Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
File: 12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa (raw, json)
Hash identifier: XTtZiBEpCyiRZrVK11eYo7OAP6ZHQv/TjMBFrEOJ7U8=
Subject key identifier: A5:07:6A:C1:F8:88:31:77:AC:76:64:89:94:10:CC:4B:5E:9A:26:4D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23D57DFE9CDFF788F77DB98E3D816ED34F994A1F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
Signing time: Fri 11 Jul 2025 20:40:10 +0000
ROA not before: Fri 11 Jul 2025 20:40:10 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:d5:7d:fe:9c:df:f7:88:f7:7d:b9:8e:3d:81:6e:d3:4f:99:4a:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:40:10 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=173e5ff11ae6e0ff4fa56c537e3043e330396e50394bdf10148298e76ac793c9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:20:ee:4c:96:cc:42:d2:66:1b:18:4d:e1:fb:
71:b5:87:34:1b:59:fc:ce:05:c8:fb:f6:ca:81:94:
5d:03:d9:78:67:0b:60:97:d8:b8:04:15:54:58:42:
e1:9c:ec:02:d4:47:0d:33:ce:b4:df:ba:0c:31:1e:
19:57:2a:ec:ea:9b:78:f3:98:57:2d:67:9b:b5:e5:
4c:ff:76:ae:fa:d0:23:b4:8b:a4:89:87:75:98:fd:
7a:45:06:8d:80:31:7c:eb:d4:56:db:07:0e:23:42:
b5:7c:11:e1:19:16:c2:f2:84:38:3a:e2:51:e9:09:
ab:d0:4c:09:8e:a5:95:08:96:c7:fb:63:f9:38:44:
1c:f9:b0:6a:6f:4c:eb:36:51:f3:a8:33:f9:4e:8a:
1c:08:69:59:45:81:d3:6d:3c:6c:d7:02:9c:77:d9:
c6:ed:de:75:71:2e:cc:e2:b0:9c:22:12:2b:07:8a:
ea:73:e2:55:ef:d1:06:6f:77:0c:39:7a:ce:08:38:
a8:8f:a0:bd:b4:75:c0:a8:b3:1f:d7:5e:2e:ce:62:
ae:38:f2:e5:d3:ad:a9:e8:20:18:b3:2e:1c:12:df:
98:d7:1c:ae:40:82:81:d2:06:f9:6a:a6:6d:de:5c:
58:3e:39:c8:c8:63:11:f4:c4:3a:ef:8c:02:de:ae:
51:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:07:6A:C1:F8:88:31:77:AC:76:64:89:94:10:CC:4B:5E:9A:26:4D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011::/38
Signature Algorithm: sha256WithRSAEncryption
7f:f0:9b:ff:a6:e3:b9:66:4b:d9:ba:b8:fa:8b:3e:c1:84:b5:
3e:75:86:7d:38:40:a7:76:b6:63:b0:5c:ca:ac:d4:f2:9a:09:
3a:6f:5e:c6:91:99:8e:41:aa:16:ce:0a:7a:90:0e:53:33:3e:
2b:62:61:68:79:33:be:6d:0b:72:d7:7e:72:21:0b:fc:3c:b8:
14:82:d4:75:f0:15:37:c5:ff:b0:d9:04:10:61:4b:cb:d6:11:
34:3a:f0:25:6a:72:a8:14:f6:cb:58:f1:b1:38:ca:d4:80:0e:
ac:a9:ec:a9:88:59:a6:45:70:ec:38:b1:9f:54:c0:b6:32:df:
dc:0a:95:6f:d1:76:0b:be:99:eb:4e:54:bb:6c:92:64:99:e3:
97:39:a2:a2:4f:d7:b5:83:00:77:7e:f5:3f:af:45:0f:a2:c0:
69:90:44:0a:64:3a:8a:9c:7f:55:23:51:0e:b6:b1:b3:17:c7:
08:30:0f:7f:d7:01:5e:c4:5b:8a:dd:fa:34:d0:d1:85:9e:28:
4e:18:d1:08:e7:ce:3c:97:5a:4e:1d:51:38:10:c6:ca:11:a0:
15:b7:31:27:49:93:16:51:57:78:c6:94:2f:64:79:18:9c:49:
1b:b6:e7:9a:4d:bc:b4:f5:45:0e:93:29:23:ff:4f:da:01:ba:
f6:1f:4a:b3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUI9V9/pzf94j3fbmOPYFu00+ZSh8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQwMTBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3M2U1ZmYxMWFlNmUwZmY0ZmE1NmM1MzdlMzA0M2UzMzAzOTZlNTAzOTRi
ZGYxMDE0ODI5OGU3NmFjNzkzYzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4g7kyWzELSZhsYTeH7cbWHNBtZ/M4FyPv2yoGUXQPZeGcLYJfYuAQVVFhC
4ZzsAtRHDTPOtN+6DDEeGVcq7OqbePOYVy1nm7XlTP92rvrQI7SLpImHdZj9ekUG
jYAxfOvUVtsHDiNCtXwR4RkWwvKEODriUekJq9BMCY6llQiWx/tj+ThEHPmwam9M
6zZR86gz+U6KHAhpWUWB0208bNcCnHfZxu3edXEuzOKwnCISKweK6nPiVe/RBm93
DDl6zgg4qI+gvbR1wKizH9deLs5irjjy5dOtqeggGLMuHBLfmNccrkCCgdIG+Wqm
bd5cWD45yMhjEfTEOu+MAt6uUW8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSlB2rB
+Igxd6x2ZImUEMxLXpomTTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTIwOTliZjUtZjljMS00NjNlLTlmYzktZWFmNzkxZTMzOWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEA
MA0GCSqGSIb3DQEBCwUAA4IBAQB/8Jv/puO5ZkvZurj6iz7BhLU+dYZ9OECndrZj
sFzKrNTymgk6b17GkZmOQaoWzgp6kA5TMz4rYmFoeTO+bQty135yIQv8PLgUgtR1
8BU3xf+w2QQQYUvL1hE0OvAlanKoFPbLWPGxOMrUgA6sqeypiFmmRXDsOLGfVMC2
Mt/cCpVv0XYLvpnrTlS7bJJkmeOXOaKiT9e1gwB3fvU/r0UPosBpkEQKZDqKnH9V
I1EOtrGzF8cIMA9/1wFexFuK3fo00NGFnihOGNEI5848l1pOHVE4EMbKEaAVtzEn
SZMWUVd4xpQvZHkYnEkbtueaTby09UUOkykj/0/aAbr2H0qz
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:16 2025 by rpki-client