Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35f0e19e-59f2-44f3-b0bf-e80d9fe0b48b.roa
File: 35f0e19e-59f2-44f3-b0bf-e80d9fe0b48b.roa (raw, json)
Hash identifier: PPtVtK8r+aO4eR3sPgJak7Cl/edb93UMW3DiHhQF8pI=
Subject key identifier: D5:49:F0:5E:B3:9C:48:F3:94:66:35:F6:00:BE:9F:E0:FA:D0:F3:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F3361DA066DEBE8B323D66D0A54F1C4AE7CF324
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35f0e19e-59f2-44f3-b0bf-e80d9fe0b48b.roa
Signing time: Tue 01 Jul 2025 15:10:20 +0000
ROA not before: Tue 01 Jul 2025 15:10:20 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:33:61:da:06:6d:eb:e8:b3:23:d6:6d:0a:54:f1:c4:ae:7c:f3:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:10:20 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=8939b654ac7e7dbea47b10db392239aa1c8d7d8d102e959bab886735be31aba7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f6:73:bf:3a:6c:a2:f2:da:05:72:85:13:f0:
05:b2:f9:f4:b0:3b:c6:f2:51:d1:5f:65:34:88:7b:
a9:2e:e8:23:4c:d1:c7:69:9c:f1:b3:1a:6d:54:61:
f8:8c:34:c2:a4:a5:b7:89:a6:eb:20:55:c8:0f:dd:
c5:95:b0:3a:95:f3:f6:99:ab:c6:a6:29:29:3a:8f:
97:93:93:da:4a:76:09:9e:da:40:87:19:66:3a:a5:
ee:12:d0:ed:7d:6d:d6:d3:9e:30:42:6e:d1:5a:6b:
69:62:02:b0:1c:79:4b:7b:15:5d:09:74:2e:51:c6:
ca:80:33:3b:cf:35:bf:45:96:62:01:e8:29:83:e7:
8e:df:c3:f5:f0:d7:29:af:2b:cd:5a:e9:6d:d3:53:
58:61:d0:0f:d6:9c:66:86:de:19:fd:06:8d:02:e8:
8c:45:6d:fc:65:5a:5c:62:ad:af:9c:21:58:fa:45:
c8:d9:89:04:95:85:4e:60:38:d0:58:1c:79:e5:6f:
e0:aa:42:3d:04:27:f1:c0:e0:fa:d6:75:2b:67:bf:
65:5f:f5:e0:5d:d3:3d:ff:f2:fd:8b:c9:f0:48:d6:
0e:a3:99:d7:90:21:6c:d7:f3:c4:b1:4a:ea:13:eb:
40:04:4c:08:00:57:34:7c:15:95:5e:ac:1e:ad:93:
5d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:49:F0:5E:B3:9C:48:F3:94:66:35:F6:00:BE:9F:E0:FA:D0:F3:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35f0e19e-59f2-44f3-b0bf-e80d9fe0b48b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:b000::/40
Signature Algorithm: sha256WithRSAEncryption
4f:1a:1f:1e:88:c5:b3:9a:26:d3:af:cc:7a:8e:03:ea:75:e6:
1b:24:f2:31:41:71:d5:02:28:83:ab:00:f9:d1:57:d0:4b:8a:
42:82:c7:4b:25:ce:fd:2e:44:7a:7c:67:e8:c7:9e:24:8f:b7:
18:c4:77:03:03:bc:69:cc:00:fe:4f:4b:ee:f5:95:1c:5e:f1:
0a:56:e1:f5:be:d1:5e:fc:10:eb:4a:47:53:c5:06:cd:12:84:
6d:a0:70:ae:86:02:16:92:b3:28:09:64:e2:15:1c:93:bf:12:
3b:8e:d2:5b:78:a1:ee:ad:5b:05:3f:e7:ab:b9:c4:81:4f:be:
9c:72:2e:b5:3b:f0:99:9a:9a:9d:68:38:6a:c6:8e:f1:1e:2e:
88:fd:a0:88:2f:e0:70:ec:11:97:2e:f0:18:82:1f:a4:5f:63:
e3:6b:37:2f:a9:15:e9:7a:08:93:9d:1c:e4:62:39:4c:a1:7f:
0a:4b:53:ed:18:7a:0c:9b:52:46:18:97:99:8d:40:98:f1:92:
90:62:65:e1:60:c3:61:b3:f4:af:5a:81:b6:03:e1:b3:f8:84:
ba:9d:33:c5:af:67:c2:5c:31:53:56:c5:da:4f:88:2b:a5:1c:
5c:3e:7c:f1:a7:d8:05:cc:e9:c1:00:db:a1:d1:5b:d9:bf:1e:
22:f5:0b:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTzNh2gZt6+izI9ZtClTxxK588yQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTEwMjBaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5MzliNjU0YWM3ZTdkYmVhNDdiMTBkYjM5MjIzOWFhMWM4ZDdkOGQxMDJl
OTU5YmFiODg2NzM1YmUzMWFiYTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANf2c786bKLy2gVyhRPwBbL59LA7xvJR0V9lNIh7qS7oI0zRx2mc8bMabVRh
+Iw0wqSlt4mm6yBVyA/dxZWwOpXz9pmrxqYpKTqPl5OT2kp2CZ7aQIcZZjql7hLQ
7X1t1tOeMEJu0VpraWICsBx5S3sVXQl0LlHGyoAzO881v0WWYgHoKYPnjt/D9fDX
Ka8rzVrpbdNTWGHQD9acZobeGf0GjQLojEVt/GVaXGKtr5whWPpFyNmJBJWFTmA4
0FgceeVv4KpCPQQn8cDg+tZ1K2e/ZV/14F3TPf/y/YvJ8EjWDqOZ15AhbNfzxLFK
6hPrQARMCABXNHwVlV6sHq2TXY8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVSfBe
s5xI85RmNfYAvp/g+tDzbzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVmMGUxOWUtNTlmMi00NGYzLWIwYmYtZTgwZDlmZTBiNDhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCw
MA0GCSqGSIb3DQEBCwUAA4IBAQBPGh8eiMWzmibTr8x6jgPqdeYbJPIxQXHVAiiD
qwD50VfQS4pCgsdLJc79LkR6fGfox54kj7cYxHcDA7xpzAD+T0vu9ZUcXvEKVuH1
vtFe/BDrSkdTxQbNEoRtoHCuhgIWkrMoCWTiFRyTvxI7jtJbeKHurVsFP+erucSB
T76cci61O/CZmpqdaDhqxo7xHi6I/aCIL+Bw7BGXLvAYgh+kX2PjazcvqRXpegiT
nRzkYjlMoX8KS1PtGHoMm1JGGJeZjUCY8ZKQYmXhYMNhs/SvWoG2A+Gz+IS6nTPF
r2fCXDFTVsXaT4grpRxcPnzxp9gFzOnBANuh0VvZvx4i9QsH
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:13 2025 by rpki-client