Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
File: 183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa (raw, json)
Hash identifier: mHdece5IiovRLam2FfnOmEA028FS2b/qoscG+t8AXO4=
Subject key identifier: D7:45:F2:02:6D:CE:84:D6:A9:D1:1E:F9:A9:11:5C:D3:FD:F3:5C:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0AE75D09A48DF1CCFA645DF89943C6F01E2CC50A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
Signing time: Fri 11 Jul 2025 20:31:37 +0000
ROA not before: Fri 11 Jul 2025 20:31:37 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:e7:5d:09:a4:8d:f1:cc:fa:64:5d:f8:99:43:c6:f0:1e:2c:c5:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:31:37 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=3cd8481ff4790f78c45caf14f9fe894fcf4605c6392508a4ba580876736e9444, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:79:0f:40:72:fc:fb:1b:a9:15:df:8b:0f:ef:
b2:bc:ba:7b:fc:63:68:ec:36:8d:26:6f:55:05:5f:
58:fa:39:b1:04:13:08:e5:75:e3:51:11:c1:b6:08:
99:70:ae:29:41:ef:08:12:c5:5f:c7:96:ec:bb:b1:
6e:27:1c:9a:ee:e2:3e:81:38:92:63:b0:0a:0e:5d:
74:7f:38:b5:0c:e5:ce:49:e6:cf:8d:d3:6d:e5:de:
1d:1f:7c:b0:9f:e9:0c:6d:68:a3:4d:df:5c:0e:44:
4c:04:51:46:e3:a8:73:09:ec:7a:66:e5:b3:9a:b1:
e6:16:0a:c8:f5:e4:f2:23:20:36:d5:08:e3:98:17:
8c:aa:26:7c:58:25:b1:00:2c:b5:d9:6d:7d:6b:a9:
7f:11:b6:fd:27:d6:dc:9e:2f:82:6f:61:c1:73:fc:
8f:2b:14:1c:34:52:e0:a5:6b:b7:6f:26:47:8d:27:
94:ea:01:b6:ea:d9:81:a3:47:0c:2d:cf:94:04:61:
a9:5d:12:41:a5:70:49:ca:10:58:c5:20:87:0d:cf:
a8:2f:0b:fb:58:a8:0c:d4:ba:33:91:fa:d1:bf:60:
94:16:09:57:44:f9:be:58:e5:1f:a5:e9:19:5d:1d:
c0:1e:08:a2:8d:f9:90:ec:3f:44:8b:40:b6:71:ac:
ca:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:45:F2:02:6D:CE:84:D6:A9:D1:1E:F9:A9:11:5C:D3:FD:F3:5C:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:1000::/40
Signature Algorithm: sha256WithRSAEncryption
4d:e6:74:a9:2e:5f:eb:2a:fc:9e:67:2b:eb:91:31:b8:7e:b7:
29:9a:f2:11:63:10:8d:8e:39:ea:a7:cd:f7:1c:0b:c1:7a:2f:
33:83:f3:bd:27:ed:01:3e:b3:16:8d:76:f3:4f:a1:6d:ab:17:
90:66:70:f8:5c:24:60:03:25:18:36:e1:79:15:a7:7f:f2:82:
63:51:a8:b5:2a:39:89:cd:ca:90:53:32:b3:f2:12:a7:17:f4:
a6:a2:ee:bf:ba:7f:b2:97:2d:97:38:d6:0c:a5:18:f8:97:bb:
1c:ba:55:f8:ad:a6:aa:dd:7e:22:64:fe:0e:69:ce:13:8d:9d:
7d:3c:3d:c3:f1:47:e1:08:67:24:94:45:88:67:f9:76:9f:8b:
3c:dc:61:61:3d:e0:89:ad:8b:88:7b:46:84:bd:78:3e:0a:eb:
e9:5b:2e:d4:eb:5b:c7:9b:d0:e0:e8:ec:47:21:63:e7:38:46:
83:af:fd:6a:85:7e:c1:b7:88:6a:05:6f:70:58:86:96:22:2f:
41:2d:b8:c1:ce:3a:4a:2d:ee:2f:7c:71:80:54:f0:02:9b:df:
8c:62:ad:db:0a:25:32:41:71:75:e8:38:7b:44:4e:35:2b:00:
e3:b9:16:a4:af:78:b3:01:32:06:72:1e:cf:b0:65:40:32:26:
ef:96:25:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCuddCaSN8cz6ZF34mUPG8B4sxQowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMxMzdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjZDg0ODFmZjQ3OTBmNzhjNDVjYWYxNGY5ZmU4OTRmY2Y0NjA1YzYzOTI1
MDhhNGJhNTgwODc2NzM2ZTk0NDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKR5D0By/PsbqRXfiw/vsry6e/xjaOw2jSZvVQVfWPo5sQQTCOV141ERwbYI
mXCuKUHvCBLFX8eW7Luxbiccmu7iPoE4kmOwCg5ddH84tQzlzknmz43TbeXeHR98
sJ/pDG1oo03fXA5ETARRRuOocwnsembls5qx5hYKyPXk8iMgNtUI45gXjKomfFgl
sQAstdltfWupfxG2/SfW3J4vgm9hwXP8jysUHDRS4KVrt28mR40nlOoBturZgaNH
DC3PlARhqV0SQaVwScoQWMUghw3PqC8L+1ioDNS6M5H60b9glBYJV0T5vljlH6Xp
GV0dwB4Ioo35kOw/RItAtnGsynECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTXRfIC
bc6E1qnRHvmpEVzT/fNcazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTgzZWI1ODMtM2ZiMy00YzNhLWJhZGItOWZlMGE0ZTUwZmQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBN5nSpLl/rKvyeZyvrkTG4frcpmvIRYxCNjjnq
p833HAvBei8zg/O9J+0BPrMWjXbzT6FtqxeQZnD4XCRgAyUYNuF5Fad/8oJjUai1
KjmJzcqQUzKz8hKnF/Smou6/un+yly2XONYMpRj4l7sculX4raaq3X4iZP4Oac4T
jZ19PD3D8UfhCGcklEWIZ/l2n4s83GFhPeCJrYuIe0aEvXg+CuvpWy7U61vHm9Dg
6OxHIWPnOEaDr/1qhX7Bt4hqBW9wWIaWIi9BLbjBzjpKLe4vfHGAVPACm9+MYq3b
CiUyQXF16Dh7RE41KwDjuRakr3izATIGch7PsGVAMibvliVU
-----END CERTIFICATE-----
Generated at Thu Jul 24 13:02:02 2025 by rpki-client