Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
File: 3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa (raw, json)
Hash identifier: isLzNZCWg8ecZHq6eYHK/j8F5QYBLBvT4W/Z8VAflDA=
Subject key identifier: 0A:FF:AE:F4:33:DB:B8:27:22:F8:BA:9D:C7:5D:B4:29:A5:4F:37:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77BE7B42616BB76E49D23B769C6B2402FD3EB0AF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
Signing time: Fri 11 Jul 2025 19:00:06 +0000
ROA not before: Fri 11 Jul 2025 19:00:06 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:be:7b:42:61:6b:b7:6e:49:d2:3b:76:9c:6b:24:02:fd:3e:b0:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:00:06 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=d4f1ff476844c7ee6118df234e7f8191e60994365e2d3d6626c7ef8b0ac6134a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:82:50:ed:e0:ba:4e:ad:95:cb:c8:f2:62:e2:
10:9c:db:07:88:83:ef:81:34:80:9c:86:5f:2f:78:
ae:b8:ff:40:ad:04:d9:93:5c:e1:07:63:4f:89:4d:
75:a9:e0:4a:c7:ab:e0:83:1d:02:0d:87:61:76:84:
b2:e3:aa:85:14:aa:fa:f4:e4:b6:62:66:8b:00:c5:
ce:d7:65:5e:aa:13:c5:a2:9e:e7:36:32:dc:3b:d3:
e1:9f:6e:d0:8d:3c:4f:b6:ac:80:8e:30:57:8c:98:
3b:b0:c2:78:ad:41:ff:0b:26:c6:ff:c7:e0:8a:94:
c6:6d:9e:62:ed:7b:0d:d2:36:4f:5b:c4:68:76:da:
a5:cc:a1:7b:d6:ab:79:30:56:32:ad:6a:b4:b4:10:
dc:d3:4e:4d:87:0d:4e:2f:04:d4:11:9b:3e:da:e5:
0b:94:b4:30:63:81:ea:66:da:83:cd:99:33:65:73:
33:d8:54:ce:3f:4f:8f:37:50:a9:a6:41:ad:6d:37:
c4:6b:ff:6e:01:f7:b3:d4:04:4d:5b:97:31:ac:a3:
ea:36:72:b4:f9:2c:c0:12:22:bd:e5:f6:7f:99:a9:
7b:61:d9:ef:d5:30:82:c6:f8:9d:e6:34:bd:58:07:
60:a6:66:4b:c8:48:74:92:5b:31:95:21:6a:ca:b7:
d6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:FF:AE:F4:33:DB:B8:27:22:F8:BA:9D:C7:5D:B4:29:A5:4F:37:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:b000::/40
Signature Algorithm: sha256WithRSAEncryption
a3:60:33:66:99:77:a1:c0:f7:d7:53:23:a7:92:d9:b0:a7:95:
cb:23:4b:1a:a4:ca:21:c9:54:eb:bf:0b:b2:81:0c:1b:2a:44:
c2:20:fa:e9:ab:49:83:53:02:07:13:51:f9:09:8e:93:48:60:
a9:40:a0:dc:27:81:05:f9:71:0b:92:dc:cb:92:3d:ae:9b:d7:
d2:1c:c5:a3:35:81:0d:97:24:fc:78:c3:90:36:ee:fa:44:f3:
d8:f9:84:0a:4e:fe:4b:31:c2:bd:fe:1f:81:1d:85:5f:4e:3a:
bd:f0:15:7b:8f:5e:62:85:c1:83:97:d4:c6:2c:31:73:83:1e:
a0:cb:fb:db:63:dd:97:d7:03:fd:08:79:13:71:9f:6c:65:fa:
f2:2b:22:86:ac:6e:98:6d:04:0d:bc:34:55:d1:fe:6a:20:06:
a1:d1:35:1f:96:5e:a1:73:c9:a3:4e:4b:1e:78:96:5e:59:16:
67:c3:51:44:32:09:da:da:4d:98:aa:ea:d5:8d:cb:b6:6e:ed:
bb:79:30:8c:1e:8e:86:b8:e2:24:74:c9:d4:23:16:41:43:c0:
b1:32:e8:d8:09:76:a0:b5:47:11:70:85:83:f6:42:0f:df:41:
5e:72:4a:7c:c9:8c:7e:ff:d0:fc:cf:3e:29:a3:cf:7f:ad:7c:
1f:8b:3f:66
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd757QmFrt25J0jt2nGskAv0+sK8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTAwMDZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0ZjFmZjQ3Njg0NGM3ZWU2MTE4ZGYyMzRlN2Y4MTkxZTYwOTk0MzY1ZTJk
M2Q2NjI2YzdlZjhiMGFjNjEzNGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKeCUO3guk6tlcvI8mLiEJzbB4iD74E0gJyGXy94rrj/QK0E2ZNc4QdjT4lN
dangSser4IMdAg2HYXaEsuOqhRSq+vTktmJmiwDFztdlXqoTxaKe5zYy3DvT4Z9u
0I08T7asgI4wV4yYO7DCeK1B/wsmxv/H4IqUxm2eYu17DdI2T1vEaHbapcyhe9ar
eTBWMq1qtLQQ3NNOTYcNTi8E1BGbPtrlC5S0MGOB6mbag82ZM2VzM9hUzj9PjzdQ
qaZBrW03xGv/bgH3s9QETVuXMayj6jZytPkswBIiveX2f5mpe2HZ79Uwgsb4neY0
vVgHYKZmS8hIdJJbMZUhasq31p0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQK/670
M9u4JyL4up3HXbQppU83xDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2E2YWJhMWYtNDQwZS00ODc0LTkxOTMtYTNhMWY2ZWEzZWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKw
MA0GCSqGSIb3DQEBCwUAA4IBAQCjYDNmmXehwPfXUyOnktmwp5XLI0sapMohyVTr
vwuygQwbKkTCIPrpq0mDUwIHE1H5CY6TSGCpQKDcJ4EF+XELktzLkj2um9fSHMWj
NYENlyT8eMOQNu76RPPY+YQKTv5LMcK9/h+BHYVfTjq98BV7j15ihcGDl9TGLDFz
gx6gy/vbY92X1wP9CHkTcZ9sZfryKyKGrG6YbQQNvDRV0f5qIAah0TUfll6hc8mj
TkseeJZeWRZnw1FEMgna2k2YqurVjcu2bu27eTCMHo6GuOIkdMnUIxZBQ8CxMujY
CXagtUcRcIWD9kIP30Feckp8yYx+/9D8zz4po89/rXwfiz9m
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:33:06 2025 by rpki-client