Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408e49db-4fbf-4903-9de9-a7d373730676.roa
File: 408e49db-4fbf-4903-9de9-a7d373730676.roa (raw, json)
Hash identifier: 4zh+/dgnzqJ3X73UOWJPo5H5bn0spO9SbkXEVgW22HM=
Subject key identifier: 35:AC:62:DC:EE:79:A5:43:67:71:25:9A:F1:25:70:61:EE:F0:0D:D6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 050D78969F42B4F8A896F4B07A4F8F0BE854F863
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408e49db-4fbf-4903-9de9-a7d373730676.roa
Signing time: Fri 11 Jul 2025 19:50:49 +0000
ROA not before: Fri 11 Jul 2025 19:50:49 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:90c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:0d:78:96:9f:42:b4:f8:a8:96:f4:b0:7a:4f:8f:0b:e8:54:f8:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:50:49 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=60fcf3aaf4adb055d70bfe762ef059df2a6d27a79196a2897899ff422051a6fd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9d:14:7b:b7:62:41:4c:fd:a4:57:ed:63:1d:
17:ad:f4:0c:15:f3:50:62:21:3c:c4:7a:bf:24:6e:
8d:cb:4e:57:54:cc:89:a3:55:e8:17:55:1b:ff:e9:
03:4e:65:00:40:98:2d:af:e7:e1:31:cd:d5:09:be:
f6:f8:a3:b9:f5:24:df:6f:a3:ec:2d:27:b5:b1:a7:
42:ea:df:cc:ee:1b:0e:28:7c:79:01:fa:9f:8c:c0:
9b:fd:39:10:18:08:bf:d8:33:26:cf:bf:5e:d9:f5:
01:be:ad:82:16:41:07:e4:f1:ae:af:ea:1c:50:9b:
ea:66:38:c7:55:18:30:46:de:9a:0b:81:3a:76:9a:
91:5f:02:87:31:30:c2:e6:bf:ce:a3:6d:e7:0d:5b:
4e:bd:7e:fa:5c:08:c1:1b:0b:83:3b:e0:b7:b2:cd:
90:7d:d6:5e:5f:29:4d:13:2b:44:69:59:e0:ba:76:
86:5b:38:fa:bb:2b:8d:0b:3c:03:4f:11:25:fd:f0:
84:0e:fa:d0:12:68:ab:e8:26:6d:48:3b:c9:fe:c6:
e8:6e:e7:c0:da:8b:1d:e4:4a:29:16:ea:49:da:86:
f1:ee:8a:08:40:ed:36:0b:88:75:d5:65:86:19:ff:
22:43:ad:26:33:37:8f:c5:19:9f:9e:d8:e3:48:a2:
29:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:AC:62:DC:EE:79:A5:43:67:71:25:9A:F1:25:70:61:EE:F0:0D:D6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408e49db-4fbf-4903-9de9-a7d373730676.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:90c0::/46
Signature Algorithm: sha256WithRSAEncryption
c6:56:18:11:f6:78:44:ed:76:eb:1e:b6:b4:51:63:89:0d:8f:
c9:07:68:df:2d:2a:ca:6a:d7:61:7a:20:8c:55:e7:9b:3e:b1:
88:ee:7d:9a:07:ba:0b:a4:a7:00:ca:d5:a0:2f:13:1b:e0:e9:
61:1b:81:e7:85:8f:e6:8c:8a:26:0b:79:e2:5b:68:68:62:51:
e0:e4:65:2e:a3:7a:d7:d4:7b:d8:75:cc:8c:4f:8e:9f:5a:2d:
20:a8:d1:c3:d9:18:65:1d:29:38:20:42:ba:75:81:99:c9:d5:
81:8e:bc:32:6e:c0:17:66:39:34:24:5d:5a:68:28:24:41:32:
e8:a7:9c:16:1e:cf:f8:90:70:a8:c2:fa:80:98:2e:32:10:f6:
db:20:8a:4a:e4:f2:a2:9b:cd:78:26:56:4b:03:87:d0:ce:35:
22:8e:7f:05:f9:81:aa:08:12:84:aa:1e:45:36:33:0c:ad:75:
9a:f8:d5:f7:47:9f:1e:b6:e9:0b:aa:d2:2f:5e:93:46:bd:02:
1d:71:41:9f:f4:cf:64:fd:ca:f7:4b:98:4b:26:1c:c3:63:70:
2e:8e:cb:80:a8:87:46:4c:0f:6a:1e:4f:52:aa:67:bb:f9:1d:
88:54:f4:3b:46:58:ec:6c:59:d4:ce:58:84:83:b1:6e:ad:e3:
9a:d1:98:44
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBQ14lp9CtPiolvSwek+PC+hU+GMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUwNDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwZmNmM2FhZjRhZGIwNTVkNzBiZmU3NjJlZjA1OWRmMmE2ZDI3YTc5MTk2
YTI4OTc4OTlmZjQyMjA1MWE2ZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSdFHu3YkFM/aRX7WMdF630DBXzUGIhPMR6vyRujctOV1TMiaNV6BdVG//p
A05lAECYLa/n4THN1Qm+9vijufUk32+j7C0ntbGnQurfzO4bDih8eQH6n4zAm/05
EBgIv9gzJs+/Xtn1Ab6tghZBB+Txrq/qHFCb6mY4x1UYMEbemguBOnaakV8ChzEw
wua/zqNt5w1bTr1++lwIwRsLgzvgt7LNkH3WXl8pTRMrRGlZ4Lp2hls4+rsrjQs8
A08RJf3whA760BJoq+gmbUg7yf7G6G7nwNqLHeRKKRbqSdqG8e6KCEDtNguIddVl
hhn/IkOtJjM3j8UZn57Y40iiKScCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ1rGLc
7nmlQ2dxJZrxJXBh7vAN1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA4ZTQ5ZGItNGZiZi00OTAzLTlkZTktYTdkMzczNzMwNjc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HeQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAxlYYEfZ4RO126x62tFFjiQ2PyQdo3y0qymrX
YXogjFXnmz6xiO59mge6C6SnAMrVoC8TG+DpYRuB54WP5oyKJgt54ltoaGJR4ORl
LqN619R72HXMjE+On1otIKjRw9kYZR0pOCBCunWBmcnVgY68Mm7AF2Y5NCRdWmgo
JEEy6KecFh7P+JBwqML6gJguMhD22yCKSuTyopvNeCZWSwOH0M41Io5/BfmBqggS
hKoeRTYzDK11mvjV90efHrbpC6rSL16TRr0CHXFBn/TPZP3K90uYSyYcw2NwLo7L
gKiHRkwPah5PUqpnu/kdiFT0O0ZY7GxZ1M5YhIOxbq3jmtGYRA==
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:17 2025 by rpki-client