Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
File: 17e30daf-f11a-4af6-8f47-661a735a22e9.roa (raw, json)
Hash identifier: QKAIFxxrwg2OPVfxHWKsApVE2m3+cpnA4hjjyEmT5ko=
Subject key identifier: 0E:74:06:77:B0:EF:77:91:89:20:84:02:B8:B8:F0:CA:96:3B:0C:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F9795F349B8B57D63508C62E7392E7C19049E79
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
Signing time: Fri 11 Jul 2025 20:00:52 +0000
ROA not before: Fri 11 Jul 2025 20:00:52 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:97:95:f3:49:b8:b5:7d:63:50:8c:62:e7:39:2e:7c:19:04:9e:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:00:52 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=bd75f84104e70ededbac93b823633c648904e90a23a3efc3e8c87470ebb664ad, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:df:ef:22:d3:5a:d9:ef:29:20:ac:ab:0c:26:
12:ea:ef:ca:0f:1e:17:e5:6a:37:2f:70:28:27:bb:
38:47:1e:39:a4:d6:83:5b:f9:c4:35:4f:e5:40:43:
a8:97:34:70:3b:6b:29:7e:a1:31:7f:5b:41:3b:bb:
01:68:1b:ad:6e:75:f9:34:54:6b:5f:58:20:08:b0:
ce:b2:cf:ec:f5:3c:a3:e4:da:f4:be:f6:f1:4c:4e:
de:09:14:ed:b4:53:e4:d3:8d:6a:5c:1f:eb:0e:b6:
05:15:0e:5b:25:8b:ac:fb:2f:5f:3a:25:72:e2:55:
02:3a:7f:9e:94:fa:2a:09:2a:ea:57:81:2e:ce:49:
31:cb:08:f5:91:07:ea:db:fc:5f:24:bf:ea:89:c1:
b4:78:59:8e:60:ea:08:d1:84:10:86:15:b9:1a:18:
8d:c9:1a:44:02:e9:10:6a:8d:a0:28:5e:4b:bc:87:
2f:cb:fd:ad:0d:ac:a1:65:93:d9:25:66:98:75:d8:
d4:0e:ca:e3:18:83:b0:ec:6e:ea:97:8e:13:58:ff:
41:71:5f:58:49:74:cf:36:ff:a2:95:25:1d:73:e0:
69:fd:bb:9c:3d:2d:16:c7:7f:7f:3a:12:ef:52:5e:
01:17:f7:ab:20:2e:8f:09:17:c0:23:42:c9:62:22:
c3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:74:06:77:B0:EF:77:91:89:20:84:02:B8:B8:F0:CA:96:3B:0C:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:5000::/40
Signature Algorithm: sha256WithRSAEncryption
2e:80:43:a6:df:b2:8e:ca:f3:9b:e5:bb:d5:a0:64:0b:2b:73:
0e:fb:3f:d7:d4:ee:cd:91:d6:90:03:b3:79:d9:51:ba:2d:2f:
d9:44:6c:87:4d:e0:55:bd:50:c7:c0:26:2c:e0:3e:20:ff:74:
de:5b:b3:51:50:bd:60:81:7f:08:0f:f7:33:d9:6f:eb:a2:25:
f2:c0:9b:a2:8f:99:85:3d:c6:71:cb:5d:bc:c1:e7:95:8a:24:
80:5d:b1:a8:69:43:e5:07:f3:7f:01:16:33:3c:ee:35:17:ea:
39:9b:b4:e9:9f:46:f2:33:e6:19:30:38:f5:6c:2f:13:d8:8c:
ec:56:99:19:ef:fe:f0:ef:65:99:bb:68:aa:ec:e8:68:0f:2d:
d7:49:67:7a:22:57:df:7b:6d:e1:16:33:99:01:98:81:0b:b7:
1d:74:d4:12:c5:2e:3c:cd:be:39:6c:b1:13:d4:bf:98:ab:bf:
b7:7b:b1:17:2b:92:09:31:51:54:21:6d:8d:a8:3a:ad:6d:ac:
f5:62:0e:e1:d7:31:52:82:4e:2a:c2:47:07:1b:16:62:60:0c:
86:f0:4d:3d:c1:3b:22:21:1b:7a:31:e7:3e:16:04:20:a7:4f:
9d:75:bf:c4:e5:31:b4:60:69:91:e2:55:c0:77:c0:0d:a5:3f:
8c:77:b8:5b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX5eV80m4tX1jUIxi5zkufBkEnnkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAwNTJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkNzVmODQxMDRlNzBlZGVkYmFjOTNiODIzNjMzYzY0ODkwNGU5MGEyM2Ez
ZWZjM2U4Yzg3NDcwZWJiNjY0YWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbf7yLTWtnvKSCsqwwmEurvyg8eF+VqNy9wKCe7OEceOaTWg1v5xDVP5UBD
qJc0cDtrKX6hMX9bQTu7AWgbrW51+TRUa19YIAiwzrLP7PU8o+Ta9L728UxO3gkU
7bRT5NONalwf6w62BRUOWyWLrPsvXzolcuJVAjp/npT6Kgkq6leBLs5JMcsI9ZEH
6tv8XyS/6onBtHhZjmDqCNGEEIYVuRoYjckaRALpEGqNoCheS7yHL8v9rQ2soWWT
2SVmmHXY1A7K4xiDsOxu6peOE1j/QXFfWEl0zzb/opUlHXPgaf27nD0tFsd/fzoS
71JeARf3qyAujwkXwCNCyWIiw4MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQOdAZ3
sO93kYkghAK4uPDKljsMMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTdlMzBkYWYtZjExYS00YWY2LThmNDctNjYxYTczNWEyMmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAugEOm37KOyvOb5bvVoGQLK3MO+z/X1O7NkdaQ
A7N52VG6LS/ZRGyHTeBVvVDHwCYs4D4g/3TeW7NRUL1ggX8ID/cz2W/roiXywJui
j5mFPcZxy128weeViiSAXbGoaUPlB/N/ARYzPO41F+o5m7Tpn0byM+YZMDj1bC8T
2IzsVpkZ7/7w72WZu2iq7OhoDy3XSWd6Ilffe23hFjOZAZiBC7cddNQSxS48zb45
bLET1L+Yq7+3e7EXK5IJMVFUIW2NqDqtbaz1Yg7h1zFSgk4qwkcHGxZiYAyG8E09
wTsiIRt6Mec+FgQgp0+ddb/E5TG0YGmR4lXAd8ANpT+Md7hb
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:33:39 2025 by rpki-client