Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216e1c1f-35c3-4c02-a0c3-0b5815c016d7.roa
File: 216e1c1f-35c3-4c02-a0c3-0b5815c016d7.roa (raw, json)
Hash identifier: fFKLENvLvkAEGN0HoEOXXNYJK/aN5FapufJyS7zfmWY=
Subject key identifier: C2:ED:52:A1:DC:E2:D5:81:AB:7E:35:A3:E0:4E:AD:D2:06:C8:99:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 385449D003B5B0D3181F9653FDAB1159906F34ED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216e1c1f-35c3-4c02-a0c3-0b5815c016d7.roa
Signing time: Fri 11 Jul 2025 18:50:41 +0000
ROA not before: Fri 11 Jul 2025 18:50:41 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:54:49:d0:03:b5:b0:d3:18:1f:96:53:fd:ab:11:59:90:6f:34:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:50:41 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a325d81d35a9d9cc90f3f7e194328a6b7bee509e5316958dbacbb4b06183c9c5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:00:aa:05:2d:89:f3:01:0d:43:f3:30:98:8b:
12:c0:96:6c:99:bb:78:f3:1f:9f:a5:72:ce:fe:78:
aa:3f:36:c4:d0:c9:cc:9f:57:e2:4f:4d:e8:d0:c6:
f1:98:16:92:f4:63:cc:82:be:61:af:a7:11:bd:bd:
02:73:84:e7:d2:9f:32:bc:61:95:cb:db:e3:46:97:
a2:f1:9e:21:83:cd:ca:6b:51:64:17:5b:72:ba:5d:
a5:6b:a1:dd:ab:54:f2:00:24:5d:57:88:88:92:c7:
57:c2:cd:f7:8f:65:ee:2a:8c:2b:c3:6e:8c:6c:bf:
17:2e:46:d0:8b:38:47:95:ec:6d:dc:43:b0:23:65:
29:d2:75:2c:f0:28:85:49:86:e8:f2:be:50:08:d9:
79:9c:7b:05:3f:71:9c:e6:e3:56:f6:f9:af:56:d3:
40:2a:2a:a7:82:ac:9f:7b:d4:be:d5:a3:b8:30:e4:
b3:21:39:85:2e:20:ab:13:db:ba:54:90:d1:5c:1c:
8e:8d:0b:ee:9a:7b:b9:7f:62:cf:c6:d6:1d:50:6f:
0a:2b:42:4b:8d:7f:65:03:9c:ae:e6:cd:08:1c:78:
c3:25:a6:9d:63:48:3f:a1:9a:3d:32:9b:f6:21:cb:
4d:d1:da:51:0c:e3:3d:b7:e9:5e:ce:d9:c7:37:9b:
7c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:ED:52:A1:DC:E2:D5:81:AB:7E:35:A3:E0:4E:AD:D2:06:C8:99:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216e1c1f-35c3-4c02-a0c3-0b5815c016d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
6a:bd:af:91:62:6f:50:f2:93:c3:37:60:50:6d:5a:fb:ae:81:
be:92:93:cb:7c:d5:29:03:e1:56:0d:01:0e:19:d5:a0:68:a1:
70:7a:f2:31:b7:4e:f7:ed:a0:5e:19:75:db:0d:d3:98:cc:8a:
3c:e0:1c:c6:bf:27:dc:a7:d1:fd:4e:20:f1:7b:12:c5:1f:ea:
ab:e1:d6:99:b4:7c:7c:b1:a4:5a:8e:90:2e:c1:17:41:3a:45:
c5:d5:37:9e:78:75:7e:c8:fd:d9:06:74:05:cd:19:2b:8f:90:
13:aa:60:a9:50:43:53:57:51:2b:73:90:13:89:17:d7:af:20:
08:11:d5:5f:a8:25:07:a1:ae:09:51:95:fa:6e:95:c9:3f:f8:
cb:88:62:4f:5e:6b:ee:cf:f6:b6:cf:7d:7d:c2:10:76:ec:a2:
ec:65:10:80:57:0c:27:d0:af:84:2a:9f:b0:32:da:d2:40:8a:
b1:9a:15:16:4c:4d:1e:d1:ef:11:44:fd:c1:64:e5:24:a0:14:
7c:9e:c2:2e:aa:ad:93:f5:12:25:57:03:39:d9:e0:57:12:f3:
37:16:9b:35:57:d9:0f:d3:65:59:fa:3d:11:7e:98:d9:87:7b:
b8:93:3b:ca:2a:81:42:9a:e5:d9:46:55:3c:b7:e6:18:8c:c7:
d3:40:ca:fe
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOFRJ0AO1sNMYH5ZT/asRWZBvNO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODUwNDFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzMjVkODFkMzVhOWQ5Y2M5MGYzZjdlMTk0MzI4YTZiN2JlZTUwOWU1MzE2
OTU4ZGJhY2JiNGIwNjE4M2M5YzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM8AqgUtifMBDUPzMJiLEsCWbJm7ePMfn6Vyzv54qj82xNDJzJ9X4k9N6NDG
8ZgWkvRjzIK+Ya+nEb29AnOE59KfMrxhlcvb40aXovGeIYPNymtRZBdbcrpdpWuh
3atU8gAkXVeIiJLHV8LN949l7iqMK8NujGy/Fy5G0Is4R5XsbdxDsCNlKdJ1LPAo
hUmG6PK+UAjZeZx7BT9xnObjVvb5r1bTQCoqp4Ksn3vUvtWjuDDksyE5hS4gqxPb
ulSQ0Vwcjo0L7pp7uX9iz8bWHVBvCitCS41/ZQOcrubNCBx4wyWmnWNIP6GaPTKb
9iHLTdHaUQzjPbfpXs7ZxzebfJUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTC7VKh
3OLVgat+NaPgTq3SBsiZ3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjE2ZTFjMWYtMzVjMy00YzAyLWEwYzMtMGI1ODE1YzAxNmQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
wDANBgkqhkiG9w0BAQsFAAOCAQEAar2vkWJvUPKTwzdgUG1a+66BvpKTy3zVKQPh
Vg0BDhnVoGihcHryMbdO9+2gXhl12w3TmMyKPOAcxr8n3KfR/U4g8XsSxR/qq+HW
mbR8fLGkWo6QLsEXQTpFxdU3nnh1fsj92QZ0Bc0ZK4+QE6pgqVBDU1dRK3OQE4kX
168gCBHVX6glB6GuCVGV+m6VyT/4y4hiT15r7s/2ts99fcIQduyi7GUQgFcMJ9Cv
hCqfsDLa0kCKsZoVFkxNHtHvEUT9wWTlJKAUfJ7CLqqtk/USJVcDOdngVxLzNxab
NVfZD9NlWfo9EX6Y2Yd7uJM7yiqBQprl2UZVPLfmGIzH00DK/g==
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:16 2025 by rpki-client