Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
File: 2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa (raw, json)
Hash identifier: soK8SfQ65y3bW1fpFFYn1waMDwwM5Xxu1+1FuvSD4BA=
Subject key identifier: 95:2F:3E:E1:FE:C5:35:3C:B5:05:B7:8B:B7:08:C1:3B:F1:1C:03:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B2305D4D966B349C67982AE46FFC4FA79CF1402
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
Signing time: Fri 11 Jul 2025 20:30:59 +0000
ROA not before: Fri 11 Jul 2025 20:30:59 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:23:05:d4:d9:66:b3:49:c6:79:82:ae:46:ff:c4:fa:79:cf:14:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:30:59 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=8672d2e06fc060e8e002fcbc64181fd5b3869a5d80e7cb202b902b6569e2fdeb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fe:2d:cd:c0:e3:f5:81:08:5b:12:19:76:2b:
15:fe:6a:26:53:27:68:22:2e:50:51:07:7d:63:bd:
50:ea:bf:a7:90:0a:30:d1:eb:cf:19:bf:41:40:72:
3f:7a:78:21:d9:c0:02:40:ba:59:58:6f:9c:4e:79:
ff:66:ce:34:09:d1:4a:01:d3:69:72:67:5d:da:e8:
d3:7b:a9:15:8a:72:3d:1f:60:cf:de:ff:58:7d:e8:
76:15:c1:61:16:6a:f6:d7:54:89:cf:05:b5:18:70:
01:09:40:15:11:fa:27:82:04:bf:89:ed:d7:bd:a3:
fd:1e:d2:86:cf:d9:37:c0:f3:67:22:70:3a:63:37:
91:18:27:ef:62:b8:83:96:09:b3:b4:20:0a:54:1f:
4b:e0:02:da:b8:97:c2:15:96:e9:ab:57:54:ad:d7:
90:d3:fd:d3:68:bd:4e:ad:47:a9:50:22:66:44:32:
d2:29:bf:38:f6:95:e0:03:15:8c:84:18:78:1d:56:
d1:1e:87:ff:85:2c:ad:90:90:c4:61:c0:94:ef:33:
77:2f:a7:5e:ab:4b:be:2e:b7:ad:50:d1:ea:51:e6:
32:5c:64:bf:f0:6b:1e:cf:07:90:c2:d6:42:9d:80:
7f:e1:5c:8b:0a:8b:ac:f7:d7:03:a9:13:24:ae:b2:
17:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:2F:3E:E1:FE:C5:35:3C:B5:05:B7:8B:B7:08:C1:3B:F1:1C:03:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:9000::/40
Signature Algorithm: sha256WithRSAEncryption
47:3e:39:22:75:6c:bd:48:34:30:99:b3:34:0f:17:ed:ff:8d:
f3:20:44:ea:2b:45:7f:e2:46:e9:0d:2e:50:e6:be:06:53:1c:
fc:cb:eb:ad:01:11:f4:f0:96:db:93:a3:52:89:1a:95:7c:c3:
49:d4:0d:8f:86:0a:8c:fa:8e:1c:1f:69:6a:c0:3c:67:ba:5e:
0f:6f:6a:67:98:f3:6d:99:19:43:b0:e6:5f:16:a2:70:a9:fa:
79:9f:df:a8:95:bd:ef:e8:e4:05:42:b3:44:f6:22:d7:7d:d2:
96:d8:3a:54:e1:e0:b4:b5:91:39:75:f1:2f:2d:54:02:11:3c:
e1:86:50:23:a5:42:b4:4d:b1:35:8c:8f:5c:b7:2d:09:64:bc:
5a:56:6a:92:55:cc:64:52:91:99:5b:aa:cd:8f:75:ce:1d:51:
a8:ec:ea:94:e5:df:02:d4:7a:ac:c1:bc:07:6c:59:d5:f0:58:
d4:de:ee:90:08:cf:ad:9d:ab:de:79:58:25:52:18:3c:fe:1c:
c1:61:9b:77:a4:e6:35:02:2f:8d:ed:72:a7:84:90:6f:ea:37:
c9:2c:4e:0a:1c:28:97:ee:9e:ac:6e:fd:94:ba:4c:8b:c1:1e:
47:c2:d7:83:54:34:26:cf:39:3e:c8:ad:3d:68:88:81:d3:54:
9f:94:49:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWyMF1Nlms0nGeYKuRv/E+nnPFAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMwNTlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2NzJkMmUwNmZjMDYwZThlMDAyZmNiYzY0MTgxZmQ1YjM4NjlhNWQ4MGU3
Y2IyMDJiOTAyYjY1NjllMmZkZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALT+Lc3A4/WBCFsSGXYrFf5qJlMnaCIuUFEHfWO9UOq/p5AKMNHrzxm/QUBy
P3p4IdnAAkC6WVhvnE55/2bONAnRSgHTaXJnXdro03upFYpyPR9gz97/WH3odhXB
YRZq9tdUic8FtRhwAQlAFRH6J4IEv4nt172j/R7Shs/ZN8DzZyJwOmM3kRgn72K4
g5YJs7QgClQfS+AC2riXwhWW6atXVK3XkNP902i9Tq1HqVAiZkQy0im/OPaV4AMV
jIQYeB1W0R6H/4UsrZCQxGHAlO8zdy+nXqtLvi63rVDR6lHmMlxkv/BrHs8HkMLW
Qp2Af+FciwqLrPfXA6kTJK6yFw8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSVLz7h
/sU1PLUFt4u3CME78RwDuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRmYjIwMmYtNjIwMi00OGRhLWEzYjMtOTRmMWFjMDAwYmM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBHPjkidWy9SDQwmbM0Dxft/43zIETqK0V/4kbp
DS5Q5r4GUxz8y+utARH08Jbbk6NSiRqVfMNJ1A2PhgqM+o4cH2lqwDxnul4Pb2pn
mPNtmRlDsOZfFqJwqfp5n9+olb3v6OQFQrNE9iLXfdKW2DpU4eC0tZE5dfEvLVQC
ETzhhlAjpUK0TbE1jI9cty0JZLxaVmqSVcxkUpGZW6rNj3XOHVGo7OqU5d8C1Hqs
wbwHbFnV8FjU3u6QCM+tnaveeVglUhg8/hzBYZt3pOY1Ai+N7XKnhJBv6jfJLE4K
HCiX7p6sbv2UukyLwR5HwteDVDQmzzk+yK09aIiB01SflEn6
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:14 2025 by rpki-client