Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
File: 376be0fe-aebc-4855-80a4-ea95cf413b51.roa (raw, json)
Hash identifier: L4yHK+pPoHYVNsu+juWZvQ/G4CR3yoQhGYTfYk6JMYI=
Subject key identifier: 24:95:37:97:7E:45:4B:71:ED:8B:EE:63:B5:63:EE:91:FB:36:73:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3DC3F5B690BEAF20163DB8E087DFBC3D1C97E012
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
Signing time: Mon 21 Jul 2025 16:50:22 +0000
ROA not before: Mon 21 Jul 2025 16:50:22 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:c3:f5:b6:90:be:af:20:16:3d:b8:e0:87:df:bc:3d:1c:97:e0:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:50:22 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=367775b430496802716ab42b31bd7a862f823898631cbc31e3b00aca3a04bd3e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4c:9c:97:c8:d1:ef:9f:f4:54:63:de:3e:fe:
24:da:68:63:0a:a5:c9:b9:3c:ce:c7:44:b7:40:c8:
ea:72:13:fe:bd:ff:6d:f8:47:5a:3c:c7:b9:9f:6c:
1f:7c:a4:8f:96:5b:95:6f:3b:44:15:0f:b1:aa:44:
03:71:fd:0a:88:47:a5:b8:b4:a5:7f:6c:4a:09:13:
a2:d3:36:7e:76:76:4d:2d:75:40:3d:15:ad:c1:a4:
9e:13:8f:1f:a2:b3:cb:1f:10:05:1d:11:2f:f3:bd:
9c:7a:cf:71:c9:9d:92:28:6c:2b:68:47:d8:69:f4:
2f:d3:4d:8e:3d:2d:2f:28:6d:94:34:78:bb:69:5c:
60:20:ff:23:e1:0a:35:8a:67:e8:ea:88:37:8e:80:
0c:29:a3:18:f4:4c:50:92:78:1e:5b:ba:40:d6:4f:
7c:7e:02:0e:31:57:36:d9:73:96:57:8a:c7:ab:f4:
fe:6d:48:21:b5:60:3b:10:5d:87:20:d1:a1:db:75:
d5:8c:c3:7e:22:0e:8c:19:41:03:96:2e:94:5c:c0:
fe:3d:9c:19:30:7f:55:e8:5a:55:47:9c:5b:6e:cc:
c4:75:40:da:85:98:3d:1d:b5:a6:85:7d:9c:7a:77:
27:25:0e:d5:3d:ec:83:46:f4:bf:87:92:2a:26:2b:
93:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:95:37:97:7E:45:4B:71:ED:8B:EE:63:B5:63:EE:91:FB:36:73:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:5000::/40
Signature Algorithm: sha256WithRSAEncryption
3d:74:cc:0c:b3:e1:0a:c6:aa:28:98:a8:5e:a1:17:d6:70:b7:
b2:c7:f5:85:54:33:26:5f:8e:34:0f:83:9d:33:4f:fa:4a:a4:
e7:ad:e2:5c:59:66:af:1e:a8:18:2e:50:5b:47:8a:65:df:72:
56:51:3b:78:c5:ab:92:39:4f:d3:f4:24:22:d0:3b:32:08:61:
01:80:b1:3e:09:e0:f3:bf:c6:fa:cd:6d:51:f2:82:b5:15:39:
4d:13:81:c2:79:a1:98:ed:45:cf:e6:4e:85:97:bc:b9:6d:88:
26:e8:b3:1b:a8:6d:01:58:fe:d3:5b:b9:a7:3a:a1:97:16:68:
ef:29:bd:6a:4c:b5:f4:60:7f:22:8a:e0:d7:39:1d:da:d1:07:
de:f6:08:31:e7:d1:a3:c8:38:b4:f8:78:ef:3a:26:57:98:57:
59:f6:c5:c9:aa:a1:60:8d:1b:26:26:61:fc:0e:fe:b3:1e:b8:
f4:f8:8e:81:5d:c9:3a:77:22:ff:4a:fa:54:30:f1:4b:cf:0b:
24:71:a4:93:1f:8b:04:57:63:52:eb:e4:21:c9:7f:fc:02:4e:
0a:b0:54:48:1a:ce:d1:ea:1d:70:53:10:35:26:7a:59:71:15:
ee:38:7a:f6:1d:90:8d:2b:bc:6a:49:86:ad:28:3c:37:29:02:
13:6f:68:3e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPcP1tpC+ryAWPbjgh9+8PRyX4BIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjUwMjJaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2Nzc3NWI0MzA0OTY4MDI3MTZhYjQyYjMxYmQ3YTg2MmY4MjM4OTg2MzFj
YmMzMWUzYjAwYWNhM2EwNGJkM2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpMnJfI0e+f9FRj3j7+JNpoYwqlybk8zsdEt0DI6nIT/r3/bfhHWjzHuZ9s
H3ykj5ZblW87RBUPsapEA3H9CohHpbi0pX9sSgkTotM2fnZ2TS11QD0VrcGknhOP
H6Kzyx8QBR0RL/O9nHrPccmdkihsK2hH2Gn0L9NNjj0tLyhtlDR4u2lcYCD/I+EK
NYpn6OqIN46ADCmjGPRMUJJ4Hlu6QNZPfH4CDjFXNtlzlleKx6v0/m1IIbVgOxBd
hyDRodt11YzDfiIOjBlBA5YulFzA/j2cGTB/VehaVUecW27MxHVA2oWYPR21poV9
nHp3JyUO1T3sg0b0v4eSKiYrk/UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQklTeX
fkVLce2L7mO1Y+6R+zZzuTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mzc2YmUwZmUtYWViYy00ODU1LTgwYTQtZWE5NWNmNDEzYjUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA9dMwMs+EKxqoomKheoRfWcLeyx/WFVDMmX440
D4OdM0/6SqTnreJcWWavHqgYLlBbR4pl33JWUTt4xauSOU/T9CQi0DsyCGEBgLE+
CeDzv8b6zW1R8oK1FTlNE4HCeaGY7UXP5k6Fl7y5bYgm6LMbqG0BWP7TW7mnOqGX
FmjvKb1qTLX0YH8iiuDXOR3a0Qfe9ggx59GjyDi0+HjvOiZXmFdZ9sXJqqFgjRsm
JmH8Dv6zHrj0+I6BXck6dyL/SvpUMPFLzwskcaSTH4sEV2NS6+QhyX/8Ak4KsFRI
Gs7R6h1wUxA1JnpZcRXuOHr2HZCNK7xqSYatKDw3KQITb2g+
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:33:19 2025 by rpki-client