Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
File: 1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa (raw, json)
Hash identifier: NzSDOSLyRbVSLxuwMo8+THmuMOiogGTqPreDU0KVXj4=
Subject key identifier: 04:BD:23:B5:31:6C:A5:9A:8D:CD:99:39:35:AC:48:18:04:6D:DA:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 40EEFFC526FC70F203F2E22615D0C60C2E9E11E1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
Signing time: Fri 11 Jul 2025 19:10:17 +0000
ROA not before: Fri 11 Jul 2025 19:10:17 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:ee:ff:c5:26:fc:70:f2:03:f2:e2:26:15:d0:c6:0c:2e:9e:11:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:10:17 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=b93c10b9e7f219856bf22798598c6cbcce6e31195be9080b7d45cd2715dd9e48, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1b:4c:69:97:e5:59:3a:0c:8c:d9:19:a4:ff:
03:00:20:0f:76:6a:a3:f2:37:1b:3b:fd:41:b3:bf:
f2:7c:e7:c4:dd:73:5f:ca:50:13:61:75:0c:67:02:
27:7b:43:f8:5b:22:7a:07:ba:36:42:8c:45:95:2d:
c9:e0:96:10:b1:e9:c4:f5:66:ed:a3:b6:7b:6a:9d:
00:00:70:72:24:cd:69:c7:be:1f:53:0c:60:ea:61:
67:4b:31:c5:03:fa:72:24:a5:67:d6:03:e9:aa:cb:
c4:f0:cc:3a:2d:a7:63:e5:bc:d4:15:f6:b7:2d:bb:
4f:5f:db:fd:4e:2c:f5:b4:ba:15:12:ac:06:76:38:
ca:4b:51:f1:4c:f9:46:b4:34:c4:3d:f9:89:b8:e7:
bd:ea:67:11:c8:21:d3:fa:95:b8:96:52:67:e0:f7:
17:2c:34:d0:44:fd:d9:29:ab:f1:de:d1:08:99:e8:
35:82:92:55:44:8f:ae:73:eb:ae:af:99:ab:79:65:
4f:02:3c:f7:e3:f3:90:b7:9c:cd:2a:20:c5:58:fa:
83:4b:27:7e:75:ba:cc:a2:09:58:bf:32:e9:b3:e2:
9e:dd:bd:b1:4c:a9:66:11:f7:3b:86:6d:2b:bf:9d:
0e:ca:17:df:82:7f:a0:59:d1:12:95:06:c2:61:24:
99:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:BD:23:B5:31:6C:A5:9A:8D:CD:99:39:35:AC:48:18:04:6D:DA:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a040::/48
Signature Algorithm: sha256WithRSAEncryption
4e:15:d8:2d:cf:79:f9:a3:ec:72:0d:5d:69:a6:e6:bf:1b:55:
18:b4:bf:42:59:af:10:0c:38:c1:92:65:fc:7c:82:91:6f:ec:
12:81:b6:95:73:23:2a:3d:b7:e0:cc:ab:4a:a1:8f:f3:4f:55:
0b:ff:48:da:06:c4:2c:a2:32:18:21:61:98:48:8f:b8:54:cf:
24:3d:be:08:78:66:cb:c5:f4:b6:7f:d8:39:c7:b6:cd:9d:b6:
a5:7c:95:3d:ea:06:72:ed:37:90:c1:50:33:95:fd:f4:1d:e3:
9b:be:83:b2:e5:15:85:2d:43:4b:a0:55:a7:04:25:12:e6:aa:
9b:ca:c1:6e:50:ec:8c:f4:1a:65:12:41:11:f5:84:6a:f0:97:
89:3c:ec:1e:21:d8:1b:92:82:34:8f:d1:61:dc:23:26:88:76:
7a:d6:a6:3e:6f:7d:66:f7:84:e0:b1:b6:da:ee:d5:1f:19:39:
bf:1d:f6:f7:05:24:0f:b1:f3:da:f1:3e:18:54:68:cf:72:0f:
95:e5:1a:4a:7f:42:41:a5:01:b8:88:69:fe:c6:d2:c8:5f:15:
cb:b9:05:67:94:2f:20:6a:c4:1e:e7:11:55:8c:87:0c:67:80:
c2:72:35:7e:09:98:7a:dd:6b:cc:a1:64:0c:53:6d:e9:c4:37:
a7:e7:0c:cf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQO7/xSb8cPID8uImFdDGDC6eEeEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTEwMTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5M2MxMGI5ZTdmMjE5ODU2YmYyMjc5ODU5OGM2Y2JjY2U2ZTMxMTk1YmU5
MDgwYjdkNDVjZDI3MTVkZDllNDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAbTGmX5Vk6DIzZGaT/AwAgD3Zqo/I3Gzv9QbO/8nznxN1zX8pQE2F1DGcC
J3tD+Fsiege6NkKMRZUtyeCWELHpxPVm7aO2e2qdAABwciTNace+H1MMYOphZ0sx
xQP6ciSlZ9YD6arLxPDMOi2nY+W81BX2ty27T1/b/U4s9bS6FRKsBnY4yktR8Uz5
RrQ0xD35ibjnvepnEcgh0/qVuJZSZ+D3Fyw00ET92Smr8d7RCJnoNYKSVUSPrnPr
rq+Zq3llTwI89+PzkLeczSogxVj6g0snfnW6zKIJWL8y6bPint29sUypZhH3O4Zt
K7+dDsoX34J/oFnREpUGwmEkmSsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQEvSO1
MWylmo3NmTk1rEgYBG3aXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWM4MWFlODUtYTk3YS00MWM0LTk3ZjctMzMyN2NjZjBkYzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
QDANBgkqhkiG9w0BAQsFAAOCAQEAThXYLc95+aPscg1daabmvxtVGLS/QlmvEAw4
wZJl/HyCkW/sEoG2lXMjKj234MyrSqGP809VC/9I2gbELKIyGCFhmEiPuFTPJD2+
CHhmy8X0tn/YOce2zZ22pXyVPeoGcu03kMFQM5X99B3jm76DsuUVhS1DS6BVpwQl
Euaqm8rBblDsjPQaZRJBEfWEavCXiTzsHiHYG5KCNI/RYdwjJoh2etamPm99ZveE
4LG22u7VHxk5vx329wUkD7Hz2vE+GFRoz3IPleUaSn9CQaUBuIhp/sbSyF8Vy7kF
Z5QvIGrEHucRVYyHDGeAwnI1fgmYet1rzKFkDFNt6cQ3p+cMzw==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:50 2025 by rpki-client