Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
File: 1aa38486-cd53-4f48-891d-a0191edf04a1.roa (raw, json)
Hash identifier: Lp7NJ0F3eqLgtehCBBUWeF28emPKRTlAz8z6TT3Tg4w=
Subject key identifier: 42:A0:27:04:05:CE:AE:24:A0:1F:FC:8D:BF:B5:EE:90:D8:1E:BA:42
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B7AE9BC2C57DE8A14D5588113674532DBEFFE5B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
Signing time: Fri 11 Jul 2025 19:00:57 +0000
ROA not before: Fri 11 Jul 2025 19:00:57 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:7a:e9:bc:2c:57:de:8a:14:d5:58:81:13:67:45:32:db:ef:fe:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:00:57 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=1e017d5ba46c79eed87bbd3f3ee143bf99c6db811757ce0154e4e965a2dff68f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:96:a8:cc:41:19:d8:cc:51:55:7a:35:d6:65:
ed:20:1a:5d:63:62:80:8f:23:22:25:1b:c9:06:6b:
cf:79:63:53:ab:44:46:0e:b3:e3:34:51:7e:01:dd:
d4:0a:92:fc:d7:6b:19:06:47:53:db:bc:a4:44:b0:
0c:1d:03:03:cb:0b:c7:5b:8c:a9:f5:05:75:eb:e0:
f3:0c:b6:6e:ed:30:01:fe:54:13:b7:45:f5:4a:f1:
f6:b4:f0:fa:28:59:25:3a:60:2c:6b:26:59:e3:71:
fd:51:40:df:fc:e0:a6:82:cc:2a:9b:51:54:be:c2:
1f:ca:89:b9:a9:5e:46:76:b1:b0:84:1d:83:78:10:
2d:0e:a0:cd:47:68:a5:44:75:10:c3:01:df:21:8e:
d9:4a:d3:43:d3:ca:fa:0a:46:5f:00:eb:d3:89:75:
7b:bd:bf:28:9d:e4:7f:a8:aa:04:c8:6b:64:80:18:
26:c5:16:41:e8:25:27:e5:36:75:f6:70:50:b8:6a:
66:9d:29:fa:d3:22:4f:18:0a:51:bc:df:44:ad:4d:
28:15:31:14:b4:7f:7a:da:23:70:96:89:11:e9:1a:
58:d3:df:54:9f:1d:f2:d3:a2:5f:5f:49:b7:a2:11:
84:32:a1:6c:de:53:ba:c8:b2:33:d2:6d:42:f8:b3:
f0:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A0:27:04:05:CE:AE:24:A0:1F:FC:8D:BF:B5:EE:90:D8:1E:BA:42
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
ca:54:04:91:ce:9e:2a:8f:13:d7:e9:8f:94:e0:7a:66:dd:51:
c3:54:20:47:d6:33:ab:d2:00:87:76:70:63:aa:e4:23:1b:8c:
6c:9a:bd:30:d4:d1:00:f9:0d:dc:94:a7:84:5d:e7:b7:84:76:
1d:75:93:a7:2d:19:f9:f9:ac:76:94:69:4d:01:de:5e:25:e9:
51:99:08:11:a5:52:71:b1:f0:37:59:05:ad:ce:98:f9:d9:9b:
33:ab:c4:3f:df:a7:f0:1a:95:f4:3e:f9:28:ce:ec:58:33:cd:
d7:58:3f:16:6a:0c:dc:83:60:52:e4:e7:f0:b2:6d:44:4a:f4:
80:4f:02:c7:2e:5e:52:87:a0:91:6c:16:47:09:5c:95:fd:19:
56:7e:e2:5c:d9:30:13:45:97:37:e9:de:6b:03:40:64:6f:cf:
9b:f7:59:3a:64:8c:e2:56:d4:3f:97:42:bd:81:87:24:58:41:
9e:e1:5f:8e:5c:61:4b:48:9a:f1:a5:bd:7e:a9:ee:9d:36:2e:
c0:ae:28:28:90:2f:f0:35:6a:46:0a:4b:da:4d:ff:fd:0e:3c:
36:9d:b8:c4:43:c3:e5:d8:3b:9a:ab:1c:1c:35:e0:45:01:87:
d0:bc:a9:6d:f0:e8:58:9b:fd:f8:7b:39:de:d7:3a:b6:50:6c:
bc:a3:f6:a5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe3rpvCxX3ooU1ViBE2dFMtvv/lswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTAwNTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlMDE3ZDViYTQ2Yzc5ZWVkODdiYmQzZjNlZTE0M2JmOTljNmRiODExNzU3
Y2UwMTU0ZTRlOTY1YTJkZmY2OGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6WqMxBGdjMUVV6NdZl7SAaXWNigI8jIiUbyQZrz3ljU6tERg6z4zRRfgHd
1AqS/NdrGQZHU9u8pESwDB0DA8sLx1uMqfUFdevg8wy2bu0wAf5UE7dF9Urx9rTw
+ihZJTpgLGsmWeNx/VFA3/zgpoLMKptRVL7CH8qJualeRnaxsIQdg3gQLQ6gzUdo
pUR1EMMB3yGO2UrTQ9PK+gpGXwDr04l1e72/KJ3kf6iqBMhrZIAYJsUWQeglJ+U2
dfZwULhqZp0p+tMiTxgKUbzfRK1NKBUxFLR/etojcJaJEekaWNPfVJ8d8tOiX19J
t6IRhDKhbN5TusiyM9JtQviz8DECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRCoCcE
Bc6uJKAf/I2/te6Q2B66QjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWFhMzg0ODYtY2Q1My00ZjQ4LTg5MWQtYTAxOTFlZGYwNGExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAylQEkc6eKo8T1+mPlOB6Zt1Rw1QgR9Yzq9IA
h3ZwY6rkIxuMbJq9MNTRAPkN3JSnhF3nt4R2HXWTpy0Z+fmsdpRpTQHeXiXpUZkI
EaVScbHwN1kFrc6Y+dmbM6vEP9+n8BqV9D75KM7sWDPN11g/FmoM3INgUuTn8LJt
REr0gE8Cxy5eUoegkWwWRwlclf0ZVn7iXNkwE0WXN+neawNAZG/Pm/dZOmSM4lbU
P5dCvYGHJFhBnuFfjlxhS0ia8aW9fqnunTYuwK4oKJAv8DVqRgpL2k3//Q48Np24
xEPD5dg7mqscHDXgRQGH0LypbfDoWJv9+Hs53tc6tlBsvKP2pQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:17 2025 by rpki-client