Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/424c40d4-9e1c-4cf2-a7bd-10475b0c2837.roa
File: 424c40d4-9e1c-4cf2-a7bd-10475b0c2837.roa (raw, json)
Hash identifier: b8azdRJzEOP+JIaz/a0JTwQNVMu5vnAjYSFW/hiOVrE=
Subject key identifier: AD:9E:21:E0:46:24:F4:DA:6D:50:DB:A2:60:6C:7E:7F:20:0D:EF:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 101A7690ABE5C9E9DD30ECBD8AD13050326B6E9F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/424c40d4-9e1c-4cf2-a7bd-10475b0c2837.roa
Signing time: Fri 11 Jul 2025 19:50:43 +0000
ROA not before: Fri 11 Jul 2025 19:50:43 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:9040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:1a:76:90:ab:e5:c9:e9:dd:30:ec:bd:8a:d1:30:50:32:6b:6e:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:50:43 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=8ac5b93c0cbbcafa8dd8468c337939ab9bd1509778d0bb1abe092b666cbec254, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:34:cf:88:c3:e4:04:38:0b:5c:b3:84:e9:cd:
36:40:af:55:a5:00:39:5a:30:47:d0:27:cf:15:f8:
10:9f:e5:90:c1:cc:a8:33:d3:b7:0f:29:f7:9b:ce:
f9:fc:f7:9a:27:b3:00:0b:66:6c:59:2b:50:00:4c:
e4:65:e6:54:8e:25:26:58:d7:d4:ea:92:33:b7:9e:
b7:9b:10:2d:4c:93:53:cf:08:fb:25:22:e3:38:11:
a9:ef:4e:2d:3a:73:0f:d7:4c:58:f0:8f:a4:20:3d:
57:ee:19:ca:54:eb:d9:a8:d0:86:29:e4:e7:a5:b6:
a7:af:5e:14:d5:78:c3:87:4d:f7:41:ef:73:f2:d5:
57:f8:08:87:5a:16:bf:da:87:a5:9e:61:3e:80:bc:
bd:3d:33:6a:c3:03:96:19:d8:92:e0:06:d1:6f:fa:
47:24:f2:25:12:43:e4:62:57:ea:63:06:09:c3:17:
36:c0:44:f9:ca:c6:78:ef:cd:7b:85:05:dd:3a:ab:
83:1b:2c:9d:cd:be:d8:ee:37:f7:55:9d:ef:e2:ff:
8e:39:1e:77:db:6a:43:35:d5:05:18:08:fb:98:88:
4a:de:b9:12:51:82:2e:e4:77:b3:8c:70:13:24:36:
22:ff:31:82:f7:31:f7:e2:5a:3c:83:17:71:6f:4e:
6a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:9E:21:E0:46:24:F4:DA:6D:50:DB:A2:60:6C:7E:7F:20:0D:EF:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/424c40d4-9e1c-4cf2-a7bd-10475b0c2837.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:9040::/46
Signature Algorithm: sha256WithRSAEncryption
78:eb:ab:31:73:4f:21:6e:70:5f:ed:00:3e:7c:3d:b6:ae:45:
82:b2:7f:27:c1:e9:99:45:2d:ba:03:22:7f:54:6f:27:68:9c:
ae:bb:dd:a9:80:ea:09:4f:24:1e:12:e8:cf:c0:f8:76:e8:48:
08:0b:6b:7f:77:a5:e8:dc:92:ec:17:88:e8:cd:47:13:61:7b:
07:aa:33:ea:5e:0e:eb:f4:0b:3a:2c:06:b9:26:be:19:65:95:
25:35:7a:e3:7c:fc:6a:ee:7a:ab:34:bf:ed:41:68:9b:f3:f7:
07:3a:59:0b:b8:25:73:18:ba:10:e6:13:a9:48:13:f7:e7:cf:
ba:e8:17:7e:36:a7:01:71:d8:03:cc:53:a5:be:35:9a:dd:95:
a4:44:36:95:7b:61:96:a0:c4:7a:6e:31:13:d2:aa:14:bd:cb:
8e:ff:23:21:88:52:2f:bf:14:b7:4c:b0:52:55:72:10:df:58:
6f:47:6d:0e:f2:5f:2d:d3:24:67:e8:b7:5d:db:9e:3a:7b:0e:
57:75:a9:e3:fc:81:08:00:14:a3:71:7d:74:3c:c9:e1:0c:50:
88:e6:d4:d1:f1:de:cf:7c:4e:f3:7d:3e:2e:f4:46:69:dd:c5:
fe:b1:55:6a:08:be:c7:39:73:f1:6a:ec:88:4f:98:d7:db:00:
17:3b:34:a0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEBp2kKvlyendMOy9itEwUDJrbp8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUwNDNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhYzViOTNjMGNiYmNhZmE4ZGQ4NDY4YzMzNzkzOWFiOWJkMTUwOTc3OGQw
YmIxYWJlMDkyYjY2NmNiZWMyNTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMY0z4jD5AQ4C1yzhOnNNkCvVaUAOVowR9AnzxX4EJ/lkMHMqDPTtw8p95vO
+fz3miezAAtmbFkrUABM5GXmVI4lJljX1OqSM7eet5sQLUyTU88I+yUi4zgRqe9O
LTpzD9dMWPCPpCA9V+4ZylTr2ajQhink56W2p69eFNV4w4dN90Hvc/LVV/gIh1oW
v9qHpZ5hPoC8vT0zasMDlhnYkuAG0W/6RyTyJRJD5GJX6mMGCcMXNsBE+crGeO/N
e4UF3Tqrgxssnc2+2O4391Wd7+L/jjked9tqQzXVBRgI+5iISt65ElGCLuR3s4xw
EyQ2Iv8xgvcx9+JaPIMXcW9OalMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBStniHg
RiT02m1Q26JgbH5/IA3vaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDI0YzQwZDQtOWUxYy00Y2YyLWE3YmQtMTA0NzViMGMyODM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HuQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAeOurMXNPIW5wX+0APnw9tq5FgrJ/J8HpmUUt
ugMif1RvJ2icrrvdqYDqCU8kHhLoz8D4duhICAtrf3el6NyS7BeI6M1HE2F7B6oz
6l4O6/QLOiwGuSa+GWWVJTV643z8au56qzS/7UFom/P3BzpZC7glcxi6EOYTqUgT
9+fPuugXfjanAXHYA8xTpb41mt2VpEQ2lXthlqDEem4xE9KqFL3Ljv8jIYhSL78U
t0ywUlVyEN9Yb0dtDvJfLdMkZ+i3XdueOnsOV3Wp4/yBCAAUo3F9dDzJ4QxQiObU
0fHez3xO830+LvRGad3F/rFVagi+xzlz8WrsiE+Y19sAFzs0oA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:36:35 2025 by rpki-client