Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
File: 21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa (raw, json)
Hash identifier: AuvwVDm34Dri1amtM9qA7kz7zxEhComBEGbH7Mk3sVg=
Subject key identifier: 87:79:57:4E:B0:11:8D:E8:8D:8F:60:59:0D:A5:18:52:54:80:A3:BF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2D1DB7C967B8C57F923BA948DCEECCB9B0C429B4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
Signing time: Fri 11 Jul 2025 20:20:14 +0000
ROA not before: Fri 11 Jul 2025 20:20:14 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:1d:b7:c9:67:b8:c5:7f:92:3b:a9:48:dc:ee:cc:b9:b0:c4:29:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:20:14 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=c337731876048a69606769537d118ed1f074f8e50d06885dda6e8d36b076c81c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:26:55:52:88:89:50:8a:2c:17:9d:0f:77:39:
44:85:78:56:54:13:55:02:a9:af:3d:67:9c:d3:58:
a0:85:26:b9:73:ab:17:32:6d:f8:24:43:e0:00:56:
85:08:9c:cc:aa:de:b6:41:f9:3a:29:be:2f:b8:24:
b9:27:f1:98:b4:d9:30:68:ce:29:ff:9c:84:81:24:
5c:98:78:a5:10:c1:15:92:c5:b6:da:fc:29:a4:1d:
76:3a:96:9e:b3:a1:6c:c9:6b:f0:50:e1:68:a1:ec:
3d:f9:a5:42:6d:98:f9:fb:53:d2:f2:39:ee:73:62:
cf:c9:98:a8:46:18:e4:a4:b8:6d:0d:37:71:6e:97:
88:d7:19:82:e2:47:ed:c5:bb:0b:58:cf:c7:b3:4c:
b5:ea:f2:69:fb:ad:c8:34:7c:79:7d:86:cd:86:30:
e9:a1:b0:54:37:1a:ca:95:fd:ed:52:b9:a8:66:13:
76:a0:17:22:a9:86:5b:72:37:a7:91:4d:de:93:bf:
0f:75:d2:ea:ba:7b:64:e2:d5:2e:4d:19:d6:d8:e9:
4e:2f:b7:c2:c5:a1:b7:1a:3d:27:b9:9b:7c:58:cd:
29:43:88:a7:85:db:2e:3f:41:67:b6:b3:0b:c3:b6:
0a:55:e2:a8:d8:25:86:3c:c8:ed:ba:6c:ad:af:1d:
0a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:79:57:4E:B0:11:8D:E8:8D:8F:60:59:0D:A5:18:52:54:80:A3:BF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:4000::/40
Signature Algorithm: sha256WithRSAEncryption
b5:80:ef:e1:57:c0:e3:42:7a:bc:cf:49:60:4e:1e:38:bc:af:
d3:7f:04:fd:c8:20:9c:e1:30:5e:d1:3c:5b:b5:1e:73:43:78:
9d:80:f4:f8:d1:e4:f1:e6:c5:22:03:3d:82:bb:eb:76:49:42:
ba:db:ee:90:d0:dd:69:85:8c:c6:bf:d2:46:f7:7f:16:21:ae:
07:29:69:d5:47:3f:15:1c:f2:e3:e2:a6:72:20:41:a0:5f:c2:
18:92:61:df:93:56:f2:26:45:c2:e5:9d:94:8f:f3:85:6a:ac:
a6:87:07:be:3d:4a:a3:5e:0b:92:9b:3b:fa:5a:ae:4f:15:97:
30:e6:b6:16:a5:5a:94:f7:78:ba:1d:5b:c8:e6:2c:ab:36:7d:
b0:92:a0:67:6e:6c:69:c4:02:3f:46:51:27:35:40:06:6a:4a:
ec:ef:f3:66:ee:f9:49:39:8e:a3:d3:23:f7:69:04:9d:78:64:
ae:d9:18:af:d9:15:9d:2a:ea:99:5c:36:54:cc:3a:29:19:48:
f7:38:66:8f:a0:69:1c:f0:a7:74:90:5a:1b:48:36:d6:b0:4a:
71:8b:23:ed:be:eb:af:93:8b:6f:7e:9d:ba:16:0c:60:cf:40:
09:60:e0:f4:ea:bd:21:86:6b:bf:7f:8f:cf:fb:ca:e3:a7:ee:
f3:9a:d2:44
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULR23yWe4xX+SO6lI3O7MubDEKbQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDIwMTRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzMzc3MzE4NzYwNDhhNjk2MDY3Njk1MzdkMTE4ZWQxZjA3NGY4ZTUwZDA2
ODg1ZGRhNmU4ZDM2YjA3NmM4MWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANkmVVKIiVCKLBedD3c5RIV4VlQTVQKprz1nnNNYoIUmuXOrFzJt+CRD4ABW
hQiczKretkH5Oim+L7gkuSfxmLTZMGjOKf+chIEkXJh4pRDBFZLFttr8KaQddjqW
nrOhbMlr8FDhaKHsPfmlQm2Y+ftT0vI57nNiz8mYqEYY5KS4bQ03cW6XiNcZguJH
7cW7C1jPx7NMteryafutyDR8eX2GzYYw6aGwVDcaypX97VK5qGYTdqAXIqmGW3I3
p5FN3pO/D3XS6rp7ZOLVLk0Z1tjpTi+3wsWhtxo9J7mbfFjNKUOIp4XbLj9BZ7az
C8O2ClXiqNglhjzI7bpsra8dCjcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSHeVdO
sBGN6I2PYFkNpRhSVICjvzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjFlMmY1YzgtZTAxMi00NGQwLWE2ZjItYzRhMDY1YjNiOTU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRA
MA0GCSqGSIb3DQEBCwUAA4IBAQC1gO/hV8DjQnq8z0lgTh44vK/TfwT9yCCc4TBe
0TxbtR5zQ3idgPT40eTx5sUiAz2Cu+t2SUK62+6Q0N1phYzGv9JG938WIa4HKWnV
Rz8VHPLj4qZyIEGgX8IYkmHfk1byJkXC5Z2Uj/OFaqymhwe+PUqjXguSmzv6Wq5P
FZcw5rYWpVqU93i6HVvI5iyrNn2wkqBnbmxpxAI/RlEnNUAGakrs7/Nm7vlJOY6j
0yP3aQSdeGSu2Riv2RWdKuqZXDZUzDopGUj3OGaPoGkc8Kd0kFobSDbWsEpxiyPt
vuuvk4tvfp26Fgxgz0AJYOD06r0hhmu/f4/P+8rjp+7zmtJE
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:33:37 2025 by rpki-client