Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3901d4e7-d120-481a-a199-4762783cff5b.roa
File: 3901d4e7-d120-481a-a199-4762783cff5b.roa (raw, json)
Hash identifier: RPWxU0Q0ogAIcI4+zNshHZe5qOyJhmmfDKdHFCqcyeQ=
Subject key identifier: 51:3E:C3:DD:3F:BF:EE:C3:8A:6C:C6:F0:A6:6E:05:E4:E3:30:D6:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C0C12CE78C87BA94F5D3FC40A26AF45D5D7A247
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3901d4e7-d120-481a-a199-4762783cff5b.roa
Signing time: Sat 12 Jul 2025 00:51:24 +0000
ROA not before: Sat 12 Jul 2025 00:51:24 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:0c:12:ce:78:c8:7b:a9:4f:5d:3f:c4:0a:26:af:45:d5:d7:a2:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:51:24 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=c7024b49a31f9b0bc9a19490148aa4560979ce861ee8ead0ff6b593a0c234f81, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e4:16:0d:78:08:1d:9a:25:24:d1:30:00:af:
99:1b:9d:7f:23:48:f3:a4:69:2b:e8:5f:4c:1c:6a:
5c:67:8c:93:64:0f:08:81:14:58:9d:0e:3d:48:ec:
49:df:b4:2b:d1:dd:78:0d:80:22:28:6a:52:a2:5e:
94:67:29:c1:20:ec:07:ff:24:8e:3a:b8:79:04:02:
eb:09:e1:8d:0b:84:a2:07:5b:10:a0:5f:ec:26:45:
4d:3a:a6:9f:0c:31:88:4c:fc:72:0f:6c:50:29:e4:
dd:ea:8a:c8:48:86:7b:ae:2b:2f:3a:46:47:72:0e:
18:b7:c7:01:3f:8a:81:2f:45:b5:d1:ea:ca:4d:fc:
aa:0c:d6:6e:78:2c:e4:7c:17:6c:26:70:aa:32:2b:
eb:61:0d:3a:67:02:31:fb:f7:33:2f:81:08:9d:a7:
0b:eb:4b:4b:7a:70:33:c6:0d:5e:bd:0e:22:f6:62:
f2:b2:04:11:ad:80:d9:3e:21:8c:f3:3a:8a:e8:81:
36:c3:83:49:87:15:d8:f4:d3:9a:a8:04:26:3f:5d:
82:e8:ea:1a:0a:4f:27:19:38:b1:5e:0b:27:74:fb:
6f:ce:c4:79:33:cf:bc:7c:52:6e:97:33:07:b9:14:
af:d4:87:bf:ac:28:7d:01:35:d0:09:dc:d0:a6:ad:
b6:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:3E:C3:DD:3F:BF:EE:C3:8A:6C:C6:F0:A6:6E:05:E4:E3:30:D6:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3901d4e7-d120-481a-a199-4762783cff5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:4000::/40
Signature Algorithm: sha256WithRSAEncryption
00:39:10:7d:76:cf:04:47:6b:1d:1e:32:2e:ec:49:ef:43:3b:
1f:4a:44:6f:d8:7c:85:17:bc:f8:70:84:99:84:35:8d:38:a0:
4a:44:2d:96:34:22:2b:4a:c2:a0:77:da:e0:33:54:5f:34:cb:
dd:e5:04:dc:5a:57:d0:fc:52:fb:bd:25:a1:56:99:3f:67:63:
11:24:1f:57:34:6d:47:b8:2a:a8:8d:84:65:96:0a:f8:35:52:
e6:f1:71:51:73:b7:d3:04:91:f2:c0:a0:ea:56:d5:f4:63:1f:
e6:7e:f8:e0:b3:ca:6d:d3:2a:d2:ae:0d:3f:b1:2e:c5:56:46:
d8:14:d1:f0:c3:69:71:81:83:da:11:e5:b2:ff:d0:22:56:60:
7b:9f:67:9f:98:d2:67:2b:78:19:cc:a4:8a:5f:e6:cd:17:21:
3a:2e:88:6c:5e:74:f1:c2:44:6c:89:45:d1:62:d1:a5:d8:3d:
84:22:fe:7f:fb:71:62:1f:83:0a:3a:11:f7:09:a7:8b:12:85:
6c:a7:91:ac:1f:72:fd:2e:65:cc:cf:96:d1:70:79:a9:1f:b8:
bf:62:a3:24:3f:2c:c8:4a:17:31:1d:a1:c6:81:d2:95:f8:af:
72:64:f2:15:35:f9:4c:7f:f6:7b:5c:1d:26:63:d7:df:89:f3:
aa:4c:16:a1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULAwSznjIe6lPXT/ECiavRdXXokcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUxMjRaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3MDI0YjQ5YTMxZjliMGJjOWExOTQ5MDE0OGFhNDU2MDk3OWNlODYxZWU4
ZWFkMGZmNmI1OTNhMGMyMzRmODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvkFg14CB2aJSTRMACvmRudfyNI86RpK+hfTBxqXGeMk2QPCIEUWJ0OPUjs
Sd+0K9HdeA2AIihqUqJelGcpwSDsB/8kjjq4eQQC6wnhjQuEogdbEKBf7CZFTTqm
nwwxiEz8cg9sUCnk3eqKyEiGe64rLzpGR3IOGLfHAT+KgS9FtdHqyk38qgzWbngs
5HwXbCZwqjIr62ENOmcCMfv3My+BCJ2nC+tLS3pwM8YNXr0OIvZi8rIEEa2A2T4h
jPM6iuiBNsODSYcV2PTTmqgEJj9dgujqGgpPJxk4sV4LJ3T7b87EeTPPvHxSbpcz
B7kUr9SHv6wofQE10Anc0KatttkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRRPsPd
P7/uw4psxvCmbgXk4zDWqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzkwMWQ0ZTctZDEyMC00ODFhLWExOTktNDc2Mjc4M2NmZjViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FlA
MA0GCSqGSIb3DQEBCwUAA4IBAQAAORB9ds8ER2sdHjIu7EnvQzsfSkRv2HyFF7z4
cISZhDWNOKBKRC2WNCIrSsKgd9rgM1RfNMvd5QTcWlfQ/FL7vSWhVpk/Z2MRJB9X
NG1HuCqojYRllgr4NVLm8XFRc7fTBJHywKDqVtX0Yx/mfvjgs8pt0yrSrg0/sS7F
VkbYFNHww2lxgYPaEeWy/9AiVmB7n2efmNJnK3gZzKSKX+bNFyE6LohsXnTxwkRs
iUXRYtGl2D2EIv5/+3FiH4MKOhH3CaeLEoVsp5GsH3L9LmXMz5bRcHmpH7i/YqMk
PyzIShcxHaHGgdKV+K9yZPIVNflMf/Z7XB0mY9ffifOqTBah
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:19 2025 by rpki-client