Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fc0413-357a-4ddb-84e4-70641635a6c3.roa
File: 35fc0413-357a-4ddb-84e4-70641635a6c3.roa (raw, json)
Hash identifier: w6IAbxDYOtvu7JLS1HOR/scdOA6yTg9OYnrYQRhPdHc=
Subject key identifier: 5F:C0:7A:CF:BF:FE:D8:13:24:CD:2C:18:D2:59:AE:F3:EC:56:59:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71B3CB5B850A76137A9F8998C00AB2D14A04F8C3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fc0413-357a-4ddb-84e4-70641635a6c3.roa
Signing time: Fri 11 Jul 2025 19:50:09 +0000
ROA not before: Fri 11 Jul 2025 19:50:09 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:9040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:b3:cb:5b:85:0a:76:13:7a:9f:89:98:c0:0a:b2:d1:4a:04:f8:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:50:09 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=2ea6615df3d4c48ede0731998373d8c5b53ab10ebdea2b52ea0ce75102f12d82, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3a:12:57:07:a4:d5:6b:97:42:e7:3c:81:e4:
f6:09:3d:35:b1:35:63:08:e9:da:e1:5d:ca:e2:b7:
9c:b8:9d:fe:fe:30:54:90:94:10:ed:51:c4:52:f2:
3a:95:d6:16:fe:49:56:88:0f:f4:10:5f:a2:12:a1:
23:fc:11:3b:cf:47:b1:4c:db:57:b5:35:73:d8:58:
d8:91:2f:49:b8:74:a5:93:0b:79:2d:b0:06:f6:1d:
e4:e4:b5:cc:d9:d5:ca:4d:61:17:94:6b:b9:a4:67:
e6:1f:54:17:7b:94:67:a9:c7:fe:77:39:a7:34:3d:
d8:e7:d5:f1:7f:d1:eb:7e:00:25:48:61:63:23:5f:
db:7d:ba:55:6d:3c:c5:71:cc:c2:32:06:d1:d1:6f:
38:0e:12:70:6b:d0:64:10:f6:cf:64:ea:f4:fa:64:
00:ba:3b:20:8d:12:84:6c:6d:2f:ed:33:61:dc:e5:
03:88:1d:99:05:26:b9:1c:0c:4d:16:07:ad:cd:5a:
f3:01:d4:28:2f:18:ee:47:46:2e:63:5c:cf:d2:6f:
d5:2a:f1:4a:95:54:d1:da:69:a5:2d:a4:38:47:83:
d2:bc:36:c3:4c:2e:c6:db:6f:ef:b3:b4:cf:73:d9:
e4:50:d1:8a:56:1f:03:f1:18:15:e1:bf:9f:9f:4d:
ad:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C0:7A:CF:BF:FE:D8:13:24:CD:2C:18:D2:59:AE:F3:EC:56:59:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fc0413-357a-4ddb-84e4-70641635a6c3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:9040::/46
Signature Algorithm: sha256WithRSAEncryption
58:a6:e3:25:d5:c4:15:20:04:44:85:5c:70:8a:c8:64:98:d1:
8b:f7:ce:7c:62:0e:e2:56:c7:c0:45:2b:b6:13:3c:f5:c3:b4:
59:e1:73:f1:e8:2d:52:73:ad:8b:29:01:a0:da:02:3d:59:89:
4c:5c:dc:f9:e8:48:91:16:e0:01:66:4d:a7:62:6c:44:79:b3:
32:b8:68:6a:04:d8:16:71:cb:fc:33:d1:e0:26:70:a0:f5:3e:
a6:d7:8e:f8:dd:0a:ee:e5:ff:9a:05:4c:7c:da:05:e7:84:45:
57:da:5d:78:81:78:22:47:92:b1:0a:b5:af:e6:6f:83:d8:49:
69:51:fb:49:82:13:55:3e:67:3e:3f:34:e2:d2:24:03:dc:07:
34:7f:da:80:3a:ab:3a:4f:87:e2:4d:fe:2a:c5:24:68:ab:8d:
1b:dd:2d:09:f5:5e:d2:2e:df:72:12:9d:8c:9a:65:71:1d:0f:
8d:3b:ef:4d:c3:d2:04:19:2a:fc:07:a7:62:de:36:48:d8:3d:
f0:6c:22:89:14:be:d5:fd:9e:77:34:be:44:43:f8:cb:c5:0f:
af:ad:5f:2d:f3:c1:0e:14:61:ba:df:2a:6a:d0:f3:7d:a7:81:
0b:20:9a:f5:02:a9:52:f3:23:7f:9f:df:35:73:e8:0d:f7:52:
0d:8c:aa:46
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcbPLW4UKdhN6n4mYwAqy0UoE+MMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUwMDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlYTY2MTVkZjNkNGM0OGVkZTA3MzE5OTgzNzNkOGM1YjUzYWIxMGViZGVh
MmI1MmVhMGNlNzUxMDJmMTJkODIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALs6ElcHpNVrl0LnPIHk9gk9NbE1Ywjp2uFdyuK3nLid/v4wVJCUEO1RxFLy
OpXWFv5JVogP9BBfohKhI/wRO89HsUzbV7U1c9hY2JEvSbh0pZMLeS2wBvYd5OS1
zNnVyk1hF5RruaRn5h9UF3uUZ6nH/nc5pzQ92OfV8X/R634AJUhhYyNf2326VW08
xXHMwjIG0dFvOA4ScGvQZBD2z2Tq9PpkALo7II0ShGxtL+0zYdzlA4gdmQUmuRwM
TRYHrc1a8wHUKC8Y7kdGLmNcz9Jv1SrxSpVU0dpppS2kOEeD0rw2w0wuxttv77O0
z3PZ5FDRilYfA/EYFeG/n59NrScCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRfwHrP
v/7YEyTNLBjSWa7z7FZZuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVmYzA0MTMtMzU3YS00ZGRiLTg0ZTQtNzA2NDE2MzVhNmMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAWKbjJdXEFSAERIVccIrIZJjRi/fOfGIO4lbH
wEUrthM89cO0WeFz8egtUnOtiykBoNoCPVmJTFzc+ehIkRbgAWZNp2JsRHmzMrho
agTYFnHL/DPR4CZwoPU+pteO+N0K7uX/mgVMfNoF54RFV9pdeIF4IkeSsQq1r+Zv
g9hJaVH7SYITVT5nPj804tIkA9wHNH/agDqrOk+H4k3+KsUkaKuNG90tCfVe0i7f
chKdjJplcR0PjTvvTcPSBBkq/AenYt42SNg98GwiiRS+1f2edzS+REP4y8UPr61f
LfPBDhRhut8qatDzfaeBCyCa9QKpUvMjf5/fNXPoDfdSDYyqRg==
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:55:38 2025 by rpki-client