Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1fb46240-1c3f-4b2f-9927-3470c9898890.roa
File: 1fb46240-1c3f-4b2f-9927-3470c9898890.roa (raw, json)
Hash identifier: 4ZqHkqsGVyFmyfBJOUArPkKGKKmFYUYyGtkkqUxSDwE=
Subject key identifier: 79:BC:94:80:D0:9C:E9:7E:38:21:5E:00:92:9C:50:90:E4:EC:2B:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1ACFEF82ECAA38271EC34BB5916F6350668522D5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1fb46240-1c3f-4b2f-9927-3470c9898890.roa
Signing time: Fri 11 Jul 2025 19:11:35 +0000
ROA not before: Fri 11 Jul 2025 19:11:35 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:cf:ef:82:ec:aa:38:27:1e:c3:4b:b5:91:6f:63:50:66:85:22:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:11:35 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=723507519f0a1b2c56488914bd15f26d657aed6557d6940eeb21ad94a1a801a8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9c:97:fa:15:64:cc:f6:ea:e8:12:47:a2:d8:
0a:b5:0c:54:4b:a5:16:63:eb:71:6c:82:f9:3b:8c:
81:da:3d:39:1b:e1:7a:ab:d4:0a:30:44:31:7c:47:
34:ac:9d:22:9c:19:d5:11:aa:b9:35:3f:f7:70:48:
0e:28:4c:89:f6:85:eb:39:1b:91:e0:0b:d5:b7:60:
84:65:08:da:3e:5b:58:dc:b1:a7:c5:21:8a:51:bb:
96:ed:4f:12:f4:82:f7:09:a0:3a:55:ea:39:fd:ed:
56:69:98:8c:ea:cd:f8:67:b2:67:40:08:ae:10:5f:
3c:30:ab:d1:4c:6b:df:88:22:b7:fe:19:d0:2f:ca:
66:a3:a5:1e:3b:53:44:a4:d3:0e:1d:af:dc:81:bb:
9e:05:d1:c5:1d:dd:25:ee:8d:27:11:66:14:52:b3:
e0:f3:b4:93:2c:9f:90:27:19:94:51:05:f1:27:24:
ef:46:47:f8:28:c5:a3:10:23:82:f9:dd:e2:f8:42:
a3:ca:3f:e8:45:83:41:0f:ec:2a:c4:e7:ac:80:19:
71:ee:a3:d3:ec:70:b0:09:77:fc:6d:15:96:c4:c3:
7a:92:73:b8:4e:4c:52:48:40:9d:60:2a:d5:c8:a9:
c8:2a:d4:cb:d5:8f:dc:4d:5b:df:55:05:09:cb:12:
a4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:BC:94:80:D0:9C:E9:7E:38:21:5E:00:92:9C:50:90:E4:EC:2B:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1fb46240-1c3f-4b2f-9927-3470c9898890.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80a0::/48
Signature Algorithm: sha256WithRSAEncryption
a2:91:65:4a:73:4c:87:bf:23:b0:7c:31:8a:9d:60:e3:62:2b:
d6:0b:17:8a:ae:e6:59:32:9c:2a:f4:45:c8:d1:d5:16:f5:d7:
18:be:83:58:89:0f:68:72:f5:5e:ec:35:14:23:92:60:68:d5:
e3:47:53:a4:87:0e:f1:66:6d:af:94:0e:63:f2:db:89:d8:b5:
a2:d3:46:1c:1e:d2:d3:fc:11:d8:1c:e6:35:ab:c7:f0:d1:37:
74:b9:e3:c1:a4:24:eb:45:32:6b:54:09:3f:96:f8:81:b8:17:
00:e9:e4:e8:db:bc:35:00:b1:39:99:5c:09:b8:ef:66:db:93:
76:75:5f:ed:49:c7:6c:2e:42:8b:32:e3:81:b7:06:a5:c8:46:
7a:41:de:ed:9e:96:3f:13:24:bc:1a:51:85:e6:01:58:79:3c:
32:61:a7:bd:6d:ff:e4:4d:a7:64:c9:26:66:73:02:fc:07:b2:
d8:d0:0b:7c:44:84:ff:49:bc:3a:7d:23:21:19:a0:bb:b4:08:
26:af:6b:be:b4:95:a4:a8:9e:0e:3f:15:20:bf:0c:b9:f6:09:
75:24:fc:25:ae:f9:77:d4:42:16:64:cb:1b:c1:e8:c7:50:89:
db:d2:4d:72:73:20:6c:21:e4:0d:4d:6b:ca:fb:e0:24:ec:32:
9d:d9:94:1e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGs/vguyqOCcew0u1kW9jUGaFItUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTExMzVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyMzUwNzUxOWYwYTFiMmM1NjQ4ODkxNGJkMTVmMjZkNjU3YWVkNjU1N2Q2
OTQwZWViMjFhZDk0YTFhODAxYTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmcl/oVZMz26ugSR6LYCrUMVEulFmPrcWyC+TuMgdo9ORvheqvUCjBEMXxH
NKydIpwZ1RGquTU/93BIDihMifaF6zkbkeAL1bdghGUI2j5bWNyxp8UhilG7lu1P
EvSC9wmgOlXqOf3tVmmYjOrN+GeyZ0AIrhBfPDCr0Uxr34git/4Z0C/KZqOlHjtT
RKTTDh2v3IG7ngXRxR3dJe6NJxFmFFKz4PO0kyyfkCcZlFEF8Sck70ZH+CjFoxAj
gvnd4vhCo8o/6EWDQQ/sKsTnrIAZce6j0+xwsAl3/G0VlsTDepJzuE5MUkhAnWAq
1cipyCrUy9WP3E1b31UFCcsSpK8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR5vJSA
0JzpfjghXgCSnFCQ5Owr2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWZiNDYyNDAtMWMzZi00YjJmLTk5MjctMzQ3MGM5ODk4ODkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
oDANBgkqhkiG9w0BAQsFAAOCAQEAopFlSnNMh78jsHwxip1g42Ir1gsXiq7mWTKc
KvRFyNHVFvXXGL6DWIkPaHL1Xuw1FCOSYGjV40dTpIcO8WZtr5QOY/Lbidi1otNG
HB7S0/wR2BzmNavH8NE3dLnjwaQk60Uya1QJP5b4gbgXAOnk6Nu8NQCxOZlcCbjv
ZtuTdnVf7UnHbC5CizLjgbcGpchGekHe7Z6WPxMkvBpRheYBWHk8MmGnvW3/5E2n
ZMkmZnMC/Aey2NALfESE/0m8On0jIRmgu7QIJq9rvrSVpKieDj8VIL8MufYJdST8
Ja75d9RCFmTLG8Hox1CJ29JNcnMgbCHkDU1ryvvgJOwyndmUHg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:48 2025 by rpki-client