Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa
File: 31246558-533e-42f5-8c90-dc91729aa7fa.roa (raw, json)
Hash identifier: 4k6uzIiLjl0tkqcsbl/tt4DEFmn77I0QFyim4+1l0+s=
Subject key identifier: 5C:11:7E:B4:C7:9C:A6:88:30:BA:3F:55:98:18:81:10:38:F2:EB:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0FB3D2000B6DDBF36651FC0A52D7CC656333B692
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa
Signing time: Fri 11 Jul 2025 20:11:01 +0000
ROA not before: Fri 11 Jul 2025 20:11:01 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:b3:d2:00:0b:6d:db:f3:66:51:fc:0a:52:d7:cc:65:63:33:b6:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:11:01 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=318ca1d2a603a25df4a1b36464997af82b2db71a230230a66c54df2224a438a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:85:d5:2a:b4:26:f2:6a:74:4d:4d:a6:5a:6c:
1e:44:a0:4e:9f:ce:11:65:d9:d4:d4:1b:32:2f:81:
56:fe:ad:f4:cc:53:9d:02:27:1d:16:ff:b8:eb:cb:
81:61:64:7a:46:e7:ae:ff:89:1a:6d:68:1e:d8:91:
cd:74:10:4b:3a:f9:1f:18:62:d2:56:fd:d9:cb:5d:
cf:7a:e5:67:64:23:7b:6e:74:5e:33:1a:34:24:77:
7b:16:39:98:e6:fa:de:18:c6:97:53:78:a3:6e:92:
7b:13:f0:5a:db:34:73:ca:10:5e:ec:c7:0d:42:23:
c6:e7:25:46:9a:a5:bf:54:14:1b:38:8a:0b:4b:8a:
62:94:32:36:de:3b:83:75:bf:53:f4:fc:09:55:87:
62:5b:a4:0f:4e:26:e9:50:76:bb:58:e4:07:1c:bc:
c1:c6:f6:b6:0e:be:71:d8:2c:83:ff:93:0b:26:12:
6b:4d:86:e1:17:ee:de:40:ea:28:d9:a3:36:a5:2c:
86:6e:c5:ba:25:72:86:c1:a5:22:b8:6e:67:f5:9e:
ba:7f:62:6c:e6:00:3f:6b:88:1b:eb:69:4c:60:38:
30:73:eb:61:3f:50:44:df:9f:6b:20:87:35:49:b5:
7c:d0:f8:88:66:de:b8:b9:17:ac:ad:13:53:c7:11:
c4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:11:7E:B4:C7:9C:A6:88:30:BA:3F:55:98:18:81:10:38:F2:EB:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:1000::/40
Signature Algorithm: sha256WithRSAEncryption
a0:6d:af:94:5c:0e:f6:4e:81:19:09:bf:4e:66:5f:75:82:20:
33:f0:2f:08:3f:a9:1f:57:80:b4:fe:50:2a:3b:16:1b:34:41:
7a:91:44:5f:98:d5:3e:ad:d7:72:d3:6a:46:ef:16:cf:94:65:
84:b0:55:c8:97:5b:f4:c7:52:0c:ac:15:93:04:20:2e:22:84:
8c:f0:9d:0c:26:02:f6:93:2d:10:7a:91:35:74:4f:9f:bb:b7:
15:9b:1f:de:75:2d:4d:05:0e:de:eb:b6:28:ac:1e:96:32:a6:
93:06:06:a5:84:ac:1a:b8:5b:88:25:92:66:a2:b8:f1:13:a0:
55:19:3f:db:ac:1e:84:18:ff:d1:2e:73:da:27:73:24:cc:a2:
1a:5c:8e:37:f6:e0:0a:f8:c7:ef:16:7e:e4:1f:a6:9b:93:65:
4f:5e:b7:68:b2:80:44:55:bc:49:e8:1a:08:ac:de:e8:1c:bb:
f0:f0:53:1b:45:b1:69:1d:de:05:4d:22:f1:90:14:11:9b:98:
15:a4:f3:74:56:2f:9f:88:8f:6a:3d:f9:0d:bc:33:6c:16:ad:
7a:6a:68:7c:09:71:69:4e:ce:5c:c3:83:68:38:15:29:5a:71:
bc:0b:75:98:13:c4:7e:00:7a:d0:cf:a2:5a:e9:51:49:45:a0:
ca:94:50:27
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD7PSAAtt2/NmUfwKUtfMZWMztpIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDExMDFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxOGNhMWQyYTYwM2EyNWRmNGExYjM2NDY0OTk3YWY4MmIyZGI3MWEyMzAy
MzBhNjZjNTRkZjIyMjRhNDM4YTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANeF1Sq0JvJqdE1NplpsHkSgTp/OEWXZ1NQbMi+BVv6t9MxTnQInHRb/uOvL
gWFkekbnrv+JGm1oHtiRzXQQSzr5Hxhi0lb92ctdz3rlZ2Qje250XjMaNCR3exY5
mOb63hjGl1N4o26SexPwWts0c8oQXuzHDUIjxuclRpqlv1QUGziKC0uKYpQyNt47
g3W/U/T8CVWHYlukD04m6VB2u1jkBxy8wcb2tg6+cdgsg/+TCyYSa02G4Rfu3kDq
KNmjNqUshm7FuiVyhsGlIrhuZ/Weun9ibOYAP2uIG+tpTGA4MHPrYT9QRN+fayCH
NUm1fND4iGbeuLkXrK0TU8cRxIkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRcEX60
x5ymiDC6P1WYGIEQOPLraTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzEyNDY1NTgtNTMzZS00MmY1LThjOTAtZGM5MTcyOWFhN2ZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G0Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCgba+UXA72ToEZCb9OZl91giAz8C8IP6kfV4C0
/lAqOxYbNEF6kURfmNU+rddy02pG7xbPlGWEsFXIl1v0x1IMrBWTBCAuIoSM8J0M
JgL2ky0QepE1dE+fu7cVmx/edS1NBQ7e67YorB6WMqaTBgalhKwauFuIJZJmorjx
E6BVGT/brB6EGP/RLnPaJ3MkzKIaXI439uAK+MfvFn7kH6abk2VPXrdosoBEVbxJ
6BoIrN7oHLvw8FMbRbFpHd4FTSLxkBQRm5gVpPN0Vi+fiI9qPfkNvDNsFq16amh8
CXFpTs5cw4NoOBUpWnG8C3WYE8R+AHrQz6Ja6VFJRaDKlFAn
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:14 2025 by rpki-client