Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
File: 1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa (raw, json)
Hash identifier: PRJBvF03qGD71ncorC+tsE2p6ssthgJjI1GwnRMZyd8=
Subject key identifier: 59:2D:40:3C:4C:E6:94:9C:C5:BA:6D:41:A8:BF:6F:95:68:E1:81:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 42434C029D45930E52B959CEE7ADB10334DFDB50
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
Signing time: Fri 11 Jul 2025 20:30:22 +0000
ROA not before: Fri 11 Jul 2025 20:30:22 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:43:4c:02:9d:45:93:0e:52:b9:59:ce:e7:ad:b1:03:34:df:db:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:30:22 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=b6211bb5151d6bb7903952944ce838abc2f2bf5f3d2686f0e5403b86ff3f2409, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5d:2e:4d:b8:e2:40:14:d3:7b:71:7c:b8:53:
ac:3c:0b:00:49:ba:74:aa:96:c1:2a:fc:35:bc:f6:
d0:bd:6c:b3:10:36:5a:02:62:83:4e:16:74:b0:44:
c5:5b:4e:08:75:53:50:d0:79:1b:86:fd:e0:7e:1b:
0e:2a:31:cc:3c:35:86:67:bd:73:ed:84:41:9c:0e:
a5:1f:9f:2e:db:c1:eb:44:82:0a:65:6e:3b:49:17:
3b:8a:4f:17:9f:8e:39:46:c0:50:70:e9:4e:12:28:
9d:89:b0:58:5f:a6:e9:5a:2c:be:48:f9:ef:f7:a4:
8f:3c:a4:33:c7:13:4a:a1:50:0d:ff:11:d5:8b:e9:
fb:e3:c7:95:c6:81:f5:f6:25:22:c4:75:c7:24:80:
be:79:bd:ea:88:7f:9a:5b:9b:46:dc:94:20:92:6d:
02:46:9d:1c:ad:a1:44:a8:b4:00:81:03:7d:6a:1c:
6e:c1:b9:02:09:e7:f5:aa:26:65:fa:4a:9c:ee:bd:
24:58:ab:98:16:7d:fb:d7:64:46:61:fe:8b:4a:32:
72:1b:07:67:2c:25:67:30:77:61:4a:23:dc:60:a8:
67:71:73:51:d4:cc:e3:fc:d2:62:b4:ed:ad:17:66:
cf:fc:69:29:67:1d:bf:5e:25:19:14:e8:32:24:63:
f5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:2D:40:3C:4C:E6:94:9C:C5:BA:6D:41:A8:BF:6F:95:68:E1:81:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6000::/40
Signature Algorithm: sha256WithRSAEncryption
99:1b:48:86:7c:13:36:33:27:31:0a:75:85:5a:ce:26:c5:1b:
a5:ff:c6:71:e0:0f:11:8a:4f:5e:52:79:54:3e:d2:f8:85:a2:
b6:65:26:26:b4:d3:6e:ba:f7:88:5a:5d:17:64:15:23:22:95:
63:fb:23:fb:fa:34:7a:c6:5d:7a:9b:90:34:6b:4c:d2:32:59:
79:ee:cf:c7:7c:1b:24:0d:b8:40:b1:d4:bc:2f:0a:93:5f:aa:
f4:18:00:38:b8:b3:80:26:ac:04:11:02:e1:9a:2d:49:92:af:
6e:d4:2c:35:ae:e2:43:de:b6:e2:f1:bd:72:47:cc:5e:8e:a9:
d2:70:c9:42:82:ea:35:e6:56:1c:1b:88:77:d4:b9:09:d2:9c:
43:ee:67:00:a9:bf:a7:69:21:61:5e:b8:5a:48:11:dc:a6:c6:
a8:ca:82:0a:28:50:04:71:da:b1:13:3b:b3:c7:57:f2:d0:24:
11:93:ae:e8:31:7a:fe:73:81:b8:71:43:f3:f5:74:d3:2f:5d:
60:4d:77:24:4d:5b:7f:7b:43:40:37:39:9d:cb:a6:ac:b2:bb:
e7:32:03:32:56:17:77:1c:be:f6:a8:f8:8b:58:15:b1:58:48:
21:ed:63:50:d9:16:0a:c2:bf:77:a5:57:ea:99:14:f8:a6:bb:
c7:23:d5:b2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQkNMAp1Fkw5SuVnO562xAzTf21AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMwMjJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2MjExYmI1MTUxZDZiYjc5MDM5NTI5NDRjZTgzOGFiYzJmMmJmNWYzZDI2
ODZmMGU1NDAzYjg2ZmYzZjI0MDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxdLk244kAU03txfLhTrDwLAEm6dKqWwSr8Nbz20L1ssxA2WgJig04WdLBE
xVtOCHVTUNB5G4b94H4bDioxzDw1hme9c+2EQZwOpR+fLtvB60SCCmVuO0kXO4pP
F5+OOUbAUHDpThIonYmwWF+m6Vosvkj57/ekjzykM8cTSqFQDf8R1Yvp++PHlcaB
9fYlIsR1xySAvnm96oh/mlubRtyUIJJtAkadHK2hRKi0AIEDfWocbsG5Agnn9aom
ZfpKnO69JFirmBZ9+9dkRmH+i0oychsHZywlZzB3YUoj3GCoZ3FzUdTM4/zSYrTt
rRdmz/xpKWcdv14lGRToMiRj9QkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRZLUA8
TOaUnMW6bUGov2+VaOGBtzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWJhMmQwNjMtOTE1Yi00ZWY1LWIxYjgtMDBkNzNkYzhhMzFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRg
MA0GCSqGSIb3DQEBCwUAA4IBAQCZG0iGfBM2MycxCnWFWs4mxRul/8Zx4A8Rik9e
UnlUPtL4haK2ZSYmtNNuuveIWl0XZBUjIpVj+yP7+jR6xl16m5A0a0zSMll57s/H
fBskDbhAsdS8LwqTX6r0GAA4uLOAJqwEEQLhmi1Jkq9u1Cw1ruJD3rbi8b1yR8xe
jqnScMlCguo15lYcG4h31LkJ0pxD7mcAqb+naSFhXrhaSBHcpsaoyoIKKFAEcdqx
Ezuzx1fy0CQRk67oMXr+c4G4cUPz9XTTL11gTXckTVt/e0NANzmdy6assrvnMgMy
Vhd3HL72qPiLWBWxWEgh7WNQ2RYKwr93pVfqmRT4prvHI9Wy
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:34:56 2025 by rpki-client