Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
File: 14c60b75-8947-47da-9c6d-7045cbbbea55.roa (raw, json)
Hash identifier: JkcgB5cboEXjpg1fFn1CDfZZiKB936lkW12H1YGiJ8k=
Subject key identifier: FE:32:3D:92:5F:03:AD:7C:99:1A:83:50:8D:71:CC:BC:E7:90:CD:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 317B60B2F95E91F5863AF3475477864A64AC82DD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
Signing time: Sat 12 Jul 2025 00:51:19 +0000
ROA not before: Sat 12 Jul 2025 00:51:19 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:7b:60:b2:f9:5e:91:f5:86:3a:f3:47:54:77:86:4a:64:ac:82:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:51:19 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=4f2fd91193a7a79e09ac39b92629b559cdddd3a49831634299d2ceea9f6477f2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e2:f0:71:17:45:d3:28:8a:e8:01:68:fb:88:
c1:c7:14:49:62:10:ff:b5:85:14:cb:48:68:57:b6:
36:98:29:4d:3b:8d:db:32:d6:91:de:1e:ff:5d:b9:
ca:8e:2a:c5:4a:25:82:9d:90:51:1d:ee:9e:d6:14:
2d:85:fe:21:77:6a:03:7a:c7:49:32:56:27:0a:7b:
f0:e0:e0:fd:b1:62:03:70:c2:ee:21:c1:8a:86:a9:
06:34:51:44:90:d4:58:aa:e3:0f:cb:9c:b8:53:58:
4d:01:61:1e:93:be:50:be:19:82:eb:bb:ab:ce:96:
ec:43:7f:7e:7a:5b:9c:e9:0b:00:f2:84:7e:15:86:
00:8a:3e:b2:04:63:02:1d:43:2e:04:a9:69:60:79:
31:92:e4:30:0c:c2:90:ba:9a:7e:20:e0:cc:6e:7c:
75:e2:66:d5:4e:e8:41:47:f8:00:cd:0c:5e:38:ae:
ea:04:e5:be:ba:f3:c3:1c:ed:14:a0:72:1d:20:d4:
92:7b:9e:db:ff:71:99:ba:e6:a7:46:78:1b:82:a6:
cb:9d:eb:86:6e:34:08:63:97:40:d6:4f:d3:bd:43:
60:33:f6:7c:9c:64:6d:65:d6:01:53:e5:3c:7b:49:
ae:b9:97:79:85:36:ed:4d:d2:75:eb:22:aa:a8:79:
94:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:32:3D:92:5F:03:AD:7C:99:1A:83:50:8D:71:CC:BC:E7:90:CD:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:1000::/40
Signature Algorithm: sha256WithRSAEncryption
7e:61:f3:1b:88:56:e3:58:42:12:08:2f:92:2b:c5:f4:be:a4:
bd:dc:77:2c:82:04:3a:fc:52:a8:35:d8:49:b5:0c:82:54:61:
b3:10:c0:ff:9e:fa:42:f0:9a:e5:60:f1:26:37:1f:f6:6c:b2:
0a:33:02:dd:ee:8e:3c:36:40:23:d0:6a:ba:52:f0:d2:aa:b8:
c4:ef:ee:40:40:46:c2:86:a6:cd:72:08:54:1c:15:4e:7f:8b:
96:f1:b2:73:f2:a3:f4:39:5d:8f:c0:b2:e3:6c:20:8f:d1:00:
28:39:ff:a0:38:27:29:ba:96:db:28:6d:b8:df:e4:65:9b:22:
8e:c8:56:84:41:25:4c:5e:2b:e9:35:d4:1c:4f:f7:fd:75:9a:
c5:5d:4c:f4:d6:14:a7:3c:b8:2d:15:a2:23:53:43:d5:c4:00:
5c:22:f8:4a:13:2d:1a:fb:60:4d:4d:9d:7e:ef:10:25:21:ca:
01:b9:2d:54:d8:ce:80:d7:44:68:25:da:88:b9:18:93:ec:4b:
62:90:22:1c:cc:ef:b9:4a:16:66:b5:67:27:ab:f1:1f:5d:2c:
ea:b1:7d:37:2a:6d:2b:62:e8:f0:57:a5:1c:33:af:b6:5a:e6:
6e:90:98:d8:07:3e:40:b7:6c:e1:44:95:d3:ac:bd:84:f3:bb:
83:23:39:be
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMXtgsvlekfWGOvNHVHeGSmSsgt0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUxMTlaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmMmZkOTExOTNhN2E3OWUwOWFjMzliOTI2MjliNTU5Y2RkZGQzYTQ5ODMx
NjM0Mjk5ZDJjZWVhOWY2NDc3ZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvi8HEXRdMoiugBaPuIwccUSWIQ/7WFFMtIaFe2NpgpTTuN2zLWkd4e/125
yo4qxUolgp2QUR3untYULYX+IXdqA3rHSTJWJwp78ODg/bFiA3DC7iHBioapBjRR
RJDUWKrjD8ucuFNYTQFhHpO+UL4Zguu7q86W7EN/fnpbnOkLAPKEfhWGAIo+sgRj
Ah1DLgSpaWB5MZLkMAzCkLqafiDgzG58deJm1U7oQUf4AM0MXjiu6gTlvrrzwxzt
FKByHSDUknue2/9xmbrmp0Z4G4Kmy53rhm40CGOXQNZP071DYDP2fJxkbWXWAVPl
PHtJrrmXeYU27U3Sdesiqqh5lH0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT+Mj2S
XwOtfJkag1CNccy855DNiDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTRjNjBiNzUtODk0Ny00N2RhLTljNmQtNzA0NWNiYmJlYTU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8Q
MA0GCSqGSIb3DQEBCwUAA4IBAQB+YfMbiFbjWEISCC+SK8X0vqS93HcsggQ6/FKo
NdhJtQyCVGGzEMD/nvpC8JrlYPEmNx/2bLIKMwLd7o48NkAj0Gq6UvDSqrjE7+5A
QEbChqbNcghUHBVOf4uW8bJz8qP0OV2PwLLjbCCP0QAoOf+gOCcpupbbKG243+Rl
myKOyFaEQSVMXivpNdQcT/f9dZrFXUz01hSnPLgtFaIjU0PVxABcIvhKEy0a+2BN
TZ1+7xAlIcoBuS1U2M6A10RoJdqIuRiT7EtikCIczO+5ShZmtWcnq/EfXSzqsX03
Km0rYujwV6UcM6+2WuZukJjYBz5At2zhRJXTrL2E87uDIzm+
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:19 2025 by rpki-client