Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
File: 455182aa-6d74-4447-81a6-6be09732e55d.roa (raw, json)
Hash identifier: Lm+88csSosp8sBXB7Cr3Z1gjgNVA5t6oHqaTuIeyWvM=
Subject key identifier: F3:05:B5:BC:C2:AD:AE:E8:B3:9C:48:1A:95:EC:46:34:9F:50:E2:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C666AE2A133A39663CD71A8DDBB071340A866FC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
Signing time: Fri 11 Jul 2025 20:41:18 +0000
ROA not before: Fri 11 Jul 2025 20:41:18 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:66:6a:e2:a1:33:a3:96:63:cd:71:a8:dd:bb:07:13:40:a8:66:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:41:18 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=aa2eb542b1e579c1fe5394fda4d2b379bbf51a282bed6ab78da3ef01ede7d4e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:10:b0:ca:4b:04:5f:15:c2:2b:95:f4:50:40:
56:8f:45:8a:97:25:89:96:1c:ad:55:89:78:49:b5:
da:1f:53:13:1f:cb:23:37:77:13:1e:55:be:67:8b:
f1:84:a2:22:c0:71:ab:dc:b8:e1:67:ee:58:99:8d:
2a:70:c6:2c:20:c0:68:78:7b:16:c4:5b:40:60:71:
b4:7b:2b:6e:24:09:3d:96:01:c0:d6:f2:57:e1:9e:
2d:33:17:97:d5:8e:93:9d:66:ae:80:96:c5:da:d6:
cf:de:4f:86:39:d3:b2:74:39:63:ca:3a:94:2e:0d:
b8:23:0b:38:b6:18:aa:5f:08:2f:8f:5c:a9:79:22:
43:17:ec:66:fe:53:53:ae:bc:4b:22:9a:65:b6:a4:
b5:42:b5:ac:cd:89:74:61:5e:11:81:51:d0:8a:17:
14:9c:77:9c:0b:2f:63:59:96:a6:7e:aa:9d:85:03:
75:10:97:5e:47:b0:48:fe:a6:05:1c:ac:fd:8c:38:
ad:e2:53:d3:5a:2a:9b:35:dd:71:88:b6:56:9b:92:
6a:37:90:d0:c0:7c:cf:9d:5c:4d:5b:96:b2:78:b6:
4b:24:2c:f0:89:42:ce:bb:d7:cf:74:af:6b:df:dd:
55:44:c1:08:2d:14:58:84:08:9d:59:3f:db:60:2b:
c8:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:05:B5:BC:C2:AD:AE:E8:B3:9C:48:1A:95:EC:46:34:9F:50:E2:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:c00::/38
Signature Algorithm: sha256WithRSAEncryption
0a:d6:91:11:e6:db:3f:fd:50:46:ba:15:0c:a4:2f:b6:96:0e:
d7:d2:4d:8e:31:a1:c6:0d:8e:f7:2a:6e:92:13:28:0e:1f:5f:
df:d8:7e:91:a1:b2:35:17:df:68:4a:22:42:1b:cf:be:34:4e:
b4:96:df:11:03:44:82:91:d7:5a:99:d6:32:0f:42:6c:8e:44:
d9:a2:59:06:5b:ae:b1:6b:45:65:9f:2f:3c:94:fa:60:91:03:
cd:f8:2b:51:e2:26:d8:02:78:dd:95:59:b1:cb:1b:ef:d2:1c:
e3:cc:45:d6:d0:71:b3:3b:71:f3:d3:63:35:53:22:e0:b6:13:
9f:42:d6:1a:dd:e2:75:5d:24:94:43:20:ea:11:80:a9:0e:41:
72:49:cd:ac:13:0c:cc:24:d8:ed:f2:ed:fb:e2:75:2c:9f:af:
e8:24:0c:5c:c5:59:28:5a:4c:0f:0f:37:55:71:df:8f:64:0b:
5c:46:61:c2:ef:fb:74:fd:3b:59:0c:e0:7d:c7:90:de:8f:6b:
45:04:08:cc:45:07:06:44:ca:ea:0c:86:4a:03:9c:0d:ad:bc:
ca:3d:9a:b7:69:ca:49:c3:3b:51:13:43:e8:a8:e3:43:15:97:
45:aa:97:7b:02:e4:1e:22:10:42:ed:6e:2d:c2:ac:b9:2d:35:
18:77:6f:0a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfGZq4qEzo5ZjzXGo3bsHE0CoZvwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQxMThaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhMmViNTQyYjFlNTc5YzFmZTUzOTRmZGE0ZDJiMzc5YmJmNTFhMjgyYmVk
NmFiNzhkYTNlZjAxZWRlN2Q0ZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIwQsMpLBF8VwiuV9FBAVo9FipcliZYcrVWJeEm12h9TEx/LIzd3Ex5VvmeL
8YSiIsBxq9y44WfuWJmNKnDGLCDAaHh7FsRbQGBxtHsrbiQJPZYBwNbyV+GeLTMX
l9WOk51mroCWxdrWz95PhjnTsnQ5Y8o6lC4NuCMLOLYYql8IL49cqXkiQxfsZv5T
U668SyKaZbaktUK1rM2JdGFeEYFR0IoXFJx3nAsvY1mWpn6qnYUDdRCXXkewSP6m
BRys/Yw4reJT01oqmzXdcYi2VpuSajeQ0MB8z51cTVuWsni2SyQs8IlCzrvXz3Sv
a9/dVUTBCC0UWIQInVk/22AryIkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTzBbW8
wq2u6LOcSBqV7EY0n1Di4TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1MTgyYWEtNmQ3NC00NDQ3LTgxYTYtNmJlMDk3MzJlNTVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4M
MA0GCSqGSIb3DQEBCwUAA4IBAQAK1pER5ts//VBGuhUMpC+2lg7X0k2OMaHGDY73
Km6SEygOH1/f2H6RobI1F99oSiJCG8++NE60lt8RA0SCkddamdYyD0JsjkTZolkG
W66xa0Vlny88lPpgkQPN+CtR4ibYAnjdlVmxyxvv0hzjzEXW0HGzO3Hz02M1UyLg
thOfQtYa3eJ1XSSUQyDqEYCpDkFySc2sEwzMJNjt8u374nUsn6/oJAxcxVkoWkwP
DzdVcd+PZAtcRmHC7/t0/TtZDOB9x5Dej2tFBAjMRQcGRMrqDIZKA5wNrbzKPZq3
acpJwztRE0PoqONDFZdFqpd7AuQeIhBC7W4twqy5LTUYd28K
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:51:57 2025 by rpki-client