Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
File: 4498c2d2-5806-4a94-bd91-8de10249561d.roa (raw, json)
Hash identifier: qBhWmjCQKjiLNw7voIjNNZ3HhrRJhLt4UcBNOcLv9sc=
Subject key identifier: DA:5E:29:04:59:76:FD:DC:8E:A9:4D:DF:44:4C:62:01:B4:BF:AC:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7BBFCCAB0BE5C7253B08AA4EED3F1D5B2401F6F6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
Signing time: Fri 11 Jul 2025 20:00:57 +0000
ROA not before: Fri 11 Jul 2025 20:00:57 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:bf:cc:ab:0b:e5:c7:25:3b:08:aa:4e:ed:3f:1d:5b:24:01:f6:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:00:57 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=f925d93b6d2625367862a0f5bdd3c19d58dd132fb2f82aed8db1919bcbe35e5f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:83:a0:6c:e9:8d:78:75:3c:03:53:88:de:c7:
86:50:77:29:91:20:9a:4d:00:49:c5:fa:ea:e9:e4:
ea:07:d4:2f:90:21:87:de:0e:d4:80:c8:9e:cb:d7:
9e:39:7a:f1:9c:41:62:85:65:84:7b:04:07:98:9b:
a7:0d:68:6c:19:81:c7:a2:85:63:b8:22:b0:ff:65:
68:6e:35:8c:3f:e5:be:f9:49:da:c3:0b:0d:05:4a:
8e:d9:43:01:83:fe:49:84:02:e6:03:94:99:7d:67:
91:ee:88:55:03:c9:b1:dc:56:38:27:60:97:2a:48:
f2:e5:0f:d6:21:18:2d:93:7b:fd:e0:49:51:51:53:
18:0c:bf:1e:2a:ba:e2:e2:00:0c:36:43:7a:fb:1a:
11:89:53:13:78:60:ae:39:b3:9e:7c:75:b3:65:e4:
a3:50:79:5e:6b:8b:73:6f:9d:71:3e:49:01:13:69:
64:ce:97:34:03:8c:45:b3:ea:da:2b:9a:79:d4:a1:
ea:32:8d:1c:60:cf:41:61:77:c4:b0:8a:70:ed:f6:
e6:69:e2:3c:0b:b0:d1:b3:70:04:63:33:bf:ce:a7:
98:81:0b:e3:fa:00:8d:73:b6:47:f6:18:56:04:e1:
f2:b5:6d:38:49:18:21:89:25:54:72:b0:9d:54:7a:
b8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:5E:29:04:59:76:FD:DC:8E:A9:4D:DF:44:4C:62:01:B4:BF:AC:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:e000::/40
Signature Algorithm: sha256WithRSAEncryption
50:25:90:41:d2:41:9a:54:af:70:de:d4:79:24:a7:d7:c7:55:
09:29:dc:ce:ea:51:1c:40:c8:f1:14:16:b6:f7:55:8a:8b:a5:
1e:6f:18:68:65:f3:8b:46:1a:a9:43:bc:ac:30:e6:b9:20:a1:
fd:3c:6b:9c:ec:0d:c5:09:13:a1:1c:fd:2c:ba:fb:8d:e1:75:
e4:58:cd:3c:c0:70:32:29:0d:84:32:cd:0b:d0:fe:20:bf:ff:
a3:12:7e:c4:bc:11:56:ee:8e:a5:b7:ae:85:0e:73:36:2b:60:
d3:5e:9f:bc:df:58:83:1a:d1:1d:b5:de:d2:45:24:e7:33:30:
25:39:65:84:24:9b:9d:eb:7b:be:fd:40:0c:2c:d7:de:0e:65:
a8:9c:42:67:54:ad:c1:a0:ee:1c:a1:d0:46:d3:fb:cc:1e:65:
9d:fd:9c:a8:5c:cf:b1:7a:4e:c8:a1:6a:1d:ba:06:05:cb:4d:
a6:c5:99:f7:d1:4f:02:3c:1d:11:04:2d:c8:71:5b:ad:28:29:
ee:02:34:45:2e:e6:7c:9b:4e:da:a0:49:91:46:64:67:41:39:
40:28:54:2c:84:5b:0b:98:68:9c:29:c9:ca:9c:96:6a:2f:6b:
bf:b3:e5:8e:e1:87:66:32:82:05:c3:73:b2:c4:93:7b:39:de:
37:24:ed:4c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe7/MqwvlxyU7CKpO7T8dWyQB9vYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAwNTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5MjVkOTNiNmQyNjI1MzY3ODYyYTBmNWJkZDNjMTlkNThkZDEzMmZiMmY4
MmFlZDhkYjE5MTliY2JlMzVlNWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+DoGzpjXh1PANTiN7HhlB3KZEgmk0AScX66unk6gfUL5Ahh94O1IDInsvX
njl68ZxBYoVlhHsEB5ibpw1obBmBx6KFY7gisP9laG41jD/lvvlJ2sMLDQVKjtlD
AYP+SYQC5gOUmX1nke6IVQPJsdxWOCdglypI8uUP1iEYLZN7/eBJUVFTGAy/Hiq6
4uIADDZDevsaEYlTE3hgrjmznnx1s2Xko1B5XmuLc2+dcT5JARNpZM6XNAOMRbPq
2iuaedSh6jKNHGDPQWF3xLCKcO325mniPAuw0bNwBGMzv86nmIEL4/oAjXO2R/YY
VgTh8rVtOEkYIYklVHKwnVR6uDcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTaXikE
WXb93I6pTd9ETGIBtL+sgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQ5OGMyZDItNTgwNi00YTk0LWJkOTEtOGRlMTAyNDk1NjFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hjg
MA0GCSqGSIb3DQEBCwUAA4IBAQBQJZBB0kGaVK9w3tR5JKfXx1UJKdzO6lEcQMjx
FBa291WKi6UebxhoZfOLRhqpQ7ysMOa5IKH9PGuc7A3FCROhHP0suvuN4XXkWM08
wHAyKQ2EMs0L0P4gv/+jEn7EvBFW7o6lt66FDnM2K2DTXp+831iDGtEdtd7SRSTn
MzAlOWWEJJud63u+/UAMLNfeDmWonEJnVK3BoO4codBG0/vMHmWd/ZyoXM+xek7I
oWodugYFy02mxZn30U8CPB0RBC3IcVutKCnuAjRFLuZ8m07aoEmRRmRnQTlAKFQs
hFsLmGicKcnKnJZqL2u/s+WO4YdmMoIFw3OyxJN7Od43JO1M
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:05 2025 by rpki-client