Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
File: 182e091e-259f-44bd-bb67-c5e36fa6958b.roa (raw, json)
Hash identifier: DV7slVB3p/pn1XpUnsZC8XX2fdveQ0Z4I1Ayri5nTq8=
Subject key identifier: 36:D6:B9:62:C0:AE:B4:9E:60:93:96:BF:17:07:2C:A1:DA:72:3B:C1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3AC39ED26B94236DBAEEBBF6A29FF839F449E4ED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
Signing time: Fri 11 Jul 2025 20:40:14 +0000
ROA not before: Fri 11 Jul 2025 20:40:14 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:c3:9e:d2:6b:94:23:6d:ba:ee:bb:f6:a2:9f:f8:39:f4:49:e4:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:40:14 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=f450e049a935581135cd63b8aefbf72b999f5d10e4a47cf647bb55f49f05bbe5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0a:5c:5e:4e:ef:d2:58:09:e0:a3:fe:80:18:
25:af:9e:cf:3f:47:b4:67:4b:df:0b:f1:1a:16:f6:
78:6a:d7:c0:a1:a5:ad:94:3d:1e:83:a6:3c:3e:5d:
32:df:6b:fc:ef:b9:68:bd:2e:d7:47:0b:7f:40:ea:
fc:23:c7:da:ad:a1:c8:70:99:a7:4a:b2:3f:48:5b:
27:7a:9e:00:c6:3d:0d:29:b6:98:86:96:fe:6f:68:
a7:fe:0f:b5:ab:97:e1:d6:8c:9f:4b:34:94:d4:cb:
df:a9:b4:66:b2:d7:de:d9:66:ad:73:41:97:a9:fe:
c5:60:83:f7:e4:ee:73:c8:ec:30:ec:89:24:98:ae:
92:d7:a6:8a:25:c6:31:1d:99:11:a3:ee:02:93:51:
bd:4e:11:cb:10:b2:1c:8a:c4:ca:0d:fc:69:2a:a2:
c0:59:ca:c4:c1:73:f3:47:22:a4:46:f5:57:f2:46:
75:28:4d:58:ab:75:a0:96:77:75:24:ee:76:a9:7a:
fc:48:ef:17:18:3d:77:8e:a6:3d:e9:af:5c:c7:42:
27:24:2c:ab:81:6e:7b:eb:41:f3:21:4c:50:44:d4:
6c:34:3a:dd:3e:1b:47:94:0c:8a:9b:a9:de:8d:58:
55:a7:7a:7b:39:39:ec:62:16:80:0a:74:84:23:89:
4a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D6:B9:62:C0:AE:B4:9E:60:93:96:BF:17:07:2C:A1:DA:72:3B:C1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:400::/38
Signature Algorithm: sha256WithRSAEncryption
bc:22:a1:7f:2c:59:33:26:56:93:2b:bf:2d:f4:d9:9a:77:58:
a2:5b:d2:80:06:91:35:87:05:19:34:96:4c:c9:e1:f0:fd:3b:
ea:20:29:0f:48:35:26:ea:0e:7c:c1:4a:64:20:e3:4e:e5:ec:
f9:6e:ac:15:1e:5f:8a:70:14:38:99:ed:c3:2f:70:01:1c:68:
8c:1c:e7:97:ee:ae:b4:9f:f3:2c:b4:8f:a9:14:d3:b1:e5:af:
84:af:92:ec:da:6b:2c:a1:19:c9:6d:0e:13:6a:34:3e:13:ec:
81:e6:78:c5:80:1f:54:1f:5c:b7:24:af:ea:95:d6:3c:41:0a:
24:d6:45:5f:75:4d:ca:c3:56:9f:2b:75:79:a7:93:76:9b:07:
1d:25:6a:7a:1d:05:e4:43:d1:9c:07:97:6c:a3:90:ae:73:f0:
82:6a:4e:54:1a:7f:2d:4e:0c:44:43:bb:b7:c8:db:ef:b4:c4:
a8:d9:04:fb:78:e0:32:80:6f:39:35:17:5a:09:71:40:08:18:
35:1b:b5:43:54:00:83:79:b0:58:39:74:6f:00:b9:90:57:2d:
64:cb:13:b6:36:dc:c6:ac:ef:aa:5d:5d:43:f3:14:54:d1:b0:
7e:12:71:83:8e:ad:b8:a2:ed:af:c7:f4:ad:a0:d9:35:83:54:
90:f6:82:bb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOsOe0muUI2267rv2op/4OfRJ5O0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQwMTRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0NTBlMDQ5YTkzNTU4MTEzNWNkNjNiOGFlZmJmNzJiOTk5ZjVkMTBlNGE0
N2NmNjQ3YmI1NWY0OWYwNWJiZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUKXF5O79JYCeCj/oAYJa+ezz9HtGdL3wvxGhb2eGrXwKGlrZQ9HoOmPD5d
Mt9r/O+5aL0u10cLf0Dq/CPH2q2hyHCZp0qyP0hbJ3qeAMY9DSm2mIaW/m9op/4P
tauX4daMn0s0lNTL36m0ZrLX3tlmrXNBl6n+xWCD9+Tuc8jsMOyJJJiuktemiiXG
MR2ZEaPuApNRvU4RyxCyHIrEyg38aSqiwFnKxMFz80cipEb1V/JGdShNWKt1oJZ3
dSTudql6/EjvFxg9d46mPemvXMdCJyQsq4Fue+tB8yFMUETUbDQ63T4bR5QMipup
3o1YVad6ezk57GIWgAp0hCOJSlcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ21rli
wK60nmCTlr8XByyh2nI7wTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTgyZTA5MWUtMjU5Zi00NGJkLWJiNjctYzVlMzZmYTY5NThiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwE
MA0GCSqGSIb3DQEBCwUAA4IBAQC8IqF/LFkzJlaTK78t9Nmad1iiW9KABpE1hwUZ
NJZMyeHw/TvqICkPSDUm6g58wUpkIONO5ez5bqwVHl+KcBQ4me3DL3ABHGiMHOeX
7q60n/MstI+pFNOx5a+Er5Ls2mssoRnJbQ4TajQ+E+yB5njFgB9UH1y3JK/qldY8
QQok1kVfdU3Kw1afK3V5p5N2mwcdJWp6HQXkQ9GcB5dso5Cuc/CCak5UGn8tTgxE
Q7u3yNvvtMSo2QT7eOAygG85NRdaCXFACBg1G7VDVACDebBYOXRvALmQVy1kyxO2
NtzGrO+qXV1D8xRU0bB+EnGDjq24ou2vx/StoNk1g1SQ9oK7
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:50 2025 by rpki-client