Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25e5dc44-9b73-42f2-b6d1-c0f559b533bd.roa
File: 25e5dc44-9b73-42f2-b6d1-c0f559b533bd.roa (raw, json)
Hash identifier: w+Tf6md8SAfubcP83v7i2rDZO8pjx4Na7DnhOh27MMc=
Subject key identifier: 4B:22:98:16:D2:A5:35:D7:63:61:63:3C:22:26:31:45:B3:33:EA:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25165BD8D788559D56297F80A26F4EC5C56B19A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25e5dc44-9b73-42f2-b6d1-c0f559b533bd.roa
Signing time: Fri 11 Jul 2025 19:30:51 +0000
ROA not before: Fri 11 Jul 2025 19:30:51 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:20c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:16:5b:d8:d7:88:55:9d:56:29:7f:80:a2:6f:4e:c5:c5:6b:19:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:30:51 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a13a54bf0f7586162c4d42d931b8b2e27b6c03e22fa894a3eb692a1d72321e3b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:98:df:6e:d5:1d:e8:60:63:87:9d:df:e2:7f:
70:34:f8:98:f6:b3:4f:dc:82:64:1c:75:fc:9c:21:
e2:53:49:08:1a:1a:b1:01:42:38:2c:aa:8b:00:eb:
97:ee:90:81:78:77:e5:c4:b6:47:db:7f:5d:3e:c3:
b2:5d:e9:55:46:9e:f9:52:fb:52:28:13:b0:cb:cf:
9a:7b:28:9a:0c:89:cc:31:7f:d2:4b:81:1c:d3:1e:
42:6f:10:e4:8c:39:fc:57:d6:cb:f4:6b:d2:20:00:
57:80:4c:ff:4d:fd:0f:f4:2e:20:46:fb:d6:eb:24:
75:d6:0b:66:20:05:30:5d:5b:0a:65:72:98:7c:8d:
dd:c3:d5:5a:90:03:b9:ca:1d:05:68:29:46:33:27:
80:99:b3:da:88:92:10:5a:f9:07:72:d6:ad:9f:a8:
c1:57:63:4d:80:6c:91:85:be:1a:d3:3f:e8:d3:2a:
a2:c5:e0:be:df:30:06:17:be:7a:c3:71:85:82:2b:
12:ac:c4:0b:f2:d1:b2:9d:b6:8b:75:70:4f:f5:06:
e9:b1:09:71:7a:ee:f9:68:a9:df:e7:bb:8d:e0:9c:
d6:a7:23:2a:52:d3:1b:24:b7:6f:5f:f2:97:d6:ef:
ff:ef:8b:c8:66:1d:bb:e7:fe:e7:a1:25:52:26:10:
5a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:22:98:16:D2:A5:35:D7:63:61:63:3C:22:26:31:45:B3:33:EA:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25e5dc44-9b73-42f2-b6d1-c0f559b533bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:20c0::/46
Signature Algorithm: sha256WithRSAEncryption
51:e6:b8:6e:dc:42:40:c2:b1:fd:7b:e6:c4:1e:76:de:cb:90:
9d:19:c7:a5:5a:1d:f3:a5:3d:4e:53:0e:67:34:0e:83:44:a3:
1e:4e:ac:ef:49:0b:43:01:9a:76:af:14:2f:49:90:fc:eb:17:
1d:32:ca:3f:ea:0a:42:07:76:5b:63:8a:bb:27:ec:65:91:8d:
94:55:9d:bc:e0:96:8f:3f:69:4e:49:03:81:94:4d:a0:ca:45:
a7:48:2f:c6:a3:0c:04:b8:07:d5:f6:dc:b0:56:7c:98:35:26:
f9:33:70:46:8a:06:00:2d:d0:a3:03:de:d0:43:28:bb:0c:2c:
db:a2:57:bf:41:0d:89:4b:d3:d5:1b:e7:e6:e8:ac:56:71:c7:
ee:d6:56:7b:78:6b:eb:8e:a1:12:b1:74:79:09:7e:c4:c2:f9:
76:8e:46:3a:7c:f8:f9:87:54:1c:ac:f1:2b:5e:1d:ca:5f:94:
a9:a4:5a:1d:5a:d1:32:d3:4f:9d:d9:7c:04:01:6c:8c:5a:76:
47:a9:09:e9:4a:dd:35:48:49:f7:a2:39:9d:4d:a5:da:2b:61:
09:db:1d:b7:1d:9d:75:bd:fe:ac:22:4f:07:b0:c6:93:34:aa:
90:1c:16:e0:b4:76:95:48:e2:71:9f:bf:56:0f:b2:cc:90:49:
a7:de:fc:b0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJRZb2NeIVZ1WKX+Aom9OxcVrGaMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMwNTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGExM2E1NGJmMGY3NTg2MTYyYzRkNDJkOTMxYjhiMmUyN2I2YzAzZTIyZmE4
OTRhM2ViNjkyYTFkNzIzMjFlM2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMiY327VHehgY4ed3+J/cDT4mPazT9yCZBx1/Jwh4lNJCBoasQFCOCyqiwDr
l+6QgXh35cS2R9t/XT7Dsl3pVUae+VL7UigTsMvPmnsomgyJzDF/0kuBHNMeQm8Q
5Iw5/FfWy/Rr0iAAV4BM/039D/QuIEb71uskddYLZiAFMF1bCmVymHyN3cPVWpAD
ucodBWgpRjMngJmz2oiSEFr5B3LWrZ+owVdjTYBskYW+GtM/6NMqosXgvt8wBhe+
esNxhYIrEqzEC/LRsp22i3VwT/UG6bEJcXru+Wip3+e7jeCc1qcjKlLTGyS3b1/y
l9bv/++LyGYdu+f+56ElUiYQWn0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRLIpgW
0qU112NhYzwiJjFFszPqGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjVlNWRjNDQtOWI3My00MmYyLWI2ZDEtYzBmNTU5YjUzM2JkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hcg
wDANBgkqhkiG9w0BAQsFAAOCAQEAUea4btxCQMKx/XvmxB523suQnRnHpVod86U9
TlMOZzQOg0SjHk6s70kLQwGadq8UL0mQ/OsXHTLKP+oKQgd2W2OKuyfsZZGNlFWd
vOCWjz9pTkkDgZRNoMpFp0gvxqMMBLgH1fbcsFZ8mDUm+TNwRooGAC3QowPe0EMo
uwws26JXv0ENiUvT1Rvn5uisVnHH7tZWe3hr646hErF0eQl+xML5do5GOnz4+YdU
HKzxK14dyl+UqaRaHVrRMtNPndl8BAFsjFp2R6kJ6UrdNUhJ96I5nU2l2ithCdsd
tx2ddb3+rCJPB7DGkzSqkBwW4LR2lUjicZ+/Vg+yzJBJp978sA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:23:10 2025 by rpki-client