Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e377775-7db2-4fae-bcbc-22d3b84a24f5.roa
File: 2e377775-7db2-4fae-bcbc-22d3b84a24f5.roa (raw, json)
Hash identifier: VU5RC6lAse/gjOyBnTwLtbUv6EvUXwCyDKCL143siww=
Subject key identifier: 22:65:50:28:0B:DA:11:FD:C6:46:D8:44:E7:FF:32:54:77:A0:AC:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 124FADE94AF91150C3C43A0085D8CAA053DFC2EF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e377775-7db2-4fae-bcbc-22d3b84a24f5.roa
Signing time: Fri 11 Jul 2025 20:00:57 +0000
ROA not before: Fri 11 Jul 2025 20:00:57 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:4f:ad:e9:4a:f9:11:50:c3:c4:3a:00:85:d8:ca:a0:53:df:c2:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:00:57 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=0fa5c72638480e33e360ae1663afebd9a2dd457c2f11110eeef16cc1914fd721, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:80:f9:63:96:af:c4:0e:5f:c8:62:e6:2e:6b:
da:6d:bd:55:29:eb:9e:e9:20:c5:cd:61:f8:7d:88:
ef:96:f5:74:da:a5:bf:60:64:a3:ed:f0:dd:67:54:
eb:f6:61:04:44:06:e2:3d:7b:25:d4:0b:bb:0e:cd:
3e:28:53:36:1d:b4:41:c5:c2:2c:5a:36:9b:a3:8e:
0a:7a:9d:87:45:a2:e9:6c:a4:07:9c:9a:03:d6:ac:
3b:93:d4:09:c4:ab:92:97:ac:27:1a:b9:02:33:e6:
5a:e8:83:b8:e5:74:e1:ee:66:8a:d4:74:34:37:46:
7e:b6:f1:53:f8:46:07:eb:e6:68:a7:60:fd:66:cd:
b6:e3:97:67:6b:2d:18:8b:3a:ac:6c:d1:b2:e8:68:
f7:de:83:7c:bd:0c:30:70:d5:30:02:9a:28:c3:ce:
d5:db:3d:fb:5b:f5:a1:40:04:2a:6e:d1:fb:0a:37:
85:9b:80:6e:3c:f0:56:11:8d:a5:67:83:1f:ac:ca:
c0:51:81:88:cf:73:c9:21:3d:96:49:40:c1:54:f2:
37:35:d1:a8:8a:d0:09:a0:fc:ed:87:d6:60:1d:70:
e7:de:eb:70:e7:05:43:4c:d6:b1:51:77:23:ca:e0:
22:a3:d4:34:4c:a4:9b:fa:63:ef:d1:82:09:fa:26:
cc:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:65:50:28:0B:DA:11:FD:C6:46:D8:44:E7:FF:32:54:77:A0:AC:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e377775-7db2-4fae-bcbc-22d3b84a24f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:b000::/40
Signature Algorithm: sha256WithRSAEncryption
ac:72:67:57:58:ee:1d:28:75:9f:43:fe:23:f3:85:71:71:d7:
b4:40:63:46:49:d0:e7:9b:df:dc:28:87:f7:c1:65:29:04:76:
90:95:7c:21:a7:c5:ff:3e:f0:a1:66:ae:3e:bb:55:b2:c2:9f:
91:4d:30:38:8c:c4:52:fd:c2:b8:33:ce:b7:c2:00:f0:a8:d1:
ff:dd:68:d7:5b:a9:c4:7b:08:e6:32:66:df:09:61:61:cf:57:
9c:9d:bd:5d:4b:1f:82:a9:be:ec:67:3a:6f:f3:2c:1d:da:2e:
08:31:ac:73:03:1e:c7:8a:9e:8b:7d:db:42:a5:db:22:a5:66:
19:75:24:cd:f5:3e:54:4e:8d:29:be:76:db:bb:c6:67:e6:aa:
3b:45:50:c1:32:2d:29:43:df:bc:a7:72:cb:7b:84:8d:7e:24:
57:00:1d:14:d6:d0:0d:af:3e:ec:99:02:fb:8a:0d:42:8e:5c:
32:66:69:44:93:dc:63:9a:e5:26:1f:21:8d:df:ff:b5:ad:91:
c0:a6:69:59:71:1c:25:1f:96:49:dd:74:8f:35:5f:b7:df:0b:
c4:eb:2a:5a:7f:af:a6:70:6c:cf:a5:f4:3b:27:84:d0:c8:ad:
2e:83:ac:95:6d:e3:1c:19:1c:1b:66:44:0c:07:0f:c4:87:10:
84:b3:1b:84
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEk+t6Ur5EVDDxDoAhdjKoFPfwu8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAwNTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmYTVjNzI2Mzg0ODBlMzNlMzYwYWUxNjYzYWZlYmQ5YTJkZDQ1N2MyZjEx
MTEwZWVlZjE2Y2MxOTE0ZmQ3MjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOA+WOWr8QOX8hi5i5r2m29VSnrnukgxc1h+H2I75b1dNqlv2Bko+3w3WdU
6/ZhBEQG4j17JdQLuw7NPihTNh20QcXCLFo2m6OOCnqdh0Wi6WykB5yaA9asO5PU
CcSrkpesJxq5AjPmWuiDuOV04e5mitR0NDdGfrbxU/hGB+vmaKdg/WbNtuOXZ2st
GIs6rGzRsuho996DfL0MMHDVMAKaKMPO1ds9+1v1oUAEKm7R+wo3hZuAbjzwVhGN
pWeDH6zKwFGBiM9zySE9lklAwVTyNzXRqIrQCaD87YfWYB1w597rcOcFQ0zWsVF3
I8rgIqPUNEykm/pj79GCCfomzOsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQiZVAo
C9oR/cZG2ETn/zJUd6CsnjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmUzNzc3NzUtN2RiMi00ZmFlLWJjYmMtMjJkM2I4NGEyNGY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hew
MA0GCSqGSIb3DQEBCwUAA4IBAQCscmdXWO4dKHWfQ/4j84Vxcde0QGNGSdDnm9/c
KIf3wWUpBHaQlXwhp8X/PvChZq4+u1Wywp+RTTA4jMRS/cK4M863wgDwqNH/3WjX
W6nEewjmMmbfCWFhz1ecnb1dSx+Cqb7sZzpv8ywd2i4IMaxzAx7Hip6LfdtCpdsi
pWYZdSTN9T5UTo0pvnbbu8Zn5qo7RVDBMi0pQ9+8p3LLe4SNfiRXAB0U1tANrz7s
mQL7ig1CjlwyZmlEk9xjmuUmHyGN3/+1rZHApmlZcRwlH5ZJ3XSPNV+33wvE6ypa
f6+mcGzPpfQ7J4TQyK0ug6yVbeMcGRwbZkQMBw/EhxCEsxuE
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:36:29 2025 by rpki-client