Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6271c8-6f02-45f1-97d6-ce27b463d3b5.roa
File: 3a6271c8-6f02-45f1-97d6-ce27b463d3b5.roa (raw, json)
Hash identifier: LysewLXPXpNdel5fiXrryqY2OBYWh7CKAMk3Fi5qFQE=
Subject key identifier: 97:58:72:B2:2E:71:84:30:D4:D4:43:E0:A9:82:1F:17:09:10:6E:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 75304EBAACE3F748BD9755EE227EE960ED5C042A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6271c8-6f02-45f1-97d6-ce27b463d3b5.roa
Signing time: Fri 11 Jul 2025 20:20:05 +0000
ROA not before: Fri 11 Jul 2025 20:20:05 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:30:4e:ba:ac:e3:f7:48:bd:97:55:ee:22:7e:e9:60:ed:5c:04:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:20:05 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=b1b8260112789ae760c75c19b93f01d159669004293cffe10d7d797d8feb49d5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c9:95:08:8a:6a:ad:92:71:1d:95:89:00:39:
90:2e:4d:01:84:01:f5:76:4d:20:8f:e4:ed:14:b5:
63:8f:d7:14:a9:db:bf:92:6b:03:e5:2f:77:76:a7:
53:72:d6:8e:43:3e:4c:d4:11:e3:a8:0d:51:22:2f:
22:3f:9c:a9:79:9b:29:03:55:e5:43:83:2c:02:8e:
64:60:a1:52:29:86:6f:fe:e8:e5:5f:28:c8:b4:27:
73:ef:c3:79:6c:a8:1e:bf:48:5b:67:7d:24:ed:98:
8f:ca:84:a4:9f:0f:1b:25:4c:f0:8e:38:6f:d8:88:
67:da:55:8d:d5:06:a5:91:1e:8f:b5:d7:95:9d:8d:
46:79:e7:4c:ab:bf:22:78:23:0d:cf:f2:05:57:c9:
c8:5b:ee:df:9f:d1:d7:3b:56:a9:b0:db:95:d7:a3:
c9:b1:10:88:e8:2a:88:20:95:33:97:f2:91:ee:d9:
da:42:0e:a9:f7:31:c8:d3:b9:f4:ad:67:45:89:69:
57:14:2a:9a:6b:1e:4a:cd:b0:e8:1a:41:e5:93:13:
17:98:1b:34:ce:b0:06:a4:bd:91:66:03:77:d2:cc:
cb:b1:48:3e:b8:ec:fd:82:9f:49:0f:39:07:d5:62:
72:3d:ba:22:0c:0e:00:34:e1:16:53:0a:40:17:d7:
53:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:58:72:B2:2E:71:84:30:D4:D4:43:E0:A9:82:1F:17:09:10:6E:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6271c8-6f02-45f1-97d6-ce27b463d3b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:a000::/40
Signature Algorithm: sha256WithRSAEncryption
64:5a:e1:e1:51:52:eb:a9:22:92:4c:1a:86:c9:f1:a8:f4:30:
0c:01:68:93:8e:ab:8a:49:4d:77:dc:98:5c:03:69:c2:0b:6f:
b0:c8:cc:a7:d7:c7:61:63:5c:97:e1:ba:0f:09:9e:42:7f:0a:
07:a2:18:71:93:c7:aa:f3:f8:1c:5f:67:25:92:41:eb:1e:41:
59:37:f0:dd:4a:f3:01:39:fa:53:cf:5e:dc:09:fe:71:3d:52:
e9:d0:8b:9b:bf:29:d3:55:af:0a:85:81:b2:40:b4:a5:94:fa:
fc:99:1b:45:c4:25:a0:7f:50:09:07:22:0f:a1:da:f0:8f:49:
e1:ae:16:26:cf:c6:6d:07:2f:74:e0:2c:bc:4a:55:ea:7e:c2:
af:dc:d4:66:9c:54:67:b1:0f:d7:87:d0:fe:91:bb:df:6a:88:
d7:c6:44:0e:3c:e3:9b:01:78:19:94:24:33:90:52:c3:01:3d:
e5:26:cf:3e:01:84:56:ac:6b:c0:2f:04:65:41:e5:39:de:f9:
78:24:a6:83:65:02:30:cd:66:c2:99:89:7a:a2:31:0a:cb:c5:
f4:1b:78:24:19:0d:7d:67:85:74:f5:be:fb:b3:52:81:89:d2:
39:ed:22:a4:6b:98:dc:6e:5b:b5:07:ac:bd:b5:4a:88:eb:9d:
ed:07:2e:75
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdTBOuqzj90i9l1XuIn7pYO1cBCowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDIwMDVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxYjgyNjAxMTI3ODlhZTc2MGM3NWMxOWI5M2YwMWQxNTk2NjkwMDQyOTNj
ZmZlMTBkN2Q3OTdkOGZlYjQ5ZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLJlQiKaq2ScR2ViQA5kC5NAYQB9XZNII/k7RS1Y4/XFKnbv5JrA+Uvd3an
U3LWjkM+TNQR46gNUSIvIj+cqXmbKQNV5UODLAKOZGChUimGb/7o5V8oyLQnc+/D
eWyoHr9IW2d9JO2Yj8qEpJ8PGyVM8I44b9iIZ9pVjdUGpZEej7XXlZ2NRnnnTKu/
IngjDc/yBVfJyFvu35/R1ztWqbDbldejybEQiOgqiCCVM5fyke7Z2kIOqfcxyNO5
9K1nRYlpVxQqmmseSs2w6BpB5ZMTF5gbNM6wBqS9kWYDd9LMy7FIPrjs/YKfSQ85
B9Vicj26IgwOADThFlMKQBfXUwsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSXWHKy
LnGEMNTUQ+Cpgh8XCRBumzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2E2MjcxYzgtNmYwMi00NWYxLTk3ZDYtY2UyN2I0NjNkM2I1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dqg
MA0GCSqGSIb3DQEBCwUAA4IBAQBkWuHhUVLrqSKSTBqGyfGo9DAMAWiTjquKSU13
3JhcA2nCC2+wyMyn18dhY1yX4boPCZ5CfwoHohhxk8eq8/gcX2clkkHrHkFZN/Dd
SvMBOfpTz17cCf5xPVLp0IubvynTVa8KhYGyQLSllPr8mRtFxCWgf1AJByIPodrw
j0nhrhYmz8ZtBy904Cy8SlXqfsKv3NRmnFRnsQ/Xh9D+kbvfaojXxkQOPOObAXgZ
lCQzkFLDAT3lJs8+AYRWrGvALwRlQeU53vl4JKaDZQIwzWbCmYl6ojEKy8X0G3gk
GQ19Z4V09b77s1KBidI57SKka5jcblu1B6y9tUqI653tBy51
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:48:01 2025 by rpki-client