Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d4529a1-3c28-42b4-b071-aa7474560d24.roa
File: 3d4529a1-3c28-42b4-b071-aa7474560d24.roa (raw, json)
Hash identifier: bFXLo1PpJ6enfW4423cPqF3BMJ5/Gzz+uhb53c0w3nk=
Subject key identifier: 9E:87:52:04:83:09:82:A1:A3:00:BB:BA:0C:6B:A4:CA:E1:FD:38:56
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 41CEADC0B2C540F06E5798AD3C8C9053BF2E6F91
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d4529a1-3c28-42b4-b071-aa7474560d24.roa
Signing time: Mon 07 Jul 2025 18:20:19 +0000
ROA not before: Mon 07 Jul 2025 18:20:19 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:ce:ad:c0:b2:c5:40:f0:6e:57:98:ad:3c:8c:90:53:bf:2e:6f:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:20:19 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=7d0b5e9258118ef05f5fc1bbf0b5aeceafb0b80e49799225aa0ab59e53534f9b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:09:47:b6:cf:cf:fc:c2:a1:ab:87:3f:95:80:
72:d0:c8:fe:16:a4:70:5b:7c:73:15:0f:0f:84:e6:
d7:30:71:b9:e3:b9:25:db:5b:e0:1e:28:9e:8b:95:
b0:46:71:77:e2:df:46:b2:09:44:7d:03:42:e1:4a:
e9:32:1a:76:d3:5a:34:77:03:bf:21:0c:ab:dc:10:
08:47:7a:20:f5:84:0d:26:db:7b:bb:2a:fa:bd:4d:
d7:46:bd:20:d3:68:63:6c:ed:bc:e4:61:90:df:50:
1b:fd:44:26:b3:51:66:fe:01:e5:dc:c5:0b:7e:2c:
7a:4f:1c:3e:98:3e:82:f3:d7:10:d3:32:2f:36:1a:
ec:fb:b8:5d:81:7b:5a:7a:bc:63:8b:91:93:4c:13:
4a:bf:95:62:21:cc:21:73:04:75:93:09:6d:6a:58:
73:a6:2e:d5:71:62:e5:15:29:a8:24:da:b6:ad:08:
f4:1e:c6:e0:5f:48:17:04:bd:3a:31:ff:4c:ea:17:
a6:2b:22:69:75:8a:67:d3:c4:cb:0c:30:48:c3:ad:
4a:92:d9:b9:f2:ab:34:09:96:56:91:85:27:36:21:
25:19:a6:6d:58:36:5d:d7:cc:ef:99:07:a1:b8:8c:
ab:cf:3f:0f:1b:b2:85:09:ed:62:1e:57:fe:c2:33:
b6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:87:52:04:83:09:82:A1:A3:00:BB:BA:0C:6B:A4:CA:E1:FD:38:56
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d4529a1-3c28-42b4-b071-aa7474560d24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:840::/46
Signature Algorithm: sha256WithRSAEncryption
53:9b:bd:ef:f5:40:c6:2b:36:3e:70:fc:ae:a6:d0:68:be:80:
0f:ef:a4:c3:47:0a:a6:a3:0f:81:3e:24:68:5c:30:05:b7:45:
99:c1:e3:87:80:f4:9d:2b:ae:37:7f:45:a9:19:2f:19:81:da:
f4:5b:b1:c7:cf:8c:83:c3:4d:17:6e:e0:98:80:aa:1c:e4:21:
90:73:c4:28:c1:1d:2d:bb:ff:36:cd:0b:64:d4:7e:ac:83:0d:
b4:2c:4b:a9:4f:e8:51:04:5c:25:46:ae:b7:b0:d7:e6:0e:a2:
3d:3f:b5:d5:b0:04:5e:2d:72:88:02:b1:63:24:41:f4:fb:d4:
aa:4d:d7:12:06:70:50:2c:9c:ed:23:e6:55:3b:7c:d8:89:d9:
8e:d0:80:e8:e2:4a:6f:63:d1:73:fb:c3:4f:e7:e1:00:b0:3e:
d9:1a:39:25:6e:ca:ae:f2:46:dd:15:df:80:e8:47:ad:e5:3f:
ae:27:4e:18:aa:a3:f1:85:51:38:3a:cb:77:36:ca:7f:07:f5:
c9:24:3c:1c:92:95:3f:b7:7d:3a:e8:b3:b7:85:6c:3e:44:98:
85:0a:63:cd:06:e6:b8:a0:65:c2:57:84:93:8f:be:72:29:d0:
57:b0:67:de:fe:ca:77:4b:8f:f3:02:da:e9:9d:5b:aa:76:c6:
d0:e5:f8:08
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQc6twLLFQPBuV5itPIyQU78ub5EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIwMTlaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkMGI1ZTkyNTgxMThlZjA1ZjVmYzFiYmYwYjVhZWNlYWZiMGI4MGU0OTc5
OTIyNWFhMGFiNTllNTM1MzRmOWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAJR7bPz/zCoauHP5WActDI/hakcFt8cxUPD4Tm1zBxueO5Jdtb4B4onouV
sEZxd+LfRrIJRH0DQuFK6TIadtNaNHcDvyEMq9wQCEd6IPWEDSbbe7sq+r1N10a9
INNoY2ztvORhkN9QG/1EJrNRZv4B5dzFC34sek8cPpg+gvPXENMyLzYa7Pu4XYF7
Wnq8Y4uRk0wTSr+VYiHMIXMEdZMJbWpYc6Yu1XFi5RUpqCTatq0I9B7G4F9IFwS9
OjH/TOoXpisiaXWKZ9PEywwwSMOtSpLZufKrNAmWVpGFJzYhJRmmbVg2XdfM75kH
obiMq88/DxuyhQntYh5X/sIztnMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSeh1IE
gwmCoaMAu7oMa6TK4f04VjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Q0NTI5YTEtM2MyOC00MmI0LWIwNzEtYWE3NDc0NTYwZDI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HcI
QDANBgkqhkiG9w0BAQsFAAOCAQEAU5u97/VAxis2PnD8rqbQaL6AD++kw0cKpqMP
gT4kaFwwBbdFmcHjh4D0nSuuN39FqRkvGYHa9Fuxx8+Mg8NNF27gmICqHOQhkHPE
KMEdLbv/Ns0LZNR+rIMNtCxLqU/oUQRcJUaut7DX5g6iPT+11bAEXi1yiAKxYyRB
9PvUqk3XEgZwUCyc7SPmVTt82InZjtCA6OJKb2PRc/vDT+fhALA+2Ro5JW7KrvJG
3RXfgOhHreU/ridOGKqj8YVRODrLdzbKfwf1ySQ8HJKVP7d9Ouizt4VsPkSYhQpj
zQbmuKBlwleEk4++cinQV7Bn3v7Kd0uP8wLa6Z1bqnbG0OX4CA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:18 2025 by rpki-client