Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/191b6a6c-2595-4848-a6b3-22a230649f67.roa
File: 191b6a6c-2595-4848-a6b3-22a230649f67.roa (raw, json)
Hash identifier: 0NvxpjdmNhtZapUFf5THH6PA4wTeiDTd0JtddREM0HA=
Subject key identifier: DC:FD:83:EB:B6:6F:B7:EA:37:5D:7D:C0:5B:5D:23:C5:A2:53:B7:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 123F36046E1DEA14C6C876F95D2C72B8B2FBFDCA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/191b6a6c-2595-4848-a6b3-22a230649f67.roa
Signing time: Fri 11 Jul 2025 19:50:10 +0000
ROA not before: Fri 11 Jul 2025 19:50:10 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:5040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:3f:36:04:6e:1d:ea:14:c6:c8:76:f9:5d:2c:72:b8:b2:fb:fd:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:50:10 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=c5acffd013233f41990c53bf1ea88546639f75a01d0b6d14f2af83c5107b378c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:eb:1a:36:1c:2b:ff:3f:27:fa:26:f6:b7:b5:
c4:95:d6:97:af:0b:74:e7:e1:21:b3:af:2f:3f:86:
2b:b0:8c:93:79:22:71:49:ae:5b:00:cc:1e:8c:76:
2f:17:77:7c:b6:a3:2e:13:5c:db:60:cc:b7:bf:f3:
ff:ed:c9:91:fd:b8:23:8a:ae:e4:12:8c:62:32:14:
6b:45:d9:33:a5:71:f2:0f:97:69:e9:72:17:70:f4:
d9:fd:62:43:44:53:c2:8b:ae:e5:97:45:d1:01:6c:
4b:82:69:79:9e:66:94:b4:01:79:5e:5c:ef:66:c3:
a5:b3:29:4f:92:b3:2d:4f:ee:fc:09:c6:a4:25:ef:
81:e3:26:15:0a:d1:d2:06:12:3b:31:fd:08:9e:19:
32:00:c7:ca:bf:f2:de:fe:15:d3:3a:47:aa:4b:7b:
92:a4:01:53:43:c2:ee:bb:cf:81:5f:e9:ef:02:b1:
ba:ed:eb:78:be:80:89:cb:03:15:48:d3:1b:0f:3d:
39:cc:73:52:ab:39:6a:74:1f:17:65:28:9c:4a:e5:
3f:f1:f6:33:36:ad:2f:35:63:b9:a7:f8:6b:8e:44:
fc:af:6b:50:49:01:f4:71:5e:97:2f:9e:ec:05:e3:
5b:ab:f1:8f:e8:02:4e:dd:8e:2e:02:0f:9c:a3:27:
80:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:FD:83:EB:B6:6F:B7:EA:37:5D:7D:C0:5B:5D:23:C5:A2:53:B7:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/191b6a6c-2595-4848-a6b3-22a230649f67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:5040::/46
Signature Algorithm: sha256WithRSAEncryption
a6:63:04:07:c6:b0:70:09:d5:3e:d8:2e:c5:28:06:95:8d:0b:
25:fb:98:4c:3b:a5:a2:96:e9:3b:fb:75:34:c4:5d:66:ef:43:
58:2e:74:f2:89:11:2e:a6:95:82:7c:0c:17:b0:26:9e:51:c4:
69:61:98:f3:9f:f8:75:58:4b:01:06:da:4b:2f:4c:c5:dc:23:
bb:13:d1:46:8e:4c:c9:82:73:21:1c:df:d0:59:fe:c2:86:ef:
5a:47:7a:e2:30:55:a0:ee:67:4e:2c:37:b8:8a:37:61:cc:a5:
08:60:a3:14:7a:dc:9f:f1:10:b7:68:3c:18:f1:33:14:c5:09:
24:0f:9b:52:b7:96:c7:d5:b4:f9:1a:7f:e6:4d:ef:85:34:30:
0c:a3:32:94:86:16:ae:3b:ad:c5:5a:59:73:2a:c2:ec:a9:b6:
90:c7:3b:b6:b3:e9:4c:1b:60:fa:9c:07:98:de:69:08:9a:c4:
47:d9:9d:e5:66:36:de:31:17:c4:db:c9:b0:32:6d:57:68:d6:
1f:b7:9f:93:3e:db:f7:93:4d:77:8c:b1:fe:64:3c:0c:b8:a7:
ee:fa:4e:b8:cc:84:31:70:59:80:76:8e:b5:2a:bf:18:36:32:
21:28:ff:04:04:25:00:23:57:51:53:13:a2:4c:b8:a8:3c:8d:
31:05:7d:b3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEj82BG4d6hTGyHb5XSxyuLL7/cowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUwMTBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1YWNmZmQwMTMyMzNmNDE5OTBjNTNiZjFlYTg4NTQ2NjM5Zjc1YTAxZDBi
NmQxNGYyYWY4M2M1MTA3YjM3OGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPDrGjYcK/8/J/om9re1xJXWl68LdOfhIbOvLz+GK7CMk3kicUmuWwDMHox2
Lxd3fLajLhNc22DMt7/z/+3Jkf24I4qu5BKMYjIUa0XZM6Vx8g+XaelyF3D02f1i
Q0RTwouu5ZdF0QFsS4JpeZ5mlLQBeV5c72bDpbMpT5KzLU/u/AnGpCXvgeMmFQrR
0gYSOzH9CJ4ZMgDHyr/y3v4V0zpHqkt7kqQBU0PC7rvPgV/p7wKxuu3reL6AicsD
FUjTGw89OcxzUqs5anQfF2UonErlP/H2MzatLzVjuaf4a45E/K9rUEkB9HFely+e
7AXjW6vxj+gCTt2OLgIPnKMngCMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTc/YPr
tm+36jddfcBbXSPFolO3hDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTkxYjZhNmMtMjU5NS00ODQ4LWE2YjMtMjJhMjMwNjQ5ZjY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HdQ
QDANBgkqhkiG9w0BAQsFAAOCAQEApmMEB8awcAnVPtguxSgGlY0LJfuYTDulopbp
O/t1NMRdZu9DWC508okRLqaVgnwMF7AmnlHEaWGY85/4dVhLAQbaSy9MxdwjuxPR
Ro5MyYJzIRzf0Fn+wobvWkd64jBVoO5nTiw3uIo3YcylCGCjFHrcn/EQt2g8GPEz
FMUJJA+bUreWx9W0+Rp/5k3vhTQwDKMylIYWrjutxVpZcyrC7Km2kMc7trPpTBtg
+pwHmN5pCJrER9md5WY23jEXxNvJsDJtV2jWH7efkz7b95NNd4yx/mQ8DLin7vpO
uMyEMXBZgHaOtSq/GDYyISj/BAQlACNXUVMToky4qDyNMQV9sw==
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:45:03 2025 by rpki-client