mDbvPvk5UZaw
q+qrG3cTM/5d5GphTEky7SyghHl/0fTpuwLBbNvT2JkrRIJLqyg0K5DR8fil+2hw
3ciTs0UzPZZnPVuNipRGe634a+WC3HvT3kA2OmEqMSwpkZW9vpFp8Ig7S/vYfe6h
REhoWPxf0CaDl/ItGna2LaeqCp+kZHiWewVtQyQCBnMG52CdOGCAu/Hf8FclAwHI
csTEbauuTIxdwx5EVKvgyjPySOdNq5a4RIW3KScevD/fWff5+4VPm1TzrYt9oBoc
5Bkm5gI2+JMYRnHqvko5shbPx9MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQv3UXd
ClFajiZ9Bjdd2giIPFdNHDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFmNjcwNzUtZDc0NC00OWJlLTgwOWItZmNhMGQ3MmM0MWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hgg
MA0GCSqGSIb3DQEBCwUAA4IBAQCfcDBJt7UIF0u/QAxkkNO/rDhIY5Fkrly10EKI
5UKPpHu3ntP1OJCI3BcumNkZ3wmtEuR7ef6DkYXOdwc6Klt8HwUjoMIMmkhFCX3b
nbWQAsxbF6XWkgOsvvYejURXM+J73uIlv4mcp2dWcmaramrWV5KwlhkTyWnsGc+0
5ZHO75qg2etgac5lRADdVXD8oigIY2tEI+kfEoYu97eegItFOEO+Ba2RgZ0ZJ7n2
YdB/TSdSIR2yi5VI01JRk0zEfSJVNpfbGmQQDRGImL1bMxBt/LmUHvpRDfbHtV/3
iTwzJn+OCyG4FbU5HPRdV8V8QeOPbV1DwPYy4twAguUjEtld
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:42:28 2025 by rpki-client