Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
File: 28181159-5695-4944-b901-f84b836b4d8f.roa (raw, json)
Hash identifier: rX+QtjQVpq05arcYGRQzI6e18AP3uvnmQMLgMz8tinw=
Subject key identifier: 6D:EF:8D:80:20:B0:66:26:9E:04:7A:32:78:61:C6:D3:94:EA:7C:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7476BE9A538FD3A9C4C91140B9EC15E6865F1F73
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
Signing time: Fri 04 Jul 2025 18:30:07 +0000
ROA not before: Fri 04 Jul 2025 18:30:07 +0000
ROA not after: Fri 08 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:76:be:9a:53:8f:d3:a9:c4:c9:11:40:b9:ec:15:e6:86:5f:1f:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 4 18:30:07 2025 GMT
Not After : Aug 8 23:59:59 2025 GMT
Subject: serialNumber=906d1ec9e5ffe7aa0494a8cd4f7908c985bf3c88e7c8112ca67ea42160d2a464, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d7:bd:18:8b:5e:93:7b:59:e4:5b:fd:7f:1d:
8a:40:8e:38:81:06:13:96:39:a1:d3:a1:80:03:7d:
31:c3:02:c7:2d:72:f0:21:79:48:80:45:f5:49:9d:
e8:5b:f5:c8:61:03:ac:b7:2c:22:d2:4d:cb:88:03:
78:60:99:3b:55:65:30:31:38:a8:b4:cc:2b:11:95:
90:a8:48:52:c1:09:c2:df:ee:b9:68:77:dc:30:78:
5e:98:f8:2b:67:4f:23:3a:e1:67:53:7e:d1:6c:64:
0d:4d:65:44:f9:57:db:36:95:af:d3:b4:27:60:3b:
30:49:bb:6c:c5:ab:7d:2f:ca:b3:43:e0:a6:b8:ac:
17:5b:08:3f:4f:cc:ba:b0:d8:13:96:dc:89:c3:0e:
34:df:e5:6c:6f:b7:9c:dd:d2:20:3c:e3:e8:94:ec:
b3:3f:a1:9c:8c:4d:72:7d:70:a5:13:27:cb:da:93:
64:68:74:25:80:c4:ee:23:5e:94:6d:d7:e7:e9:ca:
24:4c:3b:5a:00:a5:ca:ac:77:5d:48:d0:a6:51:43:
36:dc:84:32:d5:2c:56:ec:7e:97:35:0e:f8:e0:8a:
7c:21:d9:f3:39:20:ad:a9:76:57:e4:ad:f4:81:08:
2b:c7:95:6f:fc:5a:7e:09:c1:1b:d2:64:b8:e0:16:
a1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:EF:8D:80:20:B0:66:26:9E:04:7A:32:78:61:C6:D3:94:EA:7C:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:9000::/40
Signature Algorithm: sha256WithRSAEncryption
4e:42:05:57:77:fc:82:e1:4c:3b:ef:e6:82:ec:e8:93:00:1f:
5b:c6:be:3d:44:57:0d:6c:d5:3b:12:79:75:9d:eb:72:3f:49:
46:31:70:6a:01:26:79:85:48:10:f6:c2:08:4e:6f:56:01:2f:
43:2c:c7:dd:6f:92:dc:c1:85:91:2f:50:6b:47:71:3a:d4:69:
38:0f:25:e9:5d:35:45:6e:07:28:13:ca:d6:03:01:f3:07:8c:
97:97:ef:a4:40:2d:64:b3:f7:62:35:4b:9e:2a:2d:6b:17:96:
79:c6:1d:d9:e0:bb:ad:f0:07:77:b7:7f:6d:8f:21:68:27:94:
e9:fd:9a:3f:d3:6c:28:cc:84:92:24:3c:45:2c:bd:be:7c:fa:
7d:3f:27:fa:2d:bc:1d:f6:9e:a2:e5:2a:d0:fd:f1:56:5c:77:
9b:b4:b2:2f:7b:48:9f:82:f5:c8:c7:f5:29:70:f8:e7:21:97:
34:57:05:58:dc:7b:38:36:1a:e0:0a:4d:10:6b:b0:64:e9:a1:
39:bc:ac:e8:82:70:cf:22:e2:5a:6c:40:19:c1:32:d4:6b:00:
77:88:b6:b9:30:fc:1f:a4:83:11:b8:fc:25:dd:ed:2d:f1:02:
df:ba:a2:76:dd:0c:38:82:5c:1f:85:0d:ad:20:b4:90:a7:4b:
07:60:2f:1f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdHa+mlOP06nEyRFAuewV5oZfH3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDQxODMwMDdaFw0yNTA4MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwNmQxZWM5ZTVmZmU3YWEwNDk0YThjZDRmNzkwOGM5ODViZjNjODhlN2M4
MTEyY2E2N2VhNDIxNjBkMmE0NjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTXvRiLXpN7WeRb/X8dikCOOIEGE5Y5odOhgAN9McMCxy1y8CF5SIBF9Umd
6Fv1yGEDrLcsItJNy4gDeGCZO1VlMDE4qLTMKxGVkKhIUsEJwt/uuWh33DB4Xpj4
K2dPIzrhZ1N+0WxkDU1lRPlX2zaVr9O0J2A7MEm7bMWrfS/Ks0PgprisF1sIP0/M
urDYE5bcicMONN/lbG+3nN3SIDzj6JTssz+hnIxNcn1wpRMny9qTZGh0JYDE7iNe
lG3X5+nKJEw7WgClyqx3XUjQplFDNtyEMtUsVux+lzUO+OCKfCHZ8zkgral2V+St
9IEIK8eVb/xafgnBG9JkuOAWodECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRt742A
ILBmJp4EejJ4YcbTlOp8fzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjgxODExNTktNTY5NS00OTQ0LWI5MDEtZjg0YjgzNmI0ZDhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBOQgVXd/yC4Uw77+aC7OiTAB9bxr49RFcNbNU7
Enl1netyP0lGMXBqASZ5hUgQ9sIITm9WAS9DLMfdb5LcwYWRL1BrR3E61Gk4DyXp
XTVFbgcoE8rWAwHzB4yXl++kQC1ks/diNUueKi1rF5Z5xh3Z4Lut8Ad3t39tjyFo
J5Tp/Zo/02wozISSJDxFLL2+fPp9Pyf6Lbwd9p6i5SrQ/fFWXHebtLIve0ifgvXI
x/UpcPjnIZc0VwVY3Hs4NhrgCk0Qa7Bk6aE5vKzognDPIuJabEAZwTLUawB3iLa5
MPwfpIMRuPwl3e0t8QLfuqJ23Qw4glwfhQ2tILSQp0sHYC8f
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:32 2025 by rpki-client