Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
File: 3af05485-fd97-4026-a50e-0227f46bd107.roa (raw, json)
Hash identifier: UjI4U5CmcZOvm/F47igI8p/8Khk8bp06KMvn5L6HeCg=
Subject key identifier: 8B:8B:1D:02:D8:B9:27:3F:87:B9:F1:BA:29:0F:C8:36:F1:8D:96:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79073EF8B67816B2794AD50C5E30FB3B51DC1E35
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
Signing time: Fri 11 Jul 2025 19:11:21 +0000
ROA not before: Fri 11 Jul 2025 19:11:21 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:07:3e:f8:b6:78:16:b2:79:4a:d5:0c:5e:30:fb:3b:51:dc:1e:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:11:21 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=b89e32a7105726cc874ce8971422d293092c7986d61f368f2a2dfb59a1e8e64e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2a:c3:3e:c6:b7:19:24:be:63:c2:cc:58:e6:
27:ae:ab:01:bf:1b:20:de:bb:0f:e0:a1:32:55:b6:
c6:1d:b9:76:77:cd:4e:57:10:a2:7b:15:dc:cc:60:
17:1d:15:ec:9d:8b:09:c0:0c:3c:3a:81:72:d6:e6:
56:ce:fb:79:18:e0:c8:88:09:0c:10:6e:c1:99:77:
51:92:f2:e1:b3:47:8d:21:e9:60:3c:b1:64:86:d7:
14:46:e1:69:ff:e3:5c:04:cb:ff:9c:e1:62:85:e3:
dc:bf:03:ce:90:9e:a2:9c:12:e1:5a:75:48:d3:90:
35:21:a8:58:a5:59:10:44:15:86:d6:d7:96:46:25:
54:99:03:8b:86:6f:97:5a:87:b4:87:71:91:e9:ba:
5d:07:86:fe:77:3f:ca:4e:83:52:a6:5b:9f:ad:20:
b8:a3:50:72:c8:4a:af:89:2e:65:67:fe:66:f7:f3:
e8:39:ff:95:f3:38:78:63:45:76:ae:17:76:a2:16:
d4:c3:5e:5f:08:e5:1a:91:3f:69:47:b1:49:74:6f:
56:c0:ff:54:56:d8:3c:df:ec:5c:20:d8:c7:cc:8e:
04:e0:a9:7d:91:a2:13:3b:cd:a0:0a:84:cc:f1:72:
8d:7b:e7:91:83:6d:0f:08:28:f0:0e:6a:1b:b8:ad:
fe:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:8B:1D:02:D8:B9:27:3F:87:B9:F1:BA:29:0F:C8:36:F1:8D:96:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:6000::/40
Signature Algorithm: sha256WithRSAEncryption
12:dd:ca:8f:06:9f:d7:eb:9f:cd:7b:d3:c3:85:e2:20:98:22:
1c:fa:55:1a:5d:76:41:fb:d1:e9:4d:fb:27:6f:e5:08:9e:2f:
78:ae:1e:a9:63:a8:23:cd:6b:94:32:f3:76:e5:ec:a7:48:a7:
41:a3:3b:a7:34:9a:e5:07:c9:a4:e9:36:ab:67:2c:4a:5d:5f:
9b:0c:df:2c:92:7b:55:c8:20:b3:b9:29:45:1c:b7:11:f1:7e:
eb:14:d9:75:d7:de:23:55:2e:bb:06:25:13:d3:eb:0e:cd:e9:
5f:7c:29:79:98:c2:2d:a9:29:96:d7:c5:c1:9f:e0:ed:ee:50:
b7:a6:b8:16:f0:b8:66:07:e2:f9:1a:bf:c6:9d:f2:6b:a0:34:
ad:45:5e:39:f9:d7:10:2e:65:01:e9:0c:44:47:e7:08:77:e3:
be:a9:c9:e2:b9:dd:18:57:6f:75:05:13:35:a4:dd:d8:cb:a0:
14:83:be:2f:9d:c6:39:1d:0f:c8:ee:10:74:58:79:e6:c0:a5:
3e:12:5f:ab:67:0e:b1:a0:01:63:93:cb:1e:4e:45:3b:36:70:
e1:35:1d:29:f7:b3:66:80:c7:d2:ad:bf:47:53:40:08:67:b9:
2c:17:e9:e0:d4:bf:28:f1:9e:02:a3:8a:9b:af:50:33:cc:db:
10:96:34:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeQc++LZ4FrJ5StUMXjD7O1HcHjUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTExMjFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4OWUzMmE3MTA1NzI2Y2M4NzRjZTg5NzE0MjJkMjkzMDkyYzc5ODZkNjFm
MzY4ZjJhMmRmYjU5YTFlOGU2NGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8qwz7GtxkkvmPCzFjmJ66rAb8bIN67D+ChMlW2xh25dnfNTlcQonsV3Mxg
Fx0V7J2LCcAMPDqBctbmVs77eRjgyIgJDBBuwZl3UZLy4bNHjSHpYDyxZIbXFEbh
af/jXATL/5zhYoXj3L8DzpCeopwS4Vp1SNOQNSGoWKVZEEQVhtbXlkYlVJkDi4Zv
l1qHtIdxkem6XQeG/nc/yk6DUqZbn60guKNQcshKr4kuZWf+Zvfz6Dn/lfM4eGNF
dq4XdqIW1MNeXwjlGpE/aUexSXRvVsD/VFbYPN/sXCDYx8yOBOCpfZGiEzvNoAqE
zPFyjXvnkYNtDwgo8A5qG7it/jMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSLix0C
2LknP4e58bopD8g28Y2W3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2FmMDU0ODUtZmQ5Ny00MDI2LWE1MGUtMDIyN2Y0NmJkMTA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9g
MA0GCSqGSIb3DQEBCwUAA4IBAQAS3cqPBp/X65/Ne9PDheIgmCIc+lUaXXZB+9Hp
Tfsnb+UIni94rh6pY6gjzWuUMvN25eynSKdBozunNJrlB8mk6TarZyxKXV+bDN8s
kntVyCCzuSlFHLcR8X7rFNl1194jVS67BiUT0+sOzelffCl5mMItqSmW18XBn+Dt
7lC3prgW8LhmB+L5Gr/GnfJroDStRV45+dcQLmUB6QxER+cId+O+qcniud0YV291
BRM1pN3Yy6AUg74vncY5HQ/I7hB0WHnmwKU+El+rZw6xoAFjk8seTkU7NnDhNR0p
97NmgMfSrb9HU0AIZ7ksF+ng1L8o8Z4Co4qbr1AzzNsQljQH
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:25 2025 by rpki-client