Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa
File: 1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa (raw, json)
Hash identifier: ct3rUyqfG8sc5NxT2mwC/Zah25R4jOBmd6ib40Nkql8=
Subject key identifier: 88:19:46:5E:B5:E8:9C:88:40:A9:31:51:E9:DC:C4:FA:0D:64:70:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68A3C46FE4E274EF8C3F3C80942DA858C3CB32D0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa
Signing time: Fri 11 Jul 2025 19:20:16 +0000
ROA not before: Fri 11 Jul 2025 19:20:16 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:a3:c4:6f:e4:e2:74:ef:8c:3f:3c:80:94:2d:a8:58:c3:cb:32:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:20:16 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=cc91e7d5182235945e2d99378d85faef5457fcf261500a81de4c3a5b4c5383fb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f4:9e:54:09:b9:31:d9:53:c9:39:4a:8e:a8:
3e:9a:64:29:77:6a:1d:2d:7b:43:fc:dd:76:4d:f4:
c6:1a:85:fe:d2:41:d1:47:69:b3:a5:1d:32:b3:d0:
59:6e:bd:f5:6f:d1:52:31:06:f0:6c:bd:e5:75:1c:
2c:15:20:51:ce:1c:a0:e5:da:cb:8c:f3:d8:e9:2f:
0b:f3:91:79:a8:d3:ea:4b:c4:34:c3:e6:6f:8f:8e:
de:46:3b:19:19:14:66:e5:04:ed:3f:73:b8:ec:66:
73:bd:3d:e1:3b:b0:30:46:8a:c8:19:ce:05:e6:9b:
25:15:d8:0c:83:df:dd:2f:cd:b2:0c:0c:76:5b:ff:
b8:d9:97:ec:21:41:92:0a:76:d4:bd:d5:90:af:ed:
cf:88:ab:37:69:c3:f0:bc:46:c5:ce:21:f1:34:24:
84:e4:8a:ee:63:72:f9:e8:b6:61:2a:34:ef:90:36:
b0:31:6a:f2:e5:3e:9c:da:c8:90:f6:0c:30:f2:61:
68:43:d3:8e:db:cd:ac:a3:67:86:aa:91:4d:ab:5f:
1c:09:5a:59:7c:fe:d7:e7:91:ca:a1:81:13:60:0b:
22:d9:e0:c2:a7:4e:ee:56:b7:d2:b8:07:7d:43:a0:
8f:ec:2e:9e:49:5f:63:b1:e9:1f:52:c3:e5:70:da:
0b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:19:46:5E:B5:E8:9C:88:40:A9:31:51:E9:DC:C4:FA:0D:64:70:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8080::/48
Signature Algorithm: sha256WithRSAEncryption
60:77:9f:2a:4c:ed:41:60:be:e1:a2:67:16:e2:c2:70:02:e8:
ce:ed:72:9a:f5:00:8d:ea:50:7c:00:59:29:17:48:d8:c1:32:
28:f3:0f:fa:d7:88:29:f5:1d:7f:82:65:cb:84:ff:a9:e8:a2:
5c:d0:53:96:af:53:25:ea:c7:ca:90:5f:6e:93:cf:16:12:d0:
76:91:f3:1b:10:17:72:80:50:13:68:1f:68:19:5d:4c:7d:39:
fc:92:ba:ad:d4:de:62:e8:ab:64:24:1b:08:67:89:70:97:79:
5c:6a:69:64:86:5a:39:8a:a6:81:cf:2b:7f:ae:4a:6e:4c:7b:
8a:21:90:d0:e5:a9:31:ff:57:b9:cb:3f:e2:06:6a:6b:1d:6a:
9f:5b:ce:7a:c0:d1:a3:32:15:c4:40:3d:71:98:52:6f:88:fd:
57:9a:ba:ae:91:93:d8:6f:0f:b1:43:56:fa:5f:a2:19:8d:8a:
8d:8b:ff:69:08:25:23:a6:e0:8d:be:ed:99:71:f9:04:fd:01:
f7:7f:de:eb:57:bf:7e:93:1e:b9:1d:6c:e7:ae:c5:7a:4a:00:
5f:f0:2e:d4:53:3c:0a:07:ac:d9:5b:3c:c1:b6:fd:fe:43:b1:
4b:55:19:f3:6f:00:81:72:ea:50:2b:2f:b6:c0:60:0d:45:92:
b3:1c:d2:ac
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaKPEb+TidO+MPzyAlC2oWMPLMtAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIwMTZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjOTFlN2Q1MTgyMjM1OTQ1ZTJkOTkzNzhkODVmYWVmNTQ1N2ZjZjI2MTUw
MGE4MWRlNGMzYTViNGM1MzgzZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKD0nlQJuTHZU8k5So6oPppkKXdqHS17Q/zddk30xhqF/tJB0Udps6UdMrPQ
WW699W/RUjEG8Gy95XUcLBUgUc4coOXay4zz2OkvC/OReajT6kvENMPmb4+O3kY7
GRkUZuUE7T9zuOxmc7094TuwMEaKyBnOBeabJRXYDIPf3S/NsgwMdlv/uNmX7CFB
kgp21L3VkK/tz4irN2nD8LxGxc4h8TQkhOSK7mNy+ei2YSo075A2sDFq8uU+nNrI
kPYMMPJhaEPTjtvNrKNnhqqRTatfHAlaWXz+1+eRyqGBE2ALItngwqdO7la30rgH
fUOgj+wunklfY7HpH1LD5XDaCyUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSIGUZe
teiciECpMVHp3MT6DWRwrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4ZDllMTQtY2ZhOS00NDAwLWFmYTgtYjhjMGQ5ZWVlNGU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
gDANBgkqhkiG9w0BAQsFAAOCAQEAYHefKkztQWC+4aJnFuLCcALozu1ymvUAjepQ
fABZKRdI2MEyKPMP+teIKfUdf4Jly4T/qeiiXNBTlq9TJerHypBfbpPPFhLQdpHz
GxAXcoBQE2gfaBldTH05/JK6rdTeYuirZCQbCGeJcJd5XGppZIZaOYqmgc8rf65K
bkx7iiGQ0OWpMf9Xucs/4gZqax1qn1vOesDRozIVxEA9cZhSb4j9V5q6rpGT2G8P
sUNW+l+iGY2KjYv/aQglI6bgjb7tmXH5BP0B93/e61e/fpMeuR1s567FekoAX/Au
1FM8Cges2Vs8wbb9/kOxS1UZ828AgXLqUCsvtsBgDUWSsxzSrA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:32:10 2025 by rpki-client