Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
File: 2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa (raw, json)
Hash identifier: SICuXe1zfVvfY3xs4AD/QM5waOBoO0pzWrzkflMIHsk=
Subject key identifier: FD:1B:18:66:9E:5E:E5:55:48:F5:2F:49:8B:79:40:39:AB:CF:EF:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24FA7B9C1A707B4429C9554275BCECB7733243E9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
Signing time: Fri 11 Jul 2025 20:11:41 +0000
ROA not before: Fri 11 Jul 2025 20:11:41 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:fa:7b:9c:1a:70:7b:44:29:c9:55:42:75:bc:ec:b7:73:32:43:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:11:41 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=2c426b522d2c808f3d4b4ab91edbd92043aa6de512cbb35f60b0d56e30a6c1fb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:46:6b:9a:f9:63:6b:7b:44:61:e2:36:90:d5:
db:e5:e9:26:f9:02:da:4a:7d:8e:d2:1d:19:d1:8d:
e6:63:ed:b1:2e:64:1a:49:32:cb:29:bb:50:41:78:
df:63:5b:96:89:7c:00:5f:cc:24:7d:b2:7e:75:48:
eb:73:b4:f5:fe:53:98:be:3e:f6:34:93:8d:fe:61:
04:60:a7:0e:46:67:e5:c7:64:03:88:15:24:7c:4b:
07:4f:c9:0f:46:56:46:a2:ca:3f:32:00:35:1a:c5:
45:e0:1b:cf:3b:a6:59:68:02:b8:f6:bb:73:91:14:
2d:2e:63:a3:7b:15:a0:f6:76:b7:b5:58:74:88:25:
02:8a:a1:fe:e7:bd:d9:3d:aa:8f:57:77:3a:98:f4:
cc:28:a8:34:57:a8:28:dd:f6:c9:4e:20:b0:67:44:
8d:0e:b6:37:52:c6:b3:d4:15:75:3d:cc:de:8b:e4:
06:d9:e2:ae:ec:cf:a9:57:db:f1:86:5e:74:f3:41:
e2:40:45:36:4e:23:2e:85:fd:26:54:a5:41:ea:b2:
23:5f:3b:40:93:77:ae:d8:4e:ce:be:95:6f:ca:25:
2a:db:54:f5:ac:5d:89:31:8c:3c:a8:ad:31:8d:02:
12:40:5b:60:a9:a4:0f:53:7f:05:b8:bc:00:97:22:
ea:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:1B:18:66:9E:5E:E5:55:48:F5:2F:49:8B:79:40:39:AB:CF:EF:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:a000::/40
Signature Algorithm: sha256WithRSAEncryption
8f:57:5f:56:26:90:ea:e9:c1:00:98:87:f8:9f:5f:18:0e:d4:
47:f5:9d:21:e7:40:05:c6:eb:0f:76:59:f6:51:89:5a:8a:b5:
e3:b2:07:e2:68:55:e5:39:15:86:5c:15:e2:2c:a9:a1:55:63:
a5:c3:44:87:10:9d:eb:28:50:7a:51:3c:08:c1:62:8b:d8:d1:
b2:82:dd:af:ad:65:6c:dd:b6:6c:04:7f:97:4e:c2:9f:b0:05:
5c:38:55:0b:93:3c:c9:1d:be:7e:0d:56:c0:93:53:80:a1:7e:
ff:58:a3:68:4b:33:84:af:16:6c:ae:e2:11:cd:7e:29:73:60:
84:35:32:c1:f2:e2:19:54:7c:47:a7:63:cf:6f:9d:66:8a:13:
1c:ef:82:91:b6:0b:e7:f0:57:41:74:55:a5:fa:14:26:cd:c1:
d4:80:26:01:37:f6:7d:7d:79:7b:fe:38:ec:e9:e5:ac:76:14:
f3:96:84:62:5e:11:6e:7e:60:02:83:98:8d:85:06:07:59:a1:
76:86:c8:dd:85:d8:47:d4:91:9a:1a:d4:82:ba:fb:5c:f4:ec:
09:2b:36:57:6e:58:f1:c2:cc:ca:d1:97:02:92:29:8e:5a:f8:
cf:b8:57:45:80:10:f1:77:23:63:f3:19:ae:30:73:3d:f8:2d:
3d:ce:10:3e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJPp7nBpwe0QpyVVCdbzst3MyQ+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDExNDFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjNDI2YjUyMmQyYzgwOGYzZDRiNGFiOTFlZGJkOTIwNDNhYTZkZTUxMmNi
YjM1ZjYwYjBkNTZlMzBhNmMxZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1Ga5r5Y2t7RGHiNpDV2+XpJvkC2kp9jtIdGdGN5mPtsS5kGkkyyym7UEF4
32Nblol8AF/MJH2yfnVI63O09f5TmL4+9jSTjf5hBGCnDkZn5cdkA4gVJHxLB0/J
D0ZWRqLKPzIANRrFReAbzzumWWgCuPa7c5EULS5jo3sVoPZ2t7VYdIglAoqh/ue9
2T2qj1d3Opj0zCioNFeoKN32yU4gsGdEjQ62N1LGs9QVdT3M3ovkBtniruzPqVfb
8YZedPNB4kBFNk4jLoX9JlSlQeqyI187QJN3rthOzr6Vb8olKttU9axdiTGMPKit
MY0CEkBbYKmkD1N/Bbi8AJci6mUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT9Gxhm
nl7lVUj1L0mLeUA5q8/viDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRjN2I1NjQtYzNlMS00OWVmLWE3OGMtZjM2ZjQxMzliNDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hig
MA0GCSqGSIb3DQEBCwUAA4IBAQCPV19WJpDq6cEAmIf4n18YDtRH9Z0h50AFxusP
dln2UYlairXjsgfiaFXlORWGXBXiLKmhVWOlw0SHEJ3rKFB6UTwIwWKL2NGygt2v
rWVs3bZsBH+XTsKfsAVcOFULkzzJHb5+DVbAk1OAoX7/WKNoSzOErxZsruIRzX4p
c2CENTLB8uIZVHxHp2PPb51mihMc74KRtgvn8FdBdFWl+hQmzcHUgCYBN/Z9fXl7
/jjs6eWsdhTzloRiXhFufmACg5iNhQYHWaF2hsjdhdhH1JGaGtSCuvtc9OwJKzZX
bljxwszK0ZcCkimOWvjPuFdFgBDxdyNj8xmuMHM9+C09zhA+
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:32:27 2025 by rpki-client