Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
File: 248ea861-facc-4167-976d-1e65c556b074.roa (raw, json)
Hash identifier: VxwQ+8w25Sw9ZsNFNBh+CwS1q2NTov3R1PzdKtoU7RY=
Subject key identifier: A0:43:94:23:D4:B6:F8:9A:B5:46:B5:60:39:50:7A:B7:F8:F6:DA:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 44DC15902D81C02492997DA238969EE07E03BDBC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
Signing time: Fri 11 Jul 2025 20:31:38 +0000
ROA not before: Fri 11 Jul 2025 20:31:38 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:dc:15:90:2d:81:c0:24:92:99:7d:a2:38:96:9e:e0:7e:03:bd:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:31:38 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=974311e46d18c78725c36e6b28345d93df342788a8c62186517ece6f71ddea64, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:97:24:81:2f:d6:bc:8a:93:1d:86:f4:a2:80:
04:7f:c2:06:2f:47:e3:2f:4f:7d:12:75:f9:b0:6c:
28:20:a4:ca:53:78:97:73:a1:db:09:9f:79:34:05:
20:a7:90:ac:8f:87:2b:2e:7c:20:32:4a:ae:c8:c8:
76:57:05:22:d1:5a:e4:64:b7:28:db:46:ad:b7:b5:
59:d0:86:b2:9b:5a:b4:75:f4:49:e0:3a:07:be:78:
47:a0:02:e1:74:bf:83:2d:ed:62:43:7a:bb:99:9a:
3f:d6:dc:14:95:76:a0:e3:3c:57:a5:ae:35:4d:c1:
72:dd:2f:c5:54:90:91:1b:0f:5e:d1:66:31:5f:cd:
bc:2f:a7:00:43:9c:f3:54:b6:e3:ba:b8:86:f2:af:
3a:93:d8:9d:6e:5e:a0:98:f8:35:ba:bc:05:5d:f1:
2a:55:bf:6f:bf:04:ba:2c:91:c3:5a:42:ff:c2:be:
58:ab:4a:14:6e:67:88:21:14:6e:d3:14:5a:09:f7:
7d:34:0f:04:29:33:5a:a0:02:9d:31:b9:72:e6:43:
f5:98:df:fb:9f:e8:f2:eb:f1:bc:11:5d:4a:eb:f1:
da:da:08:f9:5e:58:99:09:d5:72:77:e5:8e:09:b4:
1b:02:af:fc:ba:14:84:97:72:1b:43:fa:b6:f2:11:
bf:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:43:94:23:D4:B6:F8:9A:B5:46:B5:60:39:50:7A:B7:F8:F6:DA:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:1000::/40
Signature Algorithm: sha256WithRSAEncryption
a9:73:54:a5:59:19:7d:19:83:70:92:1f:c6:b0:bb:b1:cc:7b:
b2:27:e1:99:be:b8:1e:2f:2d:a9:50:1e:0b:3e:09:9c:d4:ee:
ea:51:cc:c5:ff:b9:d6:b8:e3:98:95:3c:22:be:f7:80:37:a0:
c5:03:43:64:0f:b5:38:b2:48:7d:01:bb:f4:0a:20:60:ee:32:
1c:9d:16:bd:20:91:5a:a1:c3:8f:e0:6b:3f:99:19:0b:b6:53:
b0:24:54:63:67:33:f7:fc:0d:31:56:5a:7f:b7:74:95:07:78:
0b:da:2c:34:3f:20:cb:d7:ec:c3:57:58:3c:93:53:e6:a3:f2:
e2:25:c9:ad:c4:74:f4:6f:4d:a4:d2:49:05:b1:9e:3f:87:db:
be:03:25:38:dc:0f:59:86:5b:8e:32:ff:e9:88:d6:ab:17:6f:
f8:19:7a:bc:7f:bb:7a:e2:f5:3a:56:b1:8f:b9:ee:02:fc:aa:
f4:4d:01:dd:7e:ed:61:b2:73:23:4a:d3:19:46:93:4b:5e:5d:
21:7e:62:67:6f:fe:a1:7c:82:8e:ff:f2:4b:d7:56:8d:8f:20:
0d:99:31:bf:2c:e6:e3:62:21:73:e7:19:83:6e:e1:c6:0c:dd:
a5:2f:4a:d3:b3:91:47:39:ab:fb:16:aa:2d:54:46:61:bd:e9:
d2:a0:31:67
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURNwVkC2BwCSSmX2iOJae4H4DvbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMxMzhaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3NDMxMWU0NmQxOGM3ODcyNWMzNmU2YjI4MzQ1ZDkzZGYzNDI3ODhhOGM2
MjE4NjUxN2VjZTZmNzFkZGVhNjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJOXJIEv1ryKkx2G9KKABH/CBi9H4y9PfRJ1+bBsKCCkylN4l3Oh2wmfeTQF
IKeQrI+HKy58IDJKrsjIdlcFItFa5GS3KNtGrbe1WdCGsptatHX0SeA6B754R6AC
4XS/gy3tYkN6u5maP9bcFJV2oOM8V6WuNU3Bct0vxVSQkRsPXtFmMV/NvC+nAEOc
81S247q4hvKvOpPYnW5eoJj4Nbq8BV3xKlW/b78EuiyRw1pC/8K+WKtKFG5niCEU
btMUWgn3fTQPBCkzWqACnTG5cuZD9Zjf+5/o8uvxvBFdSuvx2toI+V5YmQnVcnfl
jgm0GwKv/LoUhJdyG0P6tvIRvz0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgQ5Qj
1Lb4mrVGtWA5UHq3+PbaOjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjQ4ZWE4NjEtZmFjYy00MTY3LTk3NmQtMWU2NWM1NTZiMDc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCpc1SlWRl9GYNwkh/GsLuxzHuyJ+GZvrgeLy2p
UB4LPgmc1O7qUczF/7nWuOOYlTwivveAN6DFA0NkD7U4skh9Abv0CiBg7jIcnRa9
IJFaocOP4Gs/mRkLtlOwJFRjZzP3/A0xVlp/t3SVB3gL2iw0PyDL1+zDV1g8k1Pm
o/LiJcmtxHT0b02k0kkFsZ4/h9u+AyU43A9ZhluOMv/piNarF2/4GXq8f7t64vU6
VrGPue4C/Kr0TQHdfu1hsnMjStMZRpNLXl0hfmJnb/6hfIKO//JL11aNjyANmTG/
LObjYiFz5xmDbuHGDN2lL0rTs5FHOav7FqotVEZhvenSoDFn
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:48:03 2025 by rpki-client