Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
File: 408fc879-4db9-446c-bdb3-37bf4ee28c97.roa (raw, json)
Hash identifier: cMHmrG+H5NCCNN2Qg0sNp8II/4Fse4o07M/sU+EuJwE=
Subject key identifier: AD:9A:15:50:3F:60:9D:AA:84:A4:66:EF:1A:41:EC:33:7B:5C:31:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5857620978A989663B98A6EA0DC3F6F0E5EEEBAD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
Signing time: Fri 11 Jul 2025 20:21:38 +0000
ROA not before: Fri 11 Jul 2025 20:21:38 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 22:13:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:57:62:09:78:a9:89:66:3b:98:a6:ea:0d:c3:f6:f0:e5:ee:eb:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:21:38 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=54f63c9972863fff05065c11ae9a3455b13c45954cb9b8e764069d827cd293ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:84:04:fa:29:bb:7b:0b:0c:ca:d7:8a:7d:d7:
67:b2:8c:33:80:94:83:a6:3e:f7:1a:f3:2b:47:77:
b4:82:e4:31:63:b0:cc:15:40:d3:cf:02:68:1d:3c:
61:8c:91:78:2b:c9:04:57:12:dd:fc:e1:4f:5b:21:
c0:86:1d:dc:3d:b0:c8:61:26:e4:ff:17:25:5e:b0:
c3:4c:85:08:f1:84:40:d6:11:ca:f5:84:c3:77:11:
ba:96:13:53:62:0c:5b:86:c3:98:9b:af:76:2b:07:
63:c4:97:a0:c6:49:11:58:c5:00:de:c0:25:13:6f:
40:89:44:52:0c:25:9c:d0:29:7b:d9:7d:c5:94:7e:
32:5d:30:04:6a:98:da:53:be:b1:7f:ef:a6:46:04:
81:7a:34:d5:fb:2b:d6:a5:64:c2:85:04:3d:04:42:
81:6d:a6:2b:49:61:a6:c1:34:81:79:fd:02:4a:20:
96:cd:e8:64:79:fb:93:66:ed:b7:15:72:b6:97:79:
d4:bc:44:d8:e6:95:17:10:8e:c7:24:b1:00:c7:cf:
ac:6b:d4:36:5e:ef:39:ee:cf:f2:c0:1e:38:d5:b0:
5c:ca:f5:5f:97:06:99:6a:8e:01:31:d4:48:3e:b4:
e9:f2:b5:f6:38:fb:67:af:5f:6c:5e:78:c4:4d:a8:
c7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:9A:15:50:3F:60:9D:AA:84:A4:66:EF:1A:41:EC:33:7B:5C:31:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:a000::/40
Signature Algorithm: sha256WithRSAEncryption
94:33:49:2c:a4:c8:1e:56:90:07:1d:8a:e9:f8:f5:ee:80:71:
36:ce:ba:2c:fa:74:40:cf:1c:6c:c8:fa:8e:27:d0:96:e5:1c:
53:f5:2a:d1:ef:15:21:da:5f:7c:a7:a1:63:73:4a:7d:0e:94:
6a:47:ca:81:a1:67:b1:8e:67:ba:41:63:a4:9d:d3:89:6f:86:
a0:82:33:a7:ab:97:b9:ed:59:08:c4:ec:b0:a2:c3:2c:4c:08:
23:59:38:13:ec:92:a9:9d:9e:ab:7e:25:01:6f:e2:0e:7c:c3:
c1:52:cf:e0:3c:c9:b6:fe:bd:ec:45:64:4f:ef:39:a7:af:5a:
86:c3:4f:3b:f1:4d:44:60:63:34:48:2d:b3:80:b4:e6:6d:5b:
1e:38:76:03:df:9f:25:ee:e7:5c:36:8b:8e:42:ae:de:2a:b7:
0c:47:57:21:49:29:97:da:87:ac:95:83:a7:ce:48:91:67:3d:
29:df:ad:19:4e:ba:50:16:0c:0f:b9:7d:38:5f:b9:c4:09:9b:
05:2e:16:10:5a:06:27:71:c4:db:1a:af:f5:f2:35:32:c3:16:
6f:0e:f9:d4:00:49:fb:6b:7c:e7:9c:51:c1:14:7d:8e:ed:81:
be:89:d3:52:c1:fb:0d:f6:6e:7b:2f:24:e8:c5:dc:26:56:d1:
97:1c:80:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWFdiCXipiWY7mKbqDcP28OXu660wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDIxMzhaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0ZjYzYzk5NzI4NjNmZmYwNTA2NWMxMWFlOWEzNDU1YjEzYzQ1OTU0Y2I5
YjhlNzY0MDY5ZDgyN2NkMjkzYWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCEBPopu3sLDMrXin3XZ7KMM4CUg6Y+9xrzK0d3tILkMWOwzBVA088CaB08
YYyReCvJBFcS3fzhT1shwIYd3D2wyGEm5P8XJV6ww0yFCPGEQNYRyvWEw3cRupYT
U2IMW4bDmJuvdisHY8SXoMZJEVjFAN7AJRNvQIlEUgwlnNApe9l9xZR+Ml0wBGqY
2lO+sX/vpkYEgXo01fsr1qVkwoUEPQRCgW2mK0lhpsE0gXn9Akogls3oZHn7k2bt
txVytpd51LxE2OaVFxCOxySxAMfPrGvUNl7vOe7P8sAeONWwXMr1X5cGmWqOATHU
SD606fK19jj7Z69fbF54xE2ox4cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBStmhVQ
P2CdqoSkZu8aQewze1wxGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA4ZmM4NzktNGRiOS00NDZjLWJkYjMtMzdiZjRlZTI4Yzk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hqg
MA0GCSqGSIb3DQEBCwUAA4IBAQCUM0kspMgeVpAHHYrp+PXugHE2zros+nRAzxxs
yPqOJ9CW5RxT9SrR7xUh2l98p6Fjc0p9DpRqR8qBoWexjme6QWOkndOJb4aggjOn
q5e57VkIxOywosMsTAgjWTgT7JKpnZ6rfiUBb+IOfMPBUs/gPMm2/r3sRWRP7zmn
r1qGw0878U1EYGM0SC2zgLTmbVseOHYD358l7udcNouOQq7eKrcMR1chSSmX2oes
lYOnzkiRZz0p360ZTrpQFgwPuX04X7nECZsFLhYQWgYnccTbGq/18jUywxZvDvnU
AEn7a3znnFHBFH2O7YG+idNSwfsN9m57LyToxdwmVtGXHIBl
-----END CERTIFICATE-----
Generated at Fri Jul 25 06:55:54 2025 by rpki-client