Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
File: 1a961f3a-fb71-4357-a4fc-28c4024b0441.roa (raw, json)
Hash identifier: 8LotoGereX9L6/CrmHWNt2N/Bz0IzJJO/Z8sNaQmGpQ=
Subject key identifier: 55:C4:8D:4D:48:87:D7:1A:4F:41:DA:AF:3A:07:17:48:83:86:06:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D9ED6FBB70A9C3E7D8FB39F43B43B883CA3EC7E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
Signing time: Mon 21 Jul 2025 17:00:07 +0000
ROA not before: Mon 21 Jul 2025 17:00:07 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000::/25 maxlen: 25
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:9e:d6:fb:b7:0a:9c:3e:7d:8f:b3:9f:43:b4:3b:88:3c:a3:ec:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 17:00:07 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=08a82438bf348a18bb703395380ca29477f4baf25514b6f44ea5c55a2f19eccd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3a:81:68:30:84:cd:13:c3:ff:8e:49:b7:d1:
04:16:90:81:a6:f3:21:08:dc:70:1e:e5:58:60:f2:
d5:a9:2c:21:9d:8d:50:c1:55:10:a6:a5:28:fe:54:
88:e2:a3:e3:82:dd:d2:fe:19:9c:75:db:6a:47:ca:
9c:98:3f:22:6e:0c:87:09:1e:c5:74:dd:21:f2:7e:
45:f7:af:6a:89:0d:70:8c:be:8c:b2:d7:03:9f:71:
d7:5b:7a:07:85:1d:48:2c:26:5e:11:82:85:6f:61:
e2:a9:6e:c8:5a:10:19:7b:12:48:0b:a0:2c:6c:51:
55:85:af:be:fb:18:bb:50:5d:bd:a8:7f:b9:1e:8b:
b8:d0:55:f4:f8:41:09:8a:5b:0b:28:e2:8c:cc:89:
68:c3:73:c4:a7:9c:ee:1e:5c:d6:be:9a:ba:c6:7d:
95:7b:04:51:a0:46:ec:e7:a2:5c:01:73:68:96:3a:
f4:28:cd:e3:83:d6:b8:51:27:11:55:6b:bf:ad:65:
ee:19:11:41:92:27:a2:2a:d7:af:62:a5:79:a6:ac:
05:2a:dc:ee:b6:40:5b:25:cc:c5:83:f4:f8:16:1b:
51:71:d4:39:0c:15:9b:fe:4c:8b:ba:3c:0e:c7:64:
23:fd:ba:42:9c:1e:19:78:bc:da:17:c3:11:b7:a6:
ff:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:C4:8D:4D:48:87:D7:1A:4F:41:DA:AF:3A:07:17:48:83:86:06:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000::/25
Signature Algorithm: sha256WithRSAEncryption
23:7b:0c:75:f2:ea:9d:ee:ad:ab:8a:cb:ec:06:0d:5d:dc:bd:
c6:cd:92:2e:ed:35:2b:2a:e9:d2:be:12:77:ef:d5:8f:7b:eb:
ca:20:b4:a1:ab:06:e1:db:14:ed:00:77:e9:77:21:ec:af:c8:
54:ce:0f:b1:27:e5:82:65:1b:86:43:52:50:54:40:40:2a:04:
1d:e4:b9:c0:4d:d4:06:ef:5b:d1:f2:4e:5b:f8:63:d7:12:6e:
ce:6e:6a:89:78:bd:69:9f:d9:6a:6f:73:3b:9c:82:7e:39:57:
82:2f:a7:b1:dc:53:ab:11:92:fa:cb:6a:26:b2:2c:c7:30:9d:
a3:2d:b0:1f:08:c5:c0:aa:1b:6a:29:60:29:20:bd:99:ef:1a:
91:84:23:61:b8:c5:3b:8f:78:be:91:51:3d:d2:9f:15:1b:f2:
47:d4:13:99:d7:01:d7:bf:ca:db:42:ef:20:59:ce:fa:bd:2c:
0f:f1:56:7e:4d:44:d4:55:9a:93:59:85:c4:8b:45:92:0b:a8:
93:54:95:75:fb:35:60:09:7b:77:de:e5:8d:71:f0:eb:f2:06:
d4:00:19:40:c4:97:87:30:c5:d5:08:1b:7e:70:ff:e4:3d:9b:
7b:34:28:6c:db:a1:61:77:e5:73:8b:6d:05:aa:83:aa:84:3e:
46:c0:5d:10
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUPZ7W+7cKnD59j7OfQ7Q7iDyj7H4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNzAwMDdaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4YTgyNDM4YmYzNDhhMThiYjcwMzM5NTM4MGNhMjk0NzdmNGJhZjI1NTE0
YjZmNDRlYTVjNTVhMmYxOWVjY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALc6gWgwhM0Tw/+OSbfRBBaQgabzIQjccB7lWGDy1aksIZ2NUMFVEKalKP5U
iOKj44Ld0v4ZnHXbakfKnJg/Im4MhwkexXTdIfJ+RfevaokNcIy+jLLXA59x11t6
B4UdSCwmXhGChW9h4qluyFoQGXsSSAugLGxRVYWvvvsYu1Bdvah/uR6LuNBV9PhB
CYpbCyjijMyJaMNzxKec7h5c1r6ausZ9lXsEUaBG7OeiXAFzaJY69CjN44PWuFEn
EVVrv61l7hkRQZInoirXr2KleaasBSrc7rZAWyXMxYP0+BYbUXHUOQwVm/5Mi7o8
DsdkI/26QpweGXi82hfDEbem/zkCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRVxI1N
SIfXGk9B2q86BxdIg4YGjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE5NjFmM2EtZmI3MS00MzU3LWE0ZmMtMjhjNDAyNGIwNDQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFByoF0AAw
DQYJKoZIhvcNAQELBQADggEBACN7DHXy6p3urauKy+wGDV3cvcbNki7tNSsq6dK+
Enfv1Y9768ogtKGrBuHbFO0Ad+l3IeyvyFTOD7En5YJlG4ZDUlBUQEAqBB3kucBN
1AbvW9HyTlv4Y9cSbs5uaol4vWmf2Wpvczucgn45V4Ivp7HcU6sRkvrLaiayLMcw
naMtsB8IxcCqG2opYCkgvZnvGpGEI2G4xTuPeL6RUT3SnxUb8kfUE5nXAde/yttC
7yBZzvq9LA/xVn5NRNRVmpNZhcSLRZILqJNUlXX7NWAJe3fe5Y1x8OvyBtQAGUDE
l4cwxdUIG35w/+Q9m3s0KGzboWF35XOLbQWqg6qEPkbAXRA=
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:41:28 2025 by rpki-client