Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
File: 2cee858e-c572-427b-8123-23b2e05abc40.roa (raw, json)
Hash identifier: 8dXeOw+qI9vai9nQqKoiIALxGY4K8Lc3COhPPJeuovM=
Subject key identifier: BF:CD:9F:61:74:59:B4:1D:35:F3:25:C9:B1:B2:7F:24:32:CA:B9:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 430BED4078A4D8306DE84D9A1E4CFF9FCD433FFD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
Signing time: Fri 11 Jul 2025 18:40:07 +0000
ROA not before: Fri 11 Jul 2025 18:40:07 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:0b:ed:40:78:a4:d8:30:6d:e8:4d:9a:1e:4c:ff:9f:cd:43:3f:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:40:07 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=471d113bceb7f99a9433145fd6bf9915f9026f9db8104b029a907c9848345821, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:dd:87:9d:d0:84:f8:4e:92:0b:03:9e:ff:bc:
c6:b9:a7:cc:0b:83:09:72:f7:f9:11:5a:44:b8:8a:
5d:df:94:8d:2a:82:84:46:0f:e4:af:d4:1c:e7:d1:
65:e1:02:ba:a4:d2:3c:40:55:b0:ae:af:10:3d:45:
50:13:2a:66:ce:c9:1d:30:74:57:75:d1:53:5d:65:
44:ff:c1:02:5d:44:09:61:af:41:ef:82:7c:38:04:
2a:e5:ac:b1:88:fe:97:fa:21:4b:b1:78:e4:c0:d5:
c9:38:8a:a3:0e:26:48:f5:d0:bb:2a:ad:18:5a:b1:
09:75:35:5e:aa:7a:20:23:c1:07:9b:04:bf:71:96:
3e:18:b2:2f:48:76:17:71:0c:1a:ca:57:68:44:a9:
b6:5e:61:99:91:61:83:90:a0:9a:47:6c:c6:9e:47:
aa:50:95:f6:a7:51:5d:be:a4:b3:d3:65:aa:8b:2b:
fb:52:e5:ad:9f:fa:bf:a3:1c:e6:ff:1f:5c:7c:6c:
c2:ca:79:b8:c8:63:08:73:1f:77:2e:ed:c2:f5:9d:
0f:58:fb:71:84:c4:56:8b:1e:19:ba:17:43:ed:e9:
57:4a:cb:b9:ef:96:ee:8b:44:97:e5:4e:7b:a7:0d:
13:c9:bb:a9:cd:1a:da:72:99:98:66:89:f4:eb:2f:
9c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:CD:9F:61:74:59:B4:1D:35:F3:25:C9:B1:B2:7F:24:32:CA:B9:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c080::/48
Signature Algorithm: sha256WithRSAEncryption
17:e7:a4:b1:68:7a:7f:6b:a4:ba:ba:71:3f:2c:0d:46:e4:6d:
fb:22:50:2d:cb:ed:d0:17:14:ab:4b:98:31:14:4b:28:3f:7e:
5a:7f:e8:ca:bb:71:3e:e1:d4:5b:f5:14:d7:64:00:8a:a6:28:
3b:06:b6:52:43:e4:30:c9:03:fa:cb:9c:c3:29:4e:f0:bb:a1:
16:40:37:45:9e:a6:53:99:f5:5c:a2:55:c8:c0:09:e3:48:71:
77:73:7f:5c:c3:ad:16:72:c7:49:43:72:97:02:d0:cd:0f:d2:
56:c9:fe:67:7c:ea:fe:ad:cc:80:d9:e0:3b:10:87:13:fe:64:
c7:23:25:5f:ec:ad:f9:8e:01:1d:67:4e:43:8d:b4:8d:af:de:
5f:e3:75:05:3e:e7:0e:5e:24:66:69:9a:64:22:74:9a:f8:e7:
4c:e5:84:73:92:d1:49:c4:fc:77:f4:33:e4:c4:00:cf:93:b9:
12:6d:4d:59:f0:d3:5c:34:f8:c6:6b:e7:45:a8:32:75:a0:50:
42:c0:ec:1a:2a:e4:44:8b:38:d7:96:0f:af:9b:ec:47:e9:54:
27:f1:c5:45:cd:22:38:8e:aa:b9:ef:9c:6d:99:3e:b9:e6:e6:
1f:5b:fe:17:6a:cf:89:b1:6e:b2:c8:08:1d:06:36:7c:40:c5:
d0:2d:0b:0e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQwvtQHik2DBt6E2aHkz/n81DP/0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQwMDdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3MWQxMTNiY2ViN2Y5OWE5NDMzMTQ1ZmQ2YmY5OTE1ZjkwMjZmOWRiODEw
NGIwMjlhOTA3Yzk4NDgzNDU4MjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3dh53QhPhOkgsDnv+8xrmnzAuDCXL3+RFaRLiKXd+UjSqChEYP5K/UHOfR
ZeECuqTSPEBVsK6vED1FUBMqZs7JHTB0V3XRU11lRP/BAl1ECWGvQe+CfDgEKuWs
sYj+l/ohS7F45MDVyTiKow4mSPXQuyqtGFqxCXU1Xqp6ICPBB5sEv3GWPhiyL0h2
F3EMGspXaESptl5hmZFhg5Cgmkdsxp5HqlCV9qdRXb6ks9Nlqosr+1LlrZ/6v6Mc
5v8fXHxswsp5uMhjCHMfdy7twvWdD1j7cYTEVoseGboXQ+3pV0rLue+W7otEl+VO
e6cNE8m7qc0a2nKZmGaJ9OsvnOUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS/zZ9h
dFm0HTXzJcmxsn8kMsq55zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmNlZTg1OGUtYzU3Mi00MjdiLTgxMjMtMjNiMmUwNWFiYzQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
gDANBgkqhkiG9w0BAQsFAAOCAQEAF+eksWh6f2ukurpxPywNRuRt+yJQLcvt0BcU
q0uYMRRLKD9+Wn/oyrtxPuHUW/UU12QAiqYoOwa2UkPkMMkD+sucwylO8LuhFkA3
RZ6mU5n1XKJVyMAJ40hxd3N/XMOtFnLHSUNylwLQzQ/SVsn+Z3zq/q3MgNngOxCH
E/5kxyMlX+yt+Y4BHWdOQ420ja/eX+N1BT7nDl4kZmmaZCJ0mvjnTOWEc5LRScT8
d/Qz5MQAz5O5Em1NWfDTXDT4xmvnRagydaBQQsDsGirkRIs415YPr5vsR+lUJ/HF
Rc0iOI6que+cbZk+uebmH1v+F2rPibFussgIHQY2fEDF0C0LDg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:45 2025 by rpki-client