Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
File: 2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa (raw, json)
Hash identifier: YJa53oZhcERet+hdEEcc6t/zrvIahBWakazIXBtF+zY=
Subject key identifier: 89:17:ED:ED:4B:B1:97:BC:5B:D2:E0:38:AF:8B:89:AA:7A:7B:F9:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5756A869141459A16D5F043357F69B285A839E78
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
Signing time: Fri 11 Jul 2025 19:30:47 +0000
ROA not before: Fri 11 Jul 2025 19:30:47 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:56:a8:69:14:14:59:a1:6d:5f:04:33:57:f6:9b:28:5a:83:9e:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:30:47 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=4d0d6bddd1e6bf50d86f81fb0a363a12729d4f9d5fbe07d41ae8ea489acbc856, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:47:e0:41:04:a1:51:9d:9a:59:a8:e2:ea:f1:
3f:8b:f1:be:ea:65:3a:64:d5:bd:54:89:4a:b1:fa:
0c:1d:4c:45:f4:85:dd:f8:2d:b4:19:57:2e:a7:78:
eb:38:fd:c4:04:64:f6:20:93:f2:a6:fc:4d:be:42:
7d:27:37:59:b0:11:94:12:02:da:d8:64:8b:7a:a1:
c6:f4:18:31:33:43:31:df:87:b7:10:55:14:b1:bb:
13:e9:ef:9e:6b:76:b4:c6:c3:99:d8:36:87:4d:8d:
48:82:b0:1a:69:8b:06:f6:ab:6a:fd:a5:bc:f8:a4:
90:97:03:2d:33:67:11:9d:50:df:31:7c:ed:c5:81:
90:82:90:6b:16:b0:2b:48:cd:f0:35:f8:e3:f8:12:
14:23:a8:3e:a9:91:3d:ea:e0:8b:65:93:fd:bc:45:
d8:06:37:c7:6c:3e:fa:33:b9:e2:d0:f5:97:ca:ea:
2c:12:29:cd:c1:78:e2:06:bd:48:bf:8d:1f:58:6b:
9e:6b:4e:5b:09:c2:4e:cd:62:34:fb:d9:27:39:80:
63:e5:bf:eb:66:aa:6b:39:ca:ba:ca:b9:ea:20:54:
1e:a3:c7:73:07:16:a6:72:79:9f:1d:e0:30:00:a2:
14:df:1f:f5:fa:6e:fa:f1:f8:2b:83:91:81:3c:04:
39:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:17:ED:ED:4B:B1:97:BC:5B:D2:E0:38:AF:8B:89:AA:7A:7B:F9:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6000::/40
Signature Algorithm: sha256WithRSAEncryption
50:81:3c:97:5d:6d:cc:f8:d0:85:ef:1c:5e:f2:6b:61:7e:b5:
3e:42:5d:0a:ed:1e:c6:d3:04:4b:86:22:57:91:f6:31:2a:73:
90:6e:9d:d3:65:fe:0d:77:fb:a4:a0:0d:6e:87:72:42:75:d0:
1b:22:c3:69:60:bf:a4:bd:c4:33:a4:7d:c0:7d:42:01:a9:74:
fb:ca:15:54:5d:a9:2a:a9:cd:7b:76:12:8e:77:79:cf:5c:f3:
a0:7b:9d:92:c1:88:72:36:6f:8d:b0:f7:54:2f:60:1f:19:a4:
d7:d4:3d:78:72:b8:24:07:b2:42:e8:d6:17:b6:dd:82:0a:8c:
30:10:60:28:89:ad:74:2c:8c:06:f5:69:09:01:2b:e3:c2:08:
ed:1c:c5:d8:01:bf:c9:41:33:36:93:86:a0:50:12:fb:41:e0:
3f:45:34:e0:7a:fd:2d:4f:d5:ba:05:f5:88:0f:73:13:94:f9:
3b:51:8f:19:2f:42:53:4d:55:62:7f:5b:4d:0c:45:a9:44:65:
86:91:65:da:68:18:c2:fc:68:5c:c6:4b:7c:a5:60:0d:af:87:
de:f2:05:e6:3e:f1:3e:89:d1:1a:b9:86:54:14:5d:67:ee:99:
2d:49:78:ef:b5:53:8c:5f:b4:f3:16:49:cb:df:6a:dc:70:ea:
79:d4:1d:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUV1aoaRQUWaFtXwQzV/abKFqDnngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMwNDdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkMGQ2YmRkZDFlNmJmNTBkODZmODFmYjBhMzYzYTEyNzI5ZDRmOWQ1ZmJl
MDdkNDFhZThlYTQ4OWFjYmM4NTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNH4EEEoVGdmlmo4urxP4vxvuplOmTVvVSJSrH6DB1MRfSF3fgttBlXLqd4
6zj9xARk9iCT8qb8Tb5CfSc3WbARlBIC2thki3qhxvQYMTNDMd+HtxBVFLG7E+nv
nmt2tMbDmdg2h02NSIKwGmmLBvarav2lvPikkJcDLTNnEZ1Q3zF87cWBkIKQaxaw
K0jN8DX44/gSFCOoPqmRPergi2WT/bxF2AY3x2w++jO54tD1l8rqLBIpzcF44ga9
SL+NH1hrnmtOWwnCTs1iNPvZJzmAY+W/62aqaznKusq56iBUHqPHcwcWpnJ5nx3g
MACiFN8f9fpu+vH4K4ORgTwEOR0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSJF+3t
S7GXvFvS4Divi4mqenv5XDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmIwZGUxMmEtZWMxZC00NjViLThmMzgtNjhhMmRkNmExOWRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABg
MA0GCSqGSIb3DQEBCwUAA4IBAQBQgTyXXW3M+NCF7xxe8mthfrU+Ql0K7R7G0wRL
hiJXkfYxKnOQbp3TZf4Nd/ukoA1uh3JCddAbIsNpYL+kvcQzpH3AfUIBqXT7yhVU
Xakqqc17dhKOd3nPXPOge52SwYhyNm+NsPdUL2AfGaTX1D14crgkB7JC6NYXtt2C
CowwEGAoia10LIwG9WkJASvjwgjtHMXYAb/JQTM2k4agUBL7QeA/RTTgev0tT9W6
BfWID3MTlPk7UY8ZL0JTTVVif1tNDEWpRGWGkWXaaBjC/Ghcxkt8pWANr4fe8gXm
PvE+idEauYZUFF1n7pktSXjvtVOMX7TzFknL32rccOp51B1Z
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:13 2025 by rpki-client