Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/232e4c5b-5853-4200-81cf-438555b951ff.roa
File: 232e4c5b-5853-4200-81cf-438555b951ff.roa (raw, json)
Hash identifier: VqbuAHwvY7QL7T9htyn7fGgcGYJeNp2yrfEQRKkkyZQ=
Subject key identifier: B2:2D:DC:8D:17:15:EC:6C:8D:D0:EA:C5:30:4F:75:08:11:48:A1:DF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33F4D75CBE199FF9B84D4CEE80AAA1ADEAAC7D25
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/232e4c5b-5853-4200-81cf-438555b951ff.roa
Signing time: Fri 11 Jul 2025 20:21:43 +0000
ROA not before: Fri 11 Jul 2025 20:21:43 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:f4:d7:5c:be:19:9f:f9:b8:4d:4c:ee:80:aa:a1:ad:ea:ac:7d:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:21:43 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=5c659a118a0c9c6b7a248feafb6159ebf5175062627004f7af594fba8227c6b9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e7:3b:7e:5a:b0:2f:4e:5f:0e:92:39:36:92:
d4:0d:f0:76:66:7b:30:99:08:45:87:61:90:66:f4:
37:1a:89:79:c1:bd:55:eb:56:a7:14:56:41:78:06:
2e:dc:ad:f4:70:b2:99:7b:9e:58:0f:b6:9b:60:7b:
69:91:09:a2:12:49:9a:06:4a:e9:d0:80:51:e4:47:
e4:23:f8:3f:e0:39:11:5f:68:fa:63:33:86:9e:4b:
5a:43:41:9c:97:b4:11:27:97:82:ad:fd:80:bd:a2:
8a:f9:ef:dc:e2:98:23:d9:4a:47:83:68:79:85:d3:
6c:3b:5f:b5:d4:6b:12:4e:7e:19:ba:c0:c1:e0:b3:
bf:53:42:ad:8f:1e:66:09:70:94:17:78:16:07:99:
88:dd:9e:fc:4d:4e:f1:3e:89:eb:89:2b:ed:9b:04:
59:f9:a6:b0:d8:29:83:8b:3c:53:4c:1a:61:5d:3b:
df:b1:bf:35:2c:36:18:00:f2:83:cc:83:e5:4c:ce:
cb:af:24:64:7b:fb:57:af:a6:22:5e:e9:16:e9:8c:
bb:d5:a0:b0:02:ad:54:db:c3:9d:82:17:0d:b6:21:
de:d5:7e:0f:19:ff:85:03:b6:3c:60:72:7c:2e:ef:
ed:69:16:dc:db:f8:0f:ed:2a:13:82:b8:e9:d7:50:
fd:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:2D:DC:8D:17:15:EC:6C:8D:D0:EA:C5:30:4F:75:08:11:48:A1:DF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/232e4c5b-5853-4200-81cf-438555b951ff.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:8000::/40
Signature Algorithm: sha256WithRSAEncryption
89:63:92:07:55:74:76:f0:44:e5:65:dc:8b:59:57:90:dc:f1:
6e:67:1a:01:d2:7a:e6:e7:82:d1:e9:25:c5:ca:cf:c6:22:50:
fb:db:ef:96:92:5c:cf:d0:fb:0e:90:78:4b:bd:b7:d4:1e:69:
94:3f:0d:3f:73:f1:05:bd:48:75:8a:06:2d:42:ce:2a:33:b8:
67:3b:d6:09:51:e7:b2:13:1c:9e:49:59:21:c3:e8:d8:16:01:
80:dd:b6:01:0c:ee:4f:2b:52:03:d9:72:0c:05:23:4d:29:21:
09:f9:46:3b:43:e2:06:25:57:c0:68:48:75:ea:42:e2:41:bf:
da:ac:41:6b:a4:d9:1f:9d:a2:f0:72:5b:97:d8:e5:a4:58:f4:
47:4d:00:20:cf:59:46:16:f4:43:ae:0a:ba:2a:98:17:04:5a:
61:c5:05:d1:76:a2:16:5e:9a:31:dd:ce:fa:f6:19:33:93:3a:
97:92:bd:04:e2:00:fb:72:90:36:60:f5:92:7e:3f:de:e2:00:
2c:5f:a6:2f:30:a7:82:45:79:2b:7a:59:9f:93:81:b8:f4:40:
81:93:ca:62:be:bf:42:0e:2a:cf:63:26:9a:96:4f:36:c4:2c:
97:88:60:7e:90:de:43:86:ca:d9:43:4b:5c:88:b8:de:1a:31:
95:e5:38:c0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM/TXXL4Zn/m4TUzugKqhreqsfSUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDIxNDNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjNjU5YTExOGEwYzljNmI3YTI0OGZlYWZiNjE1OWViZjUxNzUwNjI2Mjcw
MDRmN2FmNTk0ZmJhODIyN2M2YjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKPnO35asC9OXw6SOTaS1A3wdmZ7MJkIRYdhkGb0NxqJecG9VetWpxRWQXgG
Ltyt9HCymXueWA+2m2B7aZEJohJJmgZK6dCAUeRH5CP4P+A5EV9o+mMzhp5LWkNB
nJe0ESeXgq39gL2iivnv3OKYI9lKR4NoeYXTbDtftdRrEk5+GbrAweCzv1NCrY8e
ZglwlBd4FgeZiN2e/E1O8T6J64kr7ZsEWfmmsNgpg4s8U0waYV0737G/NSw2GADy
g8yD5UzOy68kZHv7V6+mIl7pFumMu9WgsAKtVNvDnYIXDbYh3tV+Dxn/hQO2PGBy
fC7v7WkW3Nv4D+0qE4K46ddQ/fUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSyLdyN
FxXsbI3Q6sUwT3UIEUih3zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjMyZTRjNWItNTg1My00MjAwLTgxY2YtNDM4NTU1Yjk1MWZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2A
MA0GCSqGSIb3DQEBCwUAA4IBAQCJY5IHVXR28ETlZdyLWVeQ3PFuZxoB0nrm54LR
6SXFys/GIlD72++WklzP0PsOkHhLvbfUHmmUPw0/c/EFvUh1igYtQs4qM7hnO9YJ
UeeyExyeSVkhw+jYFgGA3bYBDO5PK1ID2XIMBSNNKSEJ+UY7Q+IGJVfAaEh16kLi
Qb/arEFrpNkfnaLwcluX2OWkWPRHTQAgz1lGFvRDrgq6KpgXBFphxQXRdqIWXpox
3c769hkzkzqXkr0E4gD7cpA2YPWSfj/e4gAsX6YvMKeCRXkrelmfk4G49ECBk8pi
vr9CDirPYyaalk82xCyXiGB+kN5DhsrZQ0tciLjeGjGV5TjA
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:33 2025 by rpki-client