Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470b6c76-cd1a-4db4-baf5-1c6d8654a52c.roa
File: 470b6c76-cd1a-4db4-baf5-1c6d8654a52c.roa (raw, json)
Hash identifier: +4ygJLaz2TbIvUace82eC8fzpN+G2U8VAbM55152HEM=
Subject key identifier: 5F:15:18:73:39:D8:51:BB:F4:B3:B3:FA:3E:59:8E:71:E8:C8:83:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0DDE8CB80FBA56BC02EF38AA6695F2C30AB451B2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470b6c76-cd1a-4db4-baf5-1c6d8654a52c.roa
Signing time: Fri 11 Jul 2025 19:31:08 +0000
ROA not before: Fri 11 Jul 2025 19:31:08 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:de:8c:b8:0f:ba:56:bc:02:ef:38:aa:66:95:f2:c3:0a:b4:51:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:31:08 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=f87de3805bc8ab3c02784d19656dc0c350514cbb35e5558d0acb75364e2a21ea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:5c:41:30:93:05:60:1a:a6:63:0b:56:f0:f0:
29:80:92:96:db:9d:cd:e4:19:13:f6:cd:f4:89:19:
40:85:d6:f9:2a:7b:0b:ae:fe:c0:9f:9a:ca:a7:8e:
20:13:c9:7c:de:c5:23:a7:86:73:95:4d:c2:39:1c:
6a:75:44:ba:b0:bd:70:df:1d:49:84:0c:8e:61:b9:
0d:16:3c:c9:c8:42:14:8e:4d:78:b0:5a:c1:49:44:
d4:bf:6a:43:fd:aa:f8:3c:3c:6a:91:79:66:44:b1:
4f:d2:bf:7a:73:87:5f:02:84:5c:61:05:c5:18:3f:
1f:6a:81:47:e2:dc:48:0b:ce:18:9b:0e:52:44:59:
9c:14:b2:da:02:25:d0:2f:ca:f5:d8:1d:21:38:6a:
4f:53:e9:5b:8d:b4:d6:9b:6a:8e:98:f7:3d:61:23:
1d:68:29:9f:ae:aa:d6:d7:46:72:11:3c:4a:0a:89:
fd:bb:73:70:bd:be:19:c4:26:a0:22:ad:a1:fe:bc:
76:c0:f2:fe:00:20:e7:2d:2c:7c:e5:4b:8e:48:27:
5c:38:4e:60:da:ec:39:26:68:10:a9:9d:e7:46:87:
60:fc:77:06:89:34:d2:d6:40:78:d8:49:c7:f1:ac:
2b:fc:ed:60:3f:d4:38:52:b3:a8:2b:20:d5:b7:08:
32:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:15:18:73:39:D8:51:BB:F4:B3:B3:FA:3E:59:8E:71:E8:C8:83:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470b6c76-cd1a-4db4-baf5-1c6d8654a52c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:1000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:1e:3a:77:1c:2f:8e:a2:37:7b:9a:f6:cf:5a:a8:ae:32:23:
49:00:22:bb:f3:cb:f8:22:57:c3:12:14:6d:6b:5d:e1:c8:ae:
7e:f3:87:2b:b8:5f:e2:8c:8f:8e:ac:b0:f1:d8:16:28:5f:07:
f4:90:c2:39:cc:5c:06:17:48:58:49:33:38:f2:b3:ff:8c:64:
c4:61:f1:7d:4f:93:2d:df:51:25:d5:ee:ce:e2:0d:19:05:2d:
b5:32:ec:b3:79:74:90:7f:a4:61:4c:65:db:29:29:e2:6d:74:
21:97:85:59:dd:ff:0a:72:b3:4a:73:d9:9a:0d:6f:76:51:7c:
5e:82:62:f7:92:2c:66:ac:a9:c7:47:a0:24:98:b1:a4:1d:c2:
ba:77:a5:0d:55:36:f8:06:9a:a5:ea:ef:8c:38:23:08:4b:68:
d6:50:02:ae:d4:26:c2:09:cb:5d:0a:8b:b9:c9:ff:46:47:c9:
ec:47:1f:eb:ab:4f:a8:f6:4f:cf:53:07:81:77:20:aa:4b:b0:
e5:6d:77:0e:d1:16:17:0e:17:71:28:5b:be:8e:9a:68:e9:dc:
11:1c:23:5e:9e:38:62:95:4d:18:b8:09:f3:fc:19:d5:80:2f:
2d:24:33:3a:e5:d2:66:a0:8e:9a:67:8a:aa:72:d5:44:2c:69:
08:30:5f:4a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDd6MuA+6VrwC7ziqZpXywwq0UbIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMxMDhaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4N2RlMzgwNWJjOGFiM2MwMjc4NGQxOTY1NmRjMGMzNTA1MTRjYmIzNWU1
NTU4ZDBhY2I3NTM2NGUyYTIxZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZcQTCTBWAapmMLVvDwKYCSltudzeQZE/bN9IkZQIXW+Sp7C67+wJ+ayqeO
IBPJfN7FI6eGc5VNwjkcanVEurC9cN8dSYQMjmG5DRY8ychCFI5NeLBawUlE1L9q
Q/2q+Dw8apF5ZkSxT9K/enOHXwKEXGEFxRg/H2qBR+LcSAvOGJsOUkRZnBSy2gIl
0C/K9dgdIThqT1PpW4201ptqjpj3PWEjHWgpn66q1tdGchE8SgqJ/btzcL2+GcQm
oCKtof68dsDy/gAg5y0sfOVLjkgnXDhOYNrsOSZoEKmd50aHYPx3Bok00tZAeNhJ
x/GsK/ztYD/UOFKzqCsg1bcIMs8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRfFRhz
OdhRu/Szs/o+WY5x6MiDjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDcwYjZjNzYtY2QxYS00ZGI0LWJhZjUtMWM2ZDg2NTRhNTJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA8Hjp3HC+Oojd7mvbPWqiuMiNJACK788v4IlfD
EhRta13hyK5+84cruF/ijI+OrLDx2BYoXwf0kMI5zFwGF0hYSTM48rP/jGTEYfF9
T5Mt31El1e7O4g0ZBS21MuyzeXSQf6RhTGXbKSnibXQhl4VZ3f8KcrNKc9maDW92
UXxegmL3kixmrKnHR6AkmLGkHcK6d6UNVTb4Bpql6u+MOCMIS2jWUAKu1CbCCctd
Cou5yf9GR8nsRx/rq0+o9k/PUweBdyCqS7DlbXcO0RYXDhdxKFu+jppo6dwRHCNe
njhilU0YuAnz/BnVgC8tJDM65dJmoI6aZ4qqctVELGkIMF9K
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:42 2025 by rpki-client