Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
File: 4408cd10-0fa6-407f-adbc-3a7a668523d6.roa (raw, json)
Hash identifier: oTrdQlrWjYnnjmzQ3lAF8LIRw/O6KzLmvZpmsWBrhpg=
Subject key identifier: AC:88:A9:8F:21:D1:FF:A9:E6:D4:6B:38:63:41:80:F0:62:AB:F2:D8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77A045C6CCE638CB97F0214751312C348B8883C7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
Signing time: Fri 11 Jul 2025 18:40:18 +0000
ROA not before: Fri 11 Jul 2025 18:40:18 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:a0:45:c6:cc:e6:38:cb:97:f0:21:47:51:31:2c:34:8b:88:83:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:40:18 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=63782d49a33f5da0677eb36bc54ec807b2f4bbe89bf8ce5b9ee6570cebc2d1d3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ed:90:c7:ad:b2:23:b0:27:f5:37:af:1f:c9:
e6:23:ce:f0:c3:9c:c0:39:11:b7:76:fe:67:47:5a:
68:fd:f4:c4:33:f9:e1:99:40:47:ca:10:fb:42:2d:
0b:2b:7b:da:70:0d:30:6f:58:d5:65:f8:7f:b6:7d:
3f:9d:c1:a0:b1:cd:a7:b7:15:43:32:1e:0a:60:fb:
9c:02:a4:03:19:44:d7:0f:4b:e6:5f:84:fe:99:f7:
c7:5b:6c:9b:35:c3:63:39:bd:4d:31:13:19:67:54:
28:c7:6e:8f:39:b8:35:6c:9d:e9:89:c2:4a:4c:e0:
ee:d9:07:a1:a7:8e:76:4c:cb:58:11:4b:d8:db:cd:
e7:b0:ce:36:65:74:89:da:cb:e4:0d:7f:36:d2:03:
5b:36:48:fa:9f:91:f5:1f:c7:b2:4a:ed:9c:0c:06:
12:e2:40:6d:01:36:00:72:c2:cb:44:8e:3b:12:43:
12:9c:12:64:72:e7:a2:1d:a0:f2:8e:a4:ee:c7:bd:
9f:ad:b3:62:ec:3a:88:04:80:4a:1a:b2:7d:af:db:
b4:b7:61:c9:f0:ec:e0:e3:84:c4:79:39:1c:a7:6a:
ba:ee:e9:20:0a:71:6d:34:48:93:5a:4a:08:6b:30:
c6:aa:94:81:ca:61:e5:0e:33:0e:56:94:85:a7:74:
38:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:88:A9:8F:21:D1:FF:A9:E6:D4:6B:38:63:41:80:F0:62:AB:F2:D8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1040::/48
Signature Algorithm: sha256WithRSAEncryption
67:f3:ce:42:7e:95:8f:70:47:86:35:08:10:8e:1f:9c:93:a4:
76:d1:e6:c5:f1:d2:55:da:a3:4c:aa:c9:9a:f6:89:96:fe:f9:
9a:83:e7:6b:55:b8:c2:24:9d:5e:33:12:49:df:a2:a8:04:de:
45:07:74:b0:b5:b7:6c:b5:fe:59:78:90:f2:fe:6a:78:52:ee:
2f:2c:cc:8a:42:b9:7a:68:7f:62:c9:46:ff:08:78:8f:db:0c:
9b:fa:3d:42:6b:5c:4f:be:6b:4d:a8:71:55:62:53:94:b7:ea:
94:19:61:fc:9f:ab:75:65:b0:2b:2e:e0:4c:2a:3a:26:67:f2:
01:c0:9c:ae:33:d4:0b:52:9f:71:11:ec:85:c6:3c:92:e4:18:
ba:c2:20:ec:33:cb:ff:b3:41:87:83:98:f1:ef:44:9f:fe:1c:
f7:eb:f7:43:52:01:06:d4:d0:1e:0b:dd:e6:53:9f:ca:f8:f4:
93:87:89:45:2b:fc:89:56:2f:76:3a:0a:5c:b8:bb:64:3f:22:
ea:0e:2f:6e:7d:b1:a8:75:4d:5e:82:c5:69:34:73:3a:d0:83:
7b:36:d1:89:01:8c:1f:14:e5:c3:32:94:6b:8e:e7:c0:52:18:
3a:20:11:e5:61:ff:88:80:f9:d7:85:3c:1b:d1:86:d9:6d:6b:
a5:28:c9:a3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUd6BFxszmOMuX8CFHUTEsNIuIg8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQwMThaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzNzgyZDQ5YTMzZjVkYTA2NzdlYjM2YmM1NGVjODA3YjJmNGJiZTg5YmY4
Y2U1YjllZTY1NzBjZWJjMmQxZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/tkMetsiOwJ/U3rx/J5iPO8MOcwDkRt3b+Z0daaP30xDP54ZlAR8oQ+0It
Cyt72nANMG9Y1WX4f7Z9P53BoLHNp7cVQzIeCmD7nAKkAxlE1w9L5l+E/pn3x1ts
mzXDYzm9TTETGWdUKMdujzm4NWyd6YnCSkzg7tkHoaeOdkzLWBFL2NvN57DONmV0
idrL5A1/NtIDWzZI+p+R9R/HskrtnAwGEuJAbQE2AHLCy0SOOxJDEpwSZHLnoh2g
8o6k7se9n62zYuw6iASAShqyfa/btLdhyfDs4OOExHk5HKdquu7pIApxbTRIk1pK
CGswxqqUgcph5Q4zDlaUhad0OIsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSsiKmP
IdH/qebUazhjQYDwYqvy2DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQwOGNkMTAtMGZhNi00MDdmLWFkYmMtM2E3YTY2ODUyM2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAZ/POQn6Vj3BHhjUIEI4fnJOkdtHmxfHSVdqj
TKrJmvaJlv75moPna1W4wiSdXjMSSd+iqATeRQd0sLW3bLX+WXiQ8v5qeFLuLyzM
ikK5emh/YslG/wh4j9sMm/o9QmtcT75rTahxVWJTlLfqlBlh/J+rdWWwKy7gTCo6
JmfyAcCcrjPUC1KfcRHshcY8kuQYusIg7DPL/7NBh4OY8e9En/4c9+v3Q1IBBtTQ
Hgvd5lOfyvj0k4eJRSv8iVYvdjoKXLi7ZD8i6g4vbn2xqHVNXoLFaTRzOtCDezbR
iQGMHxTlwzKUa47nwFIYOiAR5WH/iID514U8G9GG2W1rpSjJow==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:46 2025 by rpki-client