Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
File: 1af8ee5d-0148-4672-a9da-a1980cfe4768.roa (raw, json)
Hash identifier: jt0KeVFJHqwQwjPQ/XykSvraS5iQdaLDnrIBjL/WW6w=
Subject key identifier: E9:96:83:5E:75:8C:30:86:88:0C:E9:E0:9D:4F:A9:EA:2B:72:B0:D1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 794793D148D43797B7D27D5EACEEE250FD63E832
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
Signing time: Fri 11 Jul 2025 19:21:35 +0000
ROA not before: Fri 11 Jul 2025 19:21:35 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:47:93:d1:48:d4:37:97:b7:d2:7d:5e:ac:ee:e2:50:fd:63:e8:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:21:35 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=048a9fdbb83150b163928088727193c7ca33e5501b556279d183bb4ece1f9bdb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f3:14:01:95:d2:31:8b:6b:4f:b6:96:de:57:
22:39:c8:7c:3c:9f:06:95:75:38:4f:71:af:4d:a0:
b7:c2:d7:c0:a3:da:dd:27:7a:b5:33:ad:ee:e3:1c:
de:70:92:0c:12:13:b5:cf:56:f7:be:71:a6:4b:1c:
31:44:59:2f:a2:62:bd:73:4f:bd:33:f6:90:fd:94:
43:d5:58:6e:9a:ea:fd:8c:2d:81:64:2a:cf:97:8b:
12:15:45:11:3d:ec:0f:18:e2:49:cf:b0:64:00:8f:
45:1f:da:ac:ec:69:3b:77:f8:a7:7e:48:2a:ad:39:
a3:25:cc:4a:3b:25:25:81:ab:a7:e1:36:c0:47:48:
ee:db:fc:0f:f0:c0:d8:cf:3d:ec:ca:59:04:d4:b0:
5b:df:d7:8a:4a:73:ad:f9:41:2f:75:8a:16:9d:1e:
14:dd:5b:e5:42:c2:85:e0:b1:40:07:cd:9d:e6:ee:
6a:64:6a:30:94:35:21:bf:c7:6e:c6:4b:df:3b:89:
fd:64:85:5e:52:ac:e6:4f:d2:38:43:22:af:f6:6c:
81:3d:a7:c8:95:3c:04:7e:a3:fb:19:24:69:2c:46:
2a:57:f6:8c:b1:4e:a7:2e:b7:00:1e:47:97:97:8f:
04:04:5e:24:90:a8:22:59:37:a3:8b:8d:ef:f6:cc:
ea:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:96:83:5E:75:8C:30:86:88:0C:E9:E0:9D:4F:A9:EA:2B:72:B0:D1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8080::/48
Signature Algorithm: sha256WithRSAEncryption
b6:22:78:fa:df:24:a4:6d:10:38:4d:04:16:46:8f:d6:3f:5c:
e0:61:49:95:34:2e:9c:c0:d1:d8:b0:05:c6:9e:5b:55:95:02:
5b:d4:44:09:15:a8:4d:6b:b1:74:d1:f5:0c:4f:40:f7:2a:d1:
5b:b9:07:ec:ca:17:27:cd:31:70:b1:05:f4:18:d2:69:b1:64:
a8:34:ce:c7:43:13:80:6a:80:d9:9a:5e:64:e4:74:b3:8f:6a:
81:53:ef:de:8d:82:3a:21:4a:f0:69:15:bf:10:b5:01:e3:c5:
90:ca:73:b7:c6:af:da:31:d2:a7:bc:89:41:24:aa:a8:ef:12:
cb:eb:7c:98:af:20:7a:a5:5f:62:f6:35:a8:f9:c0:cd:3f:15:
08:23:7c:00:8b:26:3e:cb:bf:57:29:3b:d4:ff:df:f9:29:5f:
da:86:1a:2d:24:08:33:10:db:84:02:29:d0:b4:f1:ce:e4:f9:
b0:e7:8b:91:d0:f7:90:f1:6a:0c:02:40:dd:1d:90:39:ef:99:
c3:3b:a9:66:7b:de:bd:4c:a8:ca:a9:b4:e7:27:58:46:4a:1e:
47:50:24:2b:bc:57:e8:4c:5d:e5:f8:d7:73:81:7e:a4:f8:18:
a3:70:80:12:22:62:3c:8b:87:05:f2:e4:39:b9:b1:fb:02:3d:
5d:95:9e:f7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeUeT0UjUN5e30n1erO7iUP1j6DIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIxMzVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0OGE5ZmRiYjgzMTUwYjE2MzkyODA4ODcyNzE5M2M3Y2EzM2U1NTAxYjU1
NjI3OWQxODNiYjRlY2UxZjliZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI7zFAGV0jGLa0+2lt5XIjnIfDyfBpV1OE9xr02gt8LXwKPa3Sd6tTOt7uMc
3nCSDBITtc9W975xpkscMURZL6JivXNPvTP2kP2UQ9VYbprq/YwtgWQqz5eLEhVF
ET3sDxjiSc+wZACPRR/arOxpO3f4p35IKq05oyXMSjslJYGrp+E2wEdI7tv8D/DA
2M897MpZBNSwW9/XikpzrflBL3WKFp0eFN1b5ULCheCxQAfNnebuamRqMJQ1Ib/H
bsZL3zuJ/WSFXlKs5k/SOEMir/ZsgT2nyJU8BH6j+xkkaSxGKlf2jLFOpy63AB5H
l5ePBAReJJCoIlk3o4uN7/bM6g0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTploNe
dYwwhogM6eCdT6nqK3Kw0TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWFmOGVlNWQtMDE0OC00NjcyLWE5ZGEtYTE5ODBjZmU0NzY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
gDANBgkqhkiG9w0BAQsFAAOCAQEAtiJ4+t8kpG0QOE0EFkaP1j9c4GFJlTQunMDR
2LAFxp5bVZUCW9RECRWoTWuxdNH1DE9A9yrRW7kH7MoXJ80xcLEF9BjSabFkqDTO
x0MTgGqA2ZpeZOR0s49qgVPv3o2COiFK8GkVvxC1AePFkMpzt8av2jHSp7yJQSSq
qO8Sy+t8mK8geqVfYvY1qPnAzT8VCCN8AIsmPsu/Vyk71P/f+Slf2oYaLSQIMxDb
hAIp0LTxzuT5sOeLkdD3kPFqDAJA3R2QOe+ZwzupZnvevUyoyqm05ydYRkoeR1Ak
K7xX6Exd5fjXc4F+pPgYo3CAEiJiPIuHBfLkObmx+wI9XZWe9w==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:43 2025 by rpki-client