Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1cce4de7-2873-45f2-8bca-ceae18748090.roa
File: 1cce4de7-2873-45f2-8bca-ceae18748090.roa (raw, json)
Hash identifier: lxCJes3rjWv2HrKtt6QAdSBlXZ04pKQw9TCZ5K7ykFA=
Subject key identifier: 54:59:36:0A:71:6C:56:12:EB:DF:67:17:4C:72:A2:A3:0B:25:0B:2F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01215E7934179920B0C391811E295539F0306ABD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1cce4de7-2873-45f2-8bca-ceae18748090.roa
Signing time: Fri 11 Jul 2025 19:51:16 +0000
ROA not before: Fri 11 Jul 2025 19:51:16 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:2040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:21:5e:79:34:17:99:20:b0:c3:91:81:1e:29:55:39:f0:30:6a:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:51:16 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=da6d91cadaa9481d1b5b0b5a56f6cf5bd5cfb0b7592630d868e1999abc8d62ff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:12:82:c5:37:06:3f:02:43:1f:96:89:b4:76:
13:d1:ca:24:23:3c:33:0b:9c:e6:6e:03:a0:0f:cd:
2d:fa:19:96:20:ff:8e:c7:d7:b5:e1:fe:37:50:c3:
4c:6d:1b:fb:47:8a:a7:7f:c8:48:cc:44:fc:27:13:
52:ce:50:7a:e4:32:fc:d1:19:bc:85:8c:b0:78:48:
a0:01:96:58:c1:66:25:85:0e:15:44:c8:de:d8:75:
03:ef:8c:a2:38:39:96:77:2c:20:0f:4d:e8:63:20:
74:f7:d7:92:ff:e2:01:b2:3a:7f:dc:b6:c9:85:d4:
5c:b3:4f:23:bc:d3:50:31:d6:d7:bc:82:9b:fb:95:
a9:58:2d:3f:cd:58:2f:1d:6c:a9:83:fd:ca:77:24:
cf:45:19:4a:ac:07:c9:92:f4:36:ff:d3:2a:dd:f2:
44:fe:63:d3:d2:29:57:e3:1e:91:28:a1:58:8c:34:
ba:c3:81:4f:99:43:3a:48:44:7c:ae:8e:ba:1f:7a:
e5:a6:2f:69:3b:a5:a8:60:a0:39:e5:b6:7b:91:c2:
91:78:da:97:6b:c9:3d:60:d6:23:40:c9:81:4a:1a:
e7:16:28:1b:b4:95:73:0f:fc:49:7f:1f:08:30:fa:
92:a6:4a:9b:2b:a9:01:20:de:5a:2a:a1:61:9f:70:
6c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:59:36:0A:71:6C:56:12:EB:DF:67:17:4C:72:A2:A3:0B:25:0B:2F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1cce4de7-2873-45f2-8bca-ceae18748090.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:2040::/46
Signature Algorithm: sha256WithRSAEncryption
07:b8:5f:01:a0:a9:0d:a7:7f:0e:f0:fb:d1:70:89:12:eb:72:
5a:a7:c1:38:87:41:bb:c0:54:3f:8e:60:a8:93:45:b7:47:b7:
59:84:28:80:a9:a8:3f:2b:65:54:93:e4:c2:5e:83:10:df:a0:
42:ed:0c:85:54:0e:4d:50:bb:f2:46:be:1d:9d:c2:c6:67:37:
33:17:2f:a7:4e:46:b8:f2:f7:b1:73:fa:bd:49:36:ff:58:80:
36:89:96:84:de:db:e7:ba:53:39:68:41:b0:31:b6:ab:3b:5f:
29:9b:7a:a0:78:e3:be:c1:80:c4:8f:23:47:e6:5b:6c:44:95:
35:82:0a:c2:90:63:c2:c0:68:54:86:51:c7:b4:77:1f:1d:56:
a3:7e:55:11:eb:b5:c6:79:26:da:f4:6d:7f:22:0a:5b:31:bc:
9b:87:8c:f3:15:9b:be:7b:07:68:c8:14:09:40:d1:5b:99:29:
84:0a:49:3a:22:87:12:3d:78:49:a6:9d:11:ad:67:94:ff:ae:
d1:22:0b:9d:f5:c8:3e:48:e1:92:25:fc:b7:f8:ee:15:70:3f:
21:9a:2a:b3:b5:7e:c1:f0:b8:58:db:e8:d1:65:ec:27:ab:9b:
e0:76:a6:55:5c:f0:20:09:79:13:0f:67:43:56:cc:a9:b0:08:
18:03:40:a0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUASFeeTQXmSCww5GBHilVOfAwar0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUxMTZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhNmQ5MWNhZGFhOTQ4MWQxYjViMGI1YTU2ZjZjZjViZDVjZmIwYjc1OTI2
MzBkODY4ZTE5OTlhYmM4ZDYyZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUSgsU3Bj8CQx+WibR2E9HKJCM8Mwuc5m4DoA/NLfoZliD/jsfXteH+N1DD
TG0b+0eKp3/ISMxE/CcTUs5QeuQy/NEZvIWMsHhIoAGWWMFmJYUOFUTI3th1A++M
ojg5lncsIA9N6GMgdPfXkv/iAbI6f9y2yYXUXLNPI7zTUDHW17yCm/uVqVgtP81Y
Lx1sqYP9ynckz0UZSqwHyZL0Nv/TKt3yRP5j09IpV+MekSihWIw0usOBT5lDOkhE
fK6Ouh965aYvaTulqGCgOeW2e5HCkXjal2vJPWDWI0DJgUoa5xYoG7SVcw/8SX8f
CDD6kqZKmyupASDeWiqhYZ9wbKECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRUWTYK
cWxWEuvfZxdMcqKjCyULLzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWNjZTRkZTctMjg3My00NWYyLThiY2EtY2VhZTE4NzQ4MDkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hsg
QDANBgkqhkiG9w0BAQsFAAOCAQEAB7hfAaCpDad/DvD70XCJEutyWqfBOIdBu8BU
P45gqJNFt0e3WYQogKmoPytlVJPkwl6DEN+gQu0MhVQOTVC78ka+HZ3Cxmc3Mxcv
p05GuPL3sXP6vUk2/1iANomWhN7b57pTOWhBsDG2qztfKZt6oHjjvsGAxI8jR+Zb
bESVNYIKwpBjwsBoVIZRx7R3Hx1Wo35VEeu1xnkm2vRtfyIKWzG8m4eM8xWbvnsH
aMgUCUDRW5kphApJOiKHEj14SaadEa1nlP+u0SILnfXIPkjhkiX8t/juFXA/IZoq
s7V+wfC4WNvo0WXsJ6ub4HamVVzwIAl5Ew9nQ1bMqbAIGANAoA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:13 2025 by rpki-client