Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
File: 2ab74891-6199-47fc-bcde-b8022379067c.roa (raw, json)
Hash identifier: rvQdOmW1nyWBmTHQ5Jf9dIZmYTQfYGbR+UFcraTdr5w=
Subject key identifier: 09:C6:71:9E:61:E0:4E:97:62:EC:18:31:40:2E:AE:D5:C7:9B:DD:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1142CCE08094E24F59B97CE3AD77C30A38A40862
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
Signing time: Sat 12 Jul 2025 00:51:26 +0000
ROA not before: Sat 12 Jul 2025 00:51:26 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:42:cc:e0:80:94:e2:4f:59:b9:7c:e3:ad:77:c3:0a:38:a4:08:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:51:26 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=430b74d31dc9aef189905dadd5c805ffb093cb46f20a1eaa26db19d31ff0dd74, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e5:bc:2f:b9:79:ae:25:62:e4:03:5c:1a:69:
b1:ce:f9:e9:ff:40:50:a8:b4:29:59:be:27:41:c2:
92:44:d3:ed:63:0d:17:cb:f3:2c:e5:fd:c7:14:3c:
02:f5:e1:5c:0a:93:03:82:a8:69:9b:64:42:ee:a8:
09:13:1b:58:44:31:f9:d5:be:fb:76:63:87:70:a9:
e0:f1:ff:ae:59:16:00:06:fc:b6:08:09:e8:1d:6e:
ab:00:fe:59:f1:9d:be:be:8f:24:dd:cf:af:d8:5c:
40:dc:fa:d9:d9:72:2c:04:df:d5:ea:84:ad:f3:a6:
5c:cc:93:ca:39:c2:0e:c1:4c:20:22:28:de:7c:de:
2c:39:be:5c:7c:63:74:39:fd:fe:3b:85:df:c1:33:
fd:d0:2d:ba:8c:88:13:39:3a:6e:2d:15:7f:ab:34:
5e:2a:74:22:28:34:d4:55:34:5a:73:d8:f0:17:3b:
4c:0f:01:74:e5:47:1c:5c:0a:78:9b:39:7d:fe:21:
58:ab:7e:24:70:53:fa:93:2a:8a:84:85:74:f4:04:
90:69:15:b6:2f:62:80:32:5b:b2:b2:96:1b:be:94:
0d:c9:2d:22:b2:26:ba:12:05:b6:3f:a1:d6:11:6f:
0a:5e:71:5f:58:7e:17:8a:e0:67:45:05:83:a2:38:
1f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C6:71:9E:61:E0:4E:97:62:EC:18:31:40:2E:AE:D5:C7:9B:DD:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:4000::/40
Signature Algorithm: sha256WithRSAEncryption
72:4b:3b:bb:b3:45:0c:ea:67:d4:30:7e:4a:d1:ca:d3:9f:43:
37:1b:a6:52:cf:91:ac:48:f0:6f:d4:6f:50:cd:0c:d3:82:9c:
ea:ae:b4:7d:dd:51:ec:90:15:4e:7e:9f:2e:13:cb:67:19:5f:
95:ae:8a:16:b9:ef:43:1e:9d:39:93:e6:d6:bd:58:0c:5e:f0:
3c:48:24:01:48:af:48:30:6f:8f:99:16:e0:51:b1:4e:11:66:
fa:8b:a3:b1:1b:0e:2e:16:ea:3a:28:ad:65:ca:18:e7:60:94:
df:7c:f0:e8:21:67:8f:af:37:28:11:b1:fe:81:52:e5:43:a5:
d4:b7:cd:fb:63:c7:8d:b2:a8:94:5e:40:53:1a:f2:b0:2b:9f:
3e:7b:a3:e0:8e:2e:f5:8b:bb:00:35:58:04:6a:07:7a:e5:02:
8c:0b:85:c2:91:93:99:a7:94:20:41:05:89:0a:58:b7:8d:91:
6f:8c:05:c6:a8:b4:12:28:1e:9c:b9:6c:52:be:f1:e0:6b:dd:
93:71:91:cf:e7:7d:5f:fc:5a:d9:7f:6a:2a:d1:29:78:a6:2f:
f2:80:55:f7:df:54:a5:80:62:eb:fa:f3:01:a9:42:2b:57:6e:
e0:a8:03:f7:3b:dc:9a:16:42:57:e9:79:95:8a:79:df:4a:70:
29:4d:24:1b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEULM4ICU4k9ZuXzjrXfDCjikCGIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUxMjZaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzMGI3NGQzMWRjOWFlZjE4OTkwNWRhZGQ1YzgwNWZmYjA5M2NiNDZmMjBh
MWVhYTI2ZGIxOWQzMWZmMGRkNzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHlvC+5ea4lYuQDXBppsc756f9AUKi0KVm+J0HCkkTT7WMNF8vzLOX9xxQ8
AvXhXAqTA4KoaZtkQu6oCRMbWEQx+dW++3Zjh3Cp4PH/rlkWAAb8tggJ6B1uqwD+
WfGdvr6PJN3Pr9hcQNz62dlyLATf1eqErfOmXMyTyjnCDsFMICIo3nzeLDm+XHxj
dDn9/juF38Ez/dAtuoyIEzk6bi0Vf6s0Xip0Iig01FU0WnPY8Bc7TA8BdOVHHFwK
eJs5ff4hWKt+JHBT+pMqioSFdPQEkGkVti9igDJbsrKWG76UDcktIrImuhIFtj+h
1hFvCl5xX1h+F4rgZ0UFg6I4H1MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQJxnGe
YeBOl2LsGDFALq7Vx5vdmjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmFiNzQ4OTEtNjE5OS00N2ZjLWJjZGUtYjgwMjIzNzkwNjdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhA
MA0GCSqGSIb3DQEBCwUAA4IBAQBySzu7s0UM6mfUMH5K0crTn0M3G6ZSz5GsSPBv
1G9QzQzTgpzqrrR93VHskBVOfp8uE8tnGV+VrooWue9DHp05k+bWvVgMXvA8SCQB
SK9IMG+PmRbgUbFOEWb6i6OxGw4uFuo6KK1lyhjnYJTffPDoIWePrzcoEbH+gVLl
Q6XUt837Y8eNsqiUXkBTGvKwK58+e6Pgji71i7sANVgEagd65QKMC4XCkZOZp5Qg
QQWJCli3jZFvjAXGqLQSKB6cuWxSvvHga92TcZHP531f/FrZf2oq0Sl4pi/ygFX3
31SlgGLr+vMBqUIrV27gqAP3O9yaFkJX6XmVinnfSnApTSQb
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:35 2025 by rpki-client