Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42fc7c20-224c-4e3b-8c6c-851926d0e396.roa
File: 42fc7c20-224c-4e3b-8c6c-851926d0e396.roa (raw, json)
Hash identifier: iZRgl7NKKwfLhaJCLVogdTlMYpjJG4wClvymiCy5iQc=
Subject key identifier: 0D:9F:50:38:EE:69:FC:22:F5:90:B4:4C:E5:CA:02:60:36:72:8C:94
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 379023E59DAF098004CE6FBD0A8A91705D693AB9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42fc7c20-224c-4e3b-8c6c-851926d0e396.roa
Signing time: Mon 21 Jul 2025 16:50:20 +0000
ROA not before: Mon 21 Jul 2025 16:50:20 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:90:23:e5:9d:af:09:80:04:ce:6f:bd:0a:8a:91:70:5d:69:3a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:50:20 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=68d26097a79400158d5b491b87c67b28b51be97ba43bb4f6cd2b7f8e702a805a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7e:4d:f9:56:19:88:d9:75:72:40:8a:2a:5b:
f6:7b:55:7c:38:b8:87:e5:e3:fe:f2:cb:bd:a9:16:
5d:28:dc:4f:79:4a:6d:2b:02:56:89:5c:ac:1c:0b:
0d:9b:3f:f4:09:d7:a7:64:86:7e:21:b8:97:a1:db:
8d:f3:5d:a2:a5:d0:53:03:d7:e2:0f:1e:96:51:9f:
ac:49:c0:f8:0e:a3:c2:93:65:4c:e2:79:c8:b4:56:
3f:8f:4a:c6:e3:1a:d2:50:51:9a:e4:9b:61:36:d0:
36:6d:7a:dd:a2:ad:70:e9:99:0c:77:65:5c:fe:b4:
9f:e8:ea:6c:6a:63:14:35:04:0d:b5:34:b6:54:89:
e9:15:f5:92:53:15:8c:c0:0e:9a:62:43:30:a6:51:
6e:e2:fa:c4:95:3f:ad:a5:32:f6:17:9c:72:cb:82:
b8:83:d6:2d:03:97:e4:9b:2e:58:19:0d:c3:a1:cd:
47:9b:eb:2f:fc:fc:e3:ed:4f:1a:5d:e1:9e:e2:1b:
8c:59:c0:be:8a:3c:2a:db:1a:38:73:63:cc:f0:81:
ea:96:92:3d:76:ba:52:fb:68:18:62:30:90:01:51:
ac:aa:26:b2:c6:af:d4:30:c8:61:7a:54:7c:f0:68:
33:11:1f:31:e3:86:f1:89:be:ed:16:bb:b4:8a:d8:
80:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:9F:50:38:EE:69:FC:22:F5:90:B4:4C:E5:CA:02:60:36:72:8C:94
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42fc7c20-224c-4e3b-8c6c-851926d0e396.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:c000::/40
Signature Algorithm: sha256WithRSAEncryption
04:6c:56:05:af:e4:cf:68:15:d2:a5:59:27:41:f0:e9:6c:8c:
c0:e5:4f:da:0b:04:98:03:3f:6d:cf:aa:45:94:c3:9a:27:67:
ee:86:70:18:db:30:9d:71:6c:92:fb:27:8a:40:4d:aa:01:dd:
e6:01:1b:ac:f8:e2:e1:5a:e3:4a:5d:6c:40:c3:36:e9:cf:87:
ec:c4:25:91:d7:e9:5d:39:48:19:33:fd:06:27:4c:e0:59:d4:
e0:a9:b1:08:7a:15:51:6f:83:0a:f6:91:57:3a:cc:e3:3c:9b:
1a:3e:51:35:46:80:16:64:8f:c8:27:27:34:3b:7b:ad:07:17:
28:8a:80:36:6d:54:65:17:75:b4:75:91:ae:19:1d:20:2d:13:
fc:4f:ca:63:22:76:e9:b9:f5:6b:ff:0a:67:ac:73:26:d5:bd:
fd:06:c2:a9:ba:e3:64:50:6a:99:29:b7:0a:7c:fd:7f:c6:36:
8a:c3:98:a1:e3:5f:d2:b3:f4:38:8b:99:a6:4a:04:91:57:01:
bf:90:ac:9a:bc:76:8a:f4:89:f3:44:34:0c:32:06:bc:2a:fc:
03:43:75:a7:62:29:c8:27:be:ef:b8:01:5f:3f:8b:1f:de:ca:
4e:a6:70:83:8d:75:7f:54:0b:94:cb:47:5b:fa:73:98:f4:fc:
eb:b8:8e:1e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN5Aj5Z2vCYAEzm+9CoqRcF1pOrkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjUwMjBaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4ZDI2MDk3YTc5NDAwMTU4ZDViNDkxYjg3YzY3YjI4YjUxYmU5N2JhNDNi
YjRmNmNkMmI3ZjhlNzAyYTgwNWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMp+TflWGYjZdXJAiipb9ntVfDi4h+Xj/vLLvakWXSjcT3lKbSsCVolcrBwL
DZs/9AnXp2SGfiG4l6HbjfNdoqXQUwPX4g8ellGfrEnA+A6jwpNlTOJ5yLRWP49K
xuMa0lBRmuSbYTbQNm163aKtcOmZDHdlXP60n+jqbGpjFDUEDbU0tlSJ6RX1klMV
jMAOmmJDMKZRbuL6xJU/raUy9heccsuCuIPWLQOX5JsuWBkNw6HNR5vrL/z84+1P
Gl3hnuIbjFnAvoo8KtsaOHNjzPCB6paSPXa6UvtoGGIwkAFRrKomssav1DDIYXpU
fPBoMxEfMeOG8Ym+7Ra7tIrYgPcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQNn1A4
7mn8IvWQtEzlygJgNnKMlDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDJmYzdjMjAtMjI0Yy00ZTNiLThjNmMtODUxOTI2ZDBlMzk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DLA
MA0GCSqGSIb3DQEBCwUAA4IBAQAEbFYFr+TPaBXSpVknQfDpbIzA5U/aCwSYAz9t
z6pFlMOaJ2fuhnAY2zCdcWyS+yeKQE2qAd3mARus+OLhWuNKXWxAwzbpz4fsxCWR
1+ldOUgZM/0GJ0zgWdTgqbEIehVRb4MK9pFXOszjPJsaPlE1RoAWZI/IJyc0O3ut
BxcoioA2bVRlF3W0dZGuGR0gLRP8T8pjInbpufVr/wpnrHMm1b39BsKpuuNkUGqZ
KbcKfP1/xjaKw5ih41/Ss/Q4i5mmSgSRVwG/kKyavHaK9InzRDQMMga8KvwDQ3Wn
YinIJ77vuAFfP4sf3spOpnCDjXV/VAuUy0db+nOY9PzruI4e
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:33:06 2025 by rpki-client