Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2331f846-3447-4dea-ac7a-63323853ebb9.roa
File: 2331f846-3447-4dea-ac7a-63323853ebb9.roa (raw, json)
Hash identifier: u1OA8Var+LsHponM7Fop2PylolCqnlmY9+TLgiBa73Q=
Subject key identifier: A4:8F:77:B8:BD:D8:01:F2:40:E1:7D:C5:84:1E:24:33:EB:F3:F3:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 083F37E8B72DA813419C1710CC86291B3F7B69F4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2331f846-3447-4dea-ac7a-63323853ebb9.roa
Signing time: Sat 12 Jul 2025 00:51:21 +0000
ROA not before: Sat 12 Jul 2025 00:51:21 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:3f:37:e8:b7:2d:a8:13:41:9c:17:10:cc:86:29:1b:3f:7b:69:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:51:21 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=4651a99bf467556223df85049306733490663ddcc2e13420f32b5742032920ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:46:b3:96:a3:d5:05:e4:a8:33:42:c9:e2:2a:
10:ae:05:32:e8:4f:ed:5a:bc:f7:14:49:a6:b2:0c:
31:48:f0:95:9c:6d:59:42:58:db:53:49:af:f7:11:
e3:c3:82:91:3f:7e:35:b4:4d:31:c6:58:9a:6a:81:
18:0f:85:2f:bf:40:6a:91:5d:ce:d9:63:6b:35:cd:
8a:76:a2:93:3d:29:d6:58:1d:27:13:d1:1b:98:98:
7e:a9:0d:5d:89:ec:92:ac:4f:d3:b8:b6:f7:43:ba:
26:f3:46:8c:3c:06:dc:e9:3b:c0:46:72:cc:5f:c6:
a1:49:84:19:a1:94:07:53:e0:7a:69:55:3a:9e:2e:
2f:92:15:94:18:fe:5a:81:fe:ac:b4:3e:a6:51:f0:
df:05:75:cb:4b:ae:51:63:5f:5c:a7:75:15:ed:1a:
28:99:88:bd:02:83:e4:fd:5e:23:36:54:fb:73:36:
ae:50:8f:3f:6e:94:80:c6:a5:ea:01:b2:51:b1:6d:
7c:1f:cd:8f:0c:ed:fd:1b:e5:90:75:6a:2c:7e:b1:
bc:78:b2:53:1f:80:b2:41:0a:a1:7c:b3:3b:eb:03:
00:dc:c1:5a:6f:ae:11:56:51:5f:6c:fc:1b:ea:66:
67:dd:ae:23:37:0f:e1:2b:6d:6d:83:a0:b0:46:14:
87:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:8F:77:B8:BD:D8:01:F2:40:E1:7D:C5:84:1E:24:33:EB:F3:F3:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2331f846-3447-4dea-ac7a-63323853ebb9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:2000::/40
Signature Algorithm: sha256WithRSAEncryption
ac:2a:cd:e6:e7:db:0c:a1:0a:37:13:ea:81:00:18:d8:6e:60:
3a:e9:2c:c8:19:a8:bf:6d:3a:26:56:7c:fc:6c:9d:33:66:62:
85:7e:d9:9e:56:a7:f6:5d:17:e0:3f:c4:0c:81:21:e7:d9:84:
e0:6b:67:12:4b:27:40:7a:ae:7d:6e:58:44:fc:eb:8f:50:11:
87:dc:de:dd:42:bb:a1:49:e1:c3:8a:40:9a:39:eb:c5:7d:e7:
a4:8d:73:8f:4e:ea:65:81:58:58:e3:fe:e5:4b:58:72:c4:89:
8f:5d:c4:0c:75:c3:09:eb:9c:ec:1b:8c:08:88:c2:32:8a:d3:
ca:1d:19:67:45:a1:9f:c2:93:87:e2:6a:d5:25:17:e4:5b:79:
5c:48:a2:b4:1c:ef:10:80:3f:64:20:db:3f:52:9b:4b:55:49:
97:c3:d9:fd:43:0f:87:62:68:e0:93:38:07:9b:17:9f:a7:ca:
2d:3b:9c:3a:45:b0:66:09:54:b0:15:c7:b0:8c:6b:6f:bd:be:
af:3a:92:f9:a6:c6:bb:11:12:d2:21:70:ac:33:02:90:1a:1c:
60:2f:df:85:5d:3c:34:93:b9:92:87:eb:d2:f9:4d:62:02:da:
78:51:4e:f2:8d:bc:df:44:9b:43:0c:d7:e5:a7:06:0e:2d:df:
51:7f:7c:80
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCD836LctqBNBnBcQzIYpGz97afQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUxMjFaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2NTFhOTliZjQ2NzU1NjIyM2RmODUwNDkzMDY3MzM0OTA2NjNkZGNjMmUx
MzQyMGYzMmI1NzQyMDMyOTIwZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMRGs5aj1QXkqDNCyeIqEK4FMuhP7Vq89xRJprIMMUjwlZxtWUJY21NJr/cR
48OCkT9+NbRNMcZYmmqBGA+FL79AapFdztljazXNinaikz0p1lgdJxPRG5iYfqkN
XYnskqxP07i290O6JvNGjDwG3Ok7wEZyzF/GoUmEGaGUB1PgemlVOp4uL5IVlBj+
WoH+rLQ+plHw3wV1y0uuUWNfXKd1Fe0aKJmIvQKD5P1eIzZU+3M2rlCPP26UgMal
6gGyUbFtfB/Njwzt/RvlkHVqLH6xvHiyUx+AskEKoXyzO+sDANzBWm+uEVZRX2z8
G+pmZ92uIzcP4SttbYOgsEYUh+sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSkj3e4
vdgB8kDhfcWEHiQz6/PzjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjMzMWY4NDYtMzQ0Ny00ZGVhLWFjN2EtNjMzMjM4NTNlYmI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8g
MA0GCSqGSIb3DQEBCwUAA4IBAQCsKs3m59sMoQo3E+qBABjYbmA66SzIGai/bTom
Vnz8bJ0zZmKFftmeVqf2XRfgP8QMgSHn2YTga2cSSydAeq59blhE/OuPUBGH3N7d
QruhSeHDikCaOevFfeekjXOPTuplgVhY4/7lS1hyxImPXcQMdcMJ65zsG4wIiMIy
itPKHRlnRaGfwpOH4mrVJRfkW3lcSKK0HO8QgD9kINs/UptLVUmXw9n9Qw+HYmjg
kzgHmxefp8otO5w6RbBmCVSwFcewjGtvvb6vOpL5psa7ERLSIXCsMwKQGhxgL9+F
XTw0k7mSh+vS+U1iAtp4UU7yjbzfRJtDDNflpwYOLd9Rf3yA
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:40 2025 by rpki-client