Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
File: 3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa (raw, json)
Hash identifier: ssqkcYU++cVw2GsO6qY5AU1CDUAOLcFUZaC979gf2UM=
Subject key identifier: D2:22:B9:CF:64:10:6C:1E:E1:5C:75:BC:32:E8:3B:BC:F3:FD:07:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65A8B89C749D1F6E62D9442BDAFE7FFF69B88BC0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
Signing time: Tue 15 Jul 2025 00:11:00 +0000
ROA not before: Tue 15 Jul 2025 00:11:00 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d020::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:a8:b8:9c:74:9d:1f:6e:62:d9:44:2b:da:fe:7f:ff:69:b8:8b:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 15 00:11:00 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=cacf90e3445cc84190ac8c5db68c00cea2ec6e1c227141dcdf69f8d1dd0552b7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ae:17:10:1f:35:ca:18:43:1e:2b:1e:fd:7c:
01:ce:ec:89:d2:e1:5d:9f:9f:63:1f:d1:1c:95:41:
bf:4d:9a:3b:1c:7d:0e:77:d6:47:b8:af:32:12:16:
4c:0e:7d:84:ac:94:5e:0a:70:ce:05:b9:b7:75:1e:
98:7a:49:0b:f6:fe:07:0d:c7:59:a0:22:43:22:a7:
74:95:eb:67:70:01:0f:a6:8f:77:4f:d4:c8:56:6c:
89:29:da:a0:e5:35:03:52:57:4f:a9:a8:e4:23:fa:
ad:b7:c0:07:a4:fd:72:5c:96:9f:ca:c3:c7:75:61:
77:e0:5e:8f:2a:93:cb:bb:46:56:a9:ff:ac:3e:53:
ab:64:ab:c2:79:a7:72:1f:ce:51:17:f0:00:2a:d8:
bc:15:e9:33:5c:9e:8e:e0:71:80:59:90:97:cd:a8:
c2:f3:19:c2:5e:74:66:5a:5f:da:27:df:9d:ff:e5:
e7:a1:af:25:a0:01:87:67:26:dc:0d:df:bb:84:5d:
8b:db:e1:11:7a:89:d8:c8:05:6a:ec:36:cb:2b:85:
c6:92:65:84:87:0d:a6:f8:cb:2e:d4:8a:8d:66:bd:
85:a3:f0:ae:92:85:44:f6:bb:a0:3b:3b:25:21:99:
19:a5:9f:2f:46:d7:7e:12:a7:e7:3a:62:62:09:78:
c4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:22:B9:CF:64:10:6C:1E:E1:5C:75:BC:32:E8:3B:BC:F3:FD:07:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d020::/28
Signature Algorithm: sha256WithRSAEncryption
96:50:84:f5:cb:78:5e:c8:fd:8e:41:31:28:e3:49:87:36:94:
f1:52:98:1b:3a:bc:c9:c2:b7:58:dd:97:a0:b4:a1:04:1a:b5:
a5:fa:39:25:b2:4e:30:c8:cd:b2:b7:bd:ce:f0:98:61:d2:34:
d4:ab:fe:9e:df:5f:9d:43:f9:a1:7c:77:1b:d7:78:3c:6f:91:
e6:ca:19:e7:fc:37:9a:eb:a6:eb:36:d5:3e:0f:a2:c4:b2:8c:
87:50:34:1a:a4:6e:fa:36:18:5d:a1:69:15:e2:ed:8b:d9:6f:
83:83:15:f2:5d:93:9a:f2:6a:2b:72:3b:8c:49:57:36:08:f2:
67:49:15:cb:80:c7:d3:96:17:b2:24:78:b7:38:71:c3:ec:9f:
a0:ef:17:57:b1:d0:ad:6e:ef:93:fd:b3:f7:58:c0:10:7b:4b:
22:6c:06:0c:8a:cd:42:3c:1f:b5:43:e3:28:56:63:73:62:43:
ff:5f:e2:bb:ab:1e:b5:70:f1:86:94:a3:21:57:a5:3f:29:9e:
ac:98:0d:ae:ee:65:0b:77:c4:0a:cf:77:ad:c0:2e:c1:1b:d5:
52:ca:eb:0e:08:8e:70:63:f4:40:ef:c1:b2:a0:28:68:3c:ef:
18:e1:74:7e:52:1a:84:12:36:9e:49:03:a2:e2:81:07:a1:ad:
9a:27:59:85
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUZai4nHSdH25i2UQr2v5//2m4i8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTUwMDExMDBaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhY2Y5MGUzNDQ1Y2M4NDE5MGFjOGM1ZGI2OGMwMGNlYTJlYzZlMWMyMjcx
NDFkY2RmNjlmOGQxZGQwNTUyYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCuFxAfNcoYQx4rHv18Ac7sidLhXZ+fYx/RHJVBv02aOxx9DnfWR7ivMhIW
TA59hKyUXgpwzgW5t3UemHpJC/b+Bw3HWaAiQyKndJXrZ3ABD6aPd0/UyFZsiSna
oOU1A1JXT6mo5CP6rbfAB6T9clyWn8rDx3Vhd+BejyqTy7tGVqn/rD5Tq2Srwnmn
ch/OURfwACrYvBXpM1yejuBxgFmQl82owvMZwl50Zlpf2iffnf/l56GvJaABh2cm
3A3fu4Rdi9vhEXqJ2MgFauw2yyuFxpJlhIcNpvjLLtSKjWa9haPwrpKFRPa7oDs7
JSGZGaWfL0bXfhKn5zpiYgl4xNUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTSIrnP
ZBBsHuFcdbwy6Du88/0HHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzEzNmEzMjItZjlkNC00Yzc3LWI0OGItM2E0YTViMmQzZDU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBCoF0CAw
DQYJKoZIhvcNAQELBQADggEBAJZQhPXLeF7I/Y5BMSjjSYc2lPFSmBs6vMnCt1jd
l6C0oQQataX6OSWyTjDIzbK3vc7wmGHSNNSr/p7fX51D+aF8dxvXeDxvkebKGef8
N5rrpus21T4PosSyjIdQNBqkbvo2GF2haRXi7YvZb4ODFfJdk5ryaityO4xJVzYI
8mdJFcuAx9OWF7IkeLc4ccPsn6DvF1ex0K1u75P9s/dYwBB7SyJsBgyKzUI8H7VD
4yhWY3NiQ/9f4rurHrVw8YaUoyFXpT8pnqyYDa7uZQt3xArPd63ALsEb1VLK6w4I
jnBj9EDvwbKgKGg87xjhdH5SGoQSNp5JA6LigQehrZonWYU=
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:16 2025 by rpki-client