Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/452f19af-8187-465e-9ab8-4e678c11315e.roa
File: 452f19af-8187-465e-9ab8-4e678c11315e.roa (raw, json)
Hash identifier: yKeCUaZ3lmzLnjTuf7mFQm/sUhlreI70zXnU9ajDK+c=
Subject key identifier: E3:0F:1F:12:DE:A3:B5:9C:71:60:1D:38:85:4C:57:47:CD:20:74:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1132C79CC24818DC81B35FAC52F95CA1EAA30EFD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/452f19af-8187-465e-9ab8-4e678c11315e.roa
Signing time: Fri 11 Jul 2025 20:50:12 +0000
ROA not before: Fri 11 Jul 2025 20:50:12 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02b::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:32:c7:9c:c2:48:18:dc:81:b3:5f:ac:52:f9:5c:a1:ea:a3:0e:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:50:12 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=2cbd99e74411ecc7dc50fd33a7eb5984a7edac2df361c2a20a8b2a3a141fe651, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1f:70:8d:cd:66:09:db:bb:17:99:eb:e4:0d:
ba:e1:29:78:aa:7d:f0:16:51:5c:ce:77:f5:08:14:
02:6e:14:d3:2c:0b:91:46:05:5d:60:f1:9c:07:e2:
28:25:e5:d3:36:bd:bd:38:63:15:e6:ef:5b:8f:24:
12:86:b7:1a:ac:0c:75:49:45:6d:96:a5:e2:83:34:
3f:e9:0d:58:1a:52:70:ef:31:cc:4a:3d:c8:06:a7:
2c:b4:fb:9c:a9:63:72:cc:d1:d9:26:88:94:9b:2f:
42:fa:9d:7a:13:4e:c3:08:7c:25:07:e6:50:97:2c:
33:92:27:ac:ab:8f:c5:29:26:27:88:fe:39:12:d1:
c5:66:5d:57:43:41:6c:08:84:54:8f:44:e4:72:4e:
0d:51:c9:e9:38:8d:be:69:20:d0:bc:96:de:40:0e:
33:e1:e6:b6:2d:db:62:f1:2d:a2:ef:ab:76:20:83:
e5:1c:21:49:6c:06:68:1b:32:a0:4c:30:98:18:f3:
75:05:53:ed:c3:ee:40:de:22:63:2f:fd:81:85:ca:
6f:b0:50:18:fb:f3:b3:04:ac:19:51:ad:25:fa:2a:
cf:50:4b:8c:14:9c:c0:a5:86:39:52:38:82:74:b2:
f9:53:79:d6:ec:44:7e:9e:13:8b:2b:ad:8a:50:79:
a5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:0F:1F:12:DE:A3:B5:9C:71:60:1D:38:85:4C:57:47:CD:20:74:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/452f19af-8187-465e-9ab8-4e678c11315e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02b::/37
Signature Algorithm: sha256WithRSAEncryption
01:d1:9c:61:1a:7a:93:5f:f4:6b:96:09:20:21:39:56:03:4a:
fc:fe:64:a9:02:9a:d3:c7:02:3c:e5:50:2a:f4:04:43:c8:3c:
77:2d:ad:c3:d4:0a:6e:a8:ac:c6:1c:c4:91:12:a8:a9:8e:2a:
b6:87:49:db:c6:95:58:0b:9e:38:2e:68:a3:cf:d6:77:4a:21:
bb:7d:a7:fb:76:f2:62:98:39:b9:81:67:9d:14:4d:79:5e:13:
cb:73:7e:f4:11:24:7c:22:3e:04:0b:54:9f:2c:a1:94:9b:d7:
79:51:8b:f3:fb:12:65:32:b0:1a:79:ff:1e:99:a3:38:1f:f6:
0f:2a:6b:67:71:46:b0:ed:e9:50:95:0c:41:6e:d9:61:0a:26:
e5:de:f7:cb:10:a9:78:ae:f4:56:cf:05:8d:01:52:aa:00:59:
8b:13:2a:8f:3d:e4:66:c5:27:d4:ae:70:10:7a:a6:f1:d5:18:
78:d0:10:8f:b9:c1:97:89:e9:e3:8e:14:5b:0e:b9:a8:6d:67:
ef:44:01:1d:01:e2:7d:ed:0c:69:35:5d:8b:67:c2:2d:97:2b:
c1:8b:9d:c8:f4:e2:23:5c:ad:f7:2f:35:c4:fd:6f:e5:7b:25:
86:6e:83:3e:bc:a6:e0:60:72:06:00:2c:38:d4:1f:7a:15:ae:
13:48:5d:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUETLHnMJIGNyBs1+sUvlcoeqjDv0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDUwMTJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjYmQ5OWU3NDQxMWVjYzdkYzUwZmQzM2E3ZWI1OTg0YTdlZGFjMmRmMzYx
YzJhMjBhOGIyYTNhMTQxZmU2NTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMfcI3NZgnbuxeZ6+QNuuEpeKp98BZRXM539QgUAm4U0ywLkUYFXWDxnAfi
KCXl0za9vThjFebvW48kEoa3GqwMdUlFbZal4oM0P+kNWBpScO8xzEo9yAanLLT7
nKljcszR2SaIlJsvQvqdehNOwwh8JQfmUJcsM5InrKuPxSkmJ4j+ORLRxWZdV0NB
bAiEVI9E5HJODVHJ6TiNvmkg0LyW3kAOM+Hmti3bYvEtou+rdiCD5RwhSWwGaBsy
oEwwmBjzdQVT7cPuQN4iYy/9gYXKb7BQGPvzswSsGVGtJfoqz1BLjBScwKWGOVI4
gnSy+VN51uxEfp4TiyutilB5pbECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTjDx8S
3qO1nHFgHTiFTFdHzSB0HzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDUyZjE5YWYtODE4Ny00NjVlLTlhYjgtNGU2NzhjMTEzMTVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0CsA
MA0GCSqGSIb3DQEBCwUAA4IBAQAB0ZxhGnqTX/RrlgkgITlWA0r8/mSpAprTxwI8
5VAq9ARDyDx3La3D1ApuqKzGHMSREqipjiq2h0nbxpVYC544Lmijz9Z3SiG7faf7
dvJimDm5gWedFE15XhPLc370ESR8Ij4EC1SfLKGUm9d5UYvz+xJlMrAaef8emaM4
H/YPKmtncUaw7elQlQxBbtlhCibl3vfLEKl4rvRWzwWNAVKqAFmLEyqPPeRmxSfU
rnAQeqbx1Rh40BCPucGXienjjhRbDrmobWfvRAEdAeJ97QxpNV2LZ8ItlyvBi53I
9OIjXK33LzXE/W/leyWGboM+vKbgYHIGACw41B96Fa4TSF1Z
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:48:59 2025 by rpki-client