Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/245b62a3-aba6-4bec-8e4d-d798fd0e1a73.roa
File: 245b62a3-aba6-4bec-8e4d-d798fd0e1a73.roa (raw, json)
Hash identifier: 9nvynpoEUoLq8RSrZbuh7PXtYvt5WQWCZkGs5WzgI80=
Subject key identifier: F4:7E:CF:44:85:A9:D1:4B:C1:B0:8F:10:40:06:F8:04:FF:E0:62:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47C3BC9E7E7199243BCC912DD8D34DC49B7DCDF2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/245b62a3-aba6-4bec-8e4d-d798fd0e1a73.roa
Signing time: Fri 11 Jul 2025 19:30:08 +0000
ROA not before: Fri 11 Jul 2025 19:30:08 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:80c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:c3:bc:9e:7e:71:99:24:3b:cc:91:2d:d8:d3:4d:c4:9b:7d:cd:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:30:08 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=1dcab0b27b9ae59f79b03a3c0d5ca2c04a43557e69902a8a16f5db37c9e481bc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:59:f0:ed:b7:71:82:73:d8:5a:a6:12:4c:24:
db:88:1e:df:22:b4:b2:a0:0e:4b:c9:5b:45:be:02:
2a:bc:36:96:77:14:96:99:5e:0b:7c:0c:3d:f8:58:
b3:d5:e9:0a:30:c0:81:df:c8:2e:04:b9:19:79:08:
b1:24:e1:c3:d2:5d:b3:9b:42:9b:82:be:5f:f1:b0:
5f:a2:dd:7c:0a:31:40:d0:5d:e7:62:af:dc:54:82:
dc:7a:85:6d:ce:2a:38:67:cb:2b:8b:b2:40:50:4b:
ea:3d:59:3d:b3:15:d3:91:a6:15:f7:3d:4f:a3:ef:
6a:4b:c3:b8:19:85:90:8f:da:10:7b:23:dd:9a:99:
16:59:9d:47:4f:3e:7b:ae:d5:64:7c:6f:3a:d1:79:
1a:5c:46:6c:df:55:25:8f:2d:4b:15:bf:78:4b:67:
6c:12:44:e5:40:70:9e:6e:b4:5b:8e:12:10:bb:fe:
14:dd:76:89:80:06:82:c4:4a:51:04:eb:2c:70:4e:
ae:e0:8c:b1:54:69:8d:27:65:e5:c5:f0:ef:37:5e:
08:6f:90:b9:d2:e1:bd:d1:6b:ee:e1:8c:73:b8:86:
02:92:7f:a1:32:d8:be:93:a8:6c:b7:47:2a:57:13:
d1:69:8e:04:e3:ca:6e:a4:76:e8:e7:ce:4c:51:01:
62:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:7E:CF:44:85:A9:D1:4B:C1:B0:8F:10:40:06:F8:04:FF:E0:62:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/245b62a3-aba6-4bec-8e4d-d798fd0e1a73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:80c0::/46
Signature Algorithm: sha256WithRSAEncryption
a1:b3:69:de:49:e4:75:aa:48:da:d1:7e:a6:04:1d:33:fa:b4:
f0:81:d8:fb:69:ff:46:17:cd:b0:cd:c9:9a:14:7a:5f:b3:35:
e0:c1:9d:f4:7f:a6:3c:05:99:d6:44:e1:ec:1e:14:22:7c:ca:
96:76:07:6c:f6:24:c3:06:f9:b6:ab:23:04:22:6b:93:cf:97:
c7:67:5f:ba:96:4c:3d:12:ec:c3:e9:0c:6c:45:2e:a2:a2:4f:
8a:a6:8e:60:23:9e:c8:9e:e0:14:83:2c:f9:ae:80:e9:b0:05:
06:51:84:a2:25:04:1b:ab:90:2a:41:e4:27:18:c7:16:9e:40:
e7:7c:34:21:0d:78:56:cf:65:b3:d8:2b:2b:c4:23:df:77:71:
ff:63:cf:10:3e:42:90:59:e2:a1:bc:d1:0f:54:ba:35:48:66:
aa:6a:55:80:d1:14:52:74:ba:2e:d0:73:81:ad:fe:6a:89:07:
3b:0e:18:6b:f1:51:05:ad:4e:9a:e3:a0:45:ac:53:75:f1:3c:
41:25:19:02:2e:11:92:ff:17:a1:cd:d1:57:82:0d:68:d1:42:
b7:2e:21:ba:5a:a0:ce:bf:2e:7c:e6:a7:2a:b2:21:b7:13:20:
45:8a:e9:94:6c:96:59:20:09:6c:e6:57:a9:cb:8d:69:75:9c:
31:ff:0c:d9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUR8O8nn5xmSQ7zJEt2NNNxJt9zfIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMwMDhaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkY2FiMGIyN2I5YWU1OWY3OWIwM2EzYzBkNWNhMmMwNGE0MzU1N2U2OTkw
MmE4YTE2ZjVkYjM3YzllNDgxYmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5Z8O23cYJz2FqmEkwk24ge3yK0sqAOS8lbRb4CKrw2lncUlpleC3wMPfhY
s9XpCjDAgd/ILgS5GXkIsSThw9Jds5tCm4K+X/GwX6LdfAoxQNBd52Kv3FSC3HqF
bc4qOGfLK4uyQFBL6j1ZPbMV05GmFfc9T6PvakvDuBmFkI/aEHsj3ZqZFlmdR08+
e67VZHxvOtF5GlxGbN9VJY8tSxW/eEtnbBJE5UBwnm60W44SELv+FN12iYAGgsRK
UQTrLHBOruCMsVRpjSdl5cXw7zdeCG+QudLhvdFr7uGMc7iGApJ/oTLYvpOobLdH
KlcT0WmOBOPKbqR26OfOTFEBYmUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT0fs9E
hanRS8GwjxBABvgE/+BiADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjQ1YjYyYTMtYWJhNi00YmVjLThlNGQtZDc5OGZkMGUxYTczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeA
wDANBgkqhkiG9w0BAQsFAAOCAQEAobNp3knkdapI2tF+pgQdM/q08IHY+2n/RhfN
sM3JmhR6X7M14MGd9H+mPAWZ1kTh7B4UInzKlnYHbPYkwwb5tqsjBCJrk8+Xx2df
upZMPRLsw+kMbEUuoqJPiqaOYCOeyJ7gFIMs+a6A6bAFBlGEoiUEG6uQKkHkJxjH
Fp5A53w0IQ14Vs9ls9grK8Qj33dx/2PPED5CkFniobzRD1S6NUhmqmpVgNEUUnS6
LtBzga3+aokHOw4Ya/FRBa1OmuOgRaxTdfE8QSUZAi4Rkv8Xoc3RV4INaNFCty4h
ulqgzr8ufOanKrIhtxMgRYrplGyWWSAJbOZXqcuNaXWcMf8M2Q==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:46 2025 by rpki-client