Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa
File: 1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa (raw, json)
Hash identifier: MWv+JaRLbj0AkvL16JosWeLu3Ol69dN0bSDJ9HkZew0=
Subject key identifier: 18:A4:6C:0A:AF:89:54:84:A9:D1:68:E3:9C:23:0B:11:6C:21:E7:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65CED44677C21E95229B9CD88E51280402E38899
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa
Signing time: Sat 12 Jul 2025 00:50:06 +0000
ROA not before: Sat 12 Jul 2025 00:50:06 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:ce:d4:46:77:c2:1e:95:22:9b:9c:d8:8e:51:28:04:02:e3:88:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:50:06 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=62e1e07882a1bf0f15b32841c909fd8fde521ac974bb133b0058e6446b4b7718, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:db:94:4e:13:ec:76:64:0f:89:1a:8a:92:59:
f7:78:53:f3:a2:65:9d:32:61:52:e9:ce:bf:3b:9b:
dd:e2:b9:7e:b6:74:f8:a8:05:6c:32:0b:c7:ab:b8:
71:86:f3:d2:36:db:be:01:6d:f7:b8:90:ab:1b:72:
83:57:d1:b2:04:5f:50:bd:3e:32:fb:8d:d1:7c:6c:
1b:72:2c:6f:4d:9e:1d:8f:a9:23:3d:74:af:69:41:
79:e6:26:a6:75:3d:df:a9:cd:3e:18:5f:77:5c:7c:
3e:fa:76:88:d2:a3:bf:cb:e0:55:e9:fd:0c:4e:5b:
82:75:7d:b6:c4:35:2c:ba:c9:b7:93:8e:c5:ea:1f:
31:ed:67:82:86:2c:6b:56:8d:47:7f:ce:77:f3:42:
18:6b:96:b7:9e:c9:9b:63:2f:19:f1:3e:0a:8d:9f:
f8:3f:b2:03:c8:9b:bf:5c:4a:3e:98:01:8c:d3:0a:
02:7e:3c:94:99:23:bd:f4:28:93:08:b1:6b:5e:62:
2d:91:3b:54:0a:70:d2:c8:16:44:bd:5b:f3:83:4b:
01:e1:18:0c:3f:5b:fc:7d:e7:56:47:8e:6e:db:71:
d6:84:a2:a7:ac:52:28:0d:df:e2:8b:52:99:5a:3f:
7f:54:41:fd:18:a0:b9:a1:48:cc:74:3e:11:66:fc:
e4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:A4:6C:0A:AF:89:54:84:A9:D1:68:E3:9C:23:0B:11:6C:21:E7:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:e000::/40
Signature Algorithm: sha256WithRSAEncryption
65:f8:b6:51:5b:b0:93:69:7c:98:d3:c1:81:bc:41:78:09:c2:
67:8b:38:d4:20:4c:13:dd:bf:aa:1d:3e:00:3e:23:76:73:14:
4e:f6:ff:36:14:9b:10:91:0e:0e:8d:4f:40:6b:c1:06:ef:a0:
57:ed:ab:f8:6a:61:79:67:57:22:b8:11:5f:c2:65:f6:c0:79:
bd:cf:5c:62:2b:dc:f8:d2:91:38:22:57:4a:c9:32:70:d7:93:
22:d2:f1:a7:6b:cd:28:a6:02:cd:e8:5e:21:49:ee:e4:15:30:
9c:7e:68:07:33:05:9b:2c:04:25:0b:70:63:39:33:48:50:45:
5f:3f:27:04:ee:1f:af:1f:ad:13:f9:aa:0f:19:9d:8b:3e:b9:
ea:e8:fb:32:11:a1:85:61:05:f5:39:84:65:6e:c0:e6:67:db:
70:2b:86:28:98:67:cb:3e:b7:75:a5:50:86:f8:e6:c2:aa:b6:
88:1a:a6:ff:53:91:da:0e:50:66:01:bd:3a:15:24:fd:4b:e9:
6f:ac:a4:59:c7:03:ce:a4:d6:a6:4e:84:9a:e6:7b:de:12:56:
8e:81:b5:88:58:ae:aa:4d:3e:9b:10:40:81:84:00:a7:0b:aa:
53:2e:f9:c7:a7:25:4f:78:ab:cb:37:c1:86:86:19:b7:e0:10:
28:24:18:a6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZc7URnfCHpUim5zYjlEoBALjiJkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUwMDZaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyZTFlMDc4ODJhMWJmMGYxNWIzMjg0MWM5MDlmZDhmZGU1MjFhYzk3NGJi
MTMzYjAwNThlNjQ0NmI0Yjc3MTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHblE4T7HZkD4kaipJZ93hT86JlnTJhUunOvzub3eK5frZ0+KgFbDILx6u4
cYbz0jbbvgFt97iQqxtyg1fRsgRfUL0+MvuN0XxsG3Isb02eHY+pIz10r2lBeeYm
pnU936nNPhhfd1x8Pvp2iNKjv8vgVen9DE5bgnV9tsQ1LLrJt5OOxeofMe1ngoYs
a1aNR3/Od/NCGGuWt57Jm2MvGfE+Co2f+D+yA8ibv1xKPpgBjNMKAn48lJkjvfQo
kwixa15iLZE7VApw0sgWRL1b84NLAeEYDD9b/H3nVkeObttx1oSip6xSKA3f4otS
mVo/f1RB/RiguaFIzHQ+EWb85OkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQYpGwK
r4lUhKnRaOOcIwsRbCHnqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWNjZmEzNjQtMDdhYi00YTVlLTgxYTktOTlmOWQ2YjNhMDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/g
MA0GCSqGSIb3DQEBCwUAA4IBAQBl+LZRW7CTaXyY08GBvEF4CcJnizjUIEwT3b+q
HT4APiN2cxRO9v82FJsQkQ4OjU9Aa8EG76BX7av4amF5Z1ciuBFfwmX2wHm9z1xi
K9z40pE4IldKyTJw15Mi0vGna80opgLN6F4hSe7kFTCcfmgHMwWbLAQlC3BjOTNI
UEVfPycE7h+vH60T+aoPGZ2LPrnq6PsyEaGFYQX1OYRlbsDmZ9twK4YomGfLPrd1
pVCG+ObCqraIGqb/U5HaDlBmAb06FST9S+lvrKRZxwPOpNamToSa5nveElaOgbWI
WK6qTT6bEECBhACnC6pTLvnHpyVPeKvLN8GGhhm34BAoJBim
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:46 2025 by rpki-client