Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
File: 470f3c02-20c3-480f-a788-60d7378cea9b.roa (raw, json)
Hash identifier: +WoKabdeAK5aWJZ1eUraWipYGnIQFdfVe7ntS3e9yoQ=
Subject key identifier: 9A:64:91:75:5B:37:D9:0F:94:23:2A:00:14:D2:D4:91:B3:1C:42:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46543A6977BC70ABC898866533C7091A750843C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
Signing time: Mon 07 Jul 2025 18:20:40 +0000
ROA not before: Mon 07 Jul 2025 18:20:40 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:54:3a:69:77:bc:70:ab:c8:98:86:65:33:c7:09:1a:75:08:43:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:20:40 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=36227cc26a13dc918a938f51872aa29f331a936e9a8bcd42857ad02061372ce3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e1:11:b4:35:86:8f:78:96:bb:9c:a2:97:38:
0b:ea:c2:36:5b:24:2b:dc:77:a6:47:78:a2:2d:a4:
8c:60:64:52:34:65:10:01:18:0b:13:c2:d2:66:1a:
b2:4a:60:14:e1:ad:8e:df:72:79:d3:65:db:f8:94:
72:87:26:28:33:a6:f5:db:8c:55:9a:74:0d:87:82:
89:eb:f8:9c:91:2f:92:56:cd:8b:3e:a2:86:0e:4f:
aa:47:fb:ac:78:fe:e1:f3:00:ec:79:a7:96:6f:c3:
7f:1d:b6:f5:2e:59:13:35:ef:bd:0e:89:92:5b:2a:
df:d7:e2:20:4e:c4:87:e2:e0:bc:b0:bd:d3:be:3e:
67:e9:22:c4:04:f0:87:2c:f5:66:4f:cd:28:41:e1:
6e:95:bb:26:b2:db:c4:4d:5b:29:f4:c8:26:77:f9:
44:e7:3a:37:c0:cf:55:0a:d2:34:1a:5f:06:70:bd:
b7:a7:96:17:a2:09:b6:f1:37:77:aa:cf:bf:34:e1:
5d:fc:3b:ac:56:30:45:c5:65:0a:88:15:4c:1d:95:
25:12:05:24:78:24:67:54:b0:b4:be:e5:f5:2b:f9:
a5:84:d3:2e:4e:f9:1b:dc:0c:f0:98:ff:aa:06:dc:
29:31:0a:05:ed:03:d1:12:47:8a:9d:1f:9f:b7:fe:
e6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:64:91:75:5B:37:D9:0F:94:23:2A:00:14:D2:D4:91:B3:1C:42:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:880::/48
Signature Algorithm: sha256WithRSAEncryption
80:2a:5c:f3:01:b7:19:80:18:64:ca:f0:74:5c:76:f6:44:20:
9b:02:bf:b3:c5:ce:5a:f5:d9:c3:6b:3c:8a:7a:28:77:5f:65:
c9:ec:b1:37:4f:10:65:0c:f3:08:d1:b0:f0:54:7e:d2:05:eb:
c4:f0:61:ab:50:79:a4:1e:95:0d:11:70:3d:10:f8:75:c0:86:
69:aa:4d:58:15:67:aa:c8:67:18:19:51:ad:d8:5f:6b:71:bd:
d6:3e:73:a1:9b:80:f8:f4:26:d2:68:3f:44:76:d6:2c:68:3b:
42:2b:9c:1b:db:15:b4:ad:7c:98:23:ba:2f:62:ff:71:ec:b3:
1b:7a:88:92:52:ed:47:75:51:d6:ed:49:72:e9:09:c7:2b:31:
48:24:18:7f:b5:ff:91:c3:b9:4d:4a:1d:8f:c8:88:33:5d:d2:
99:88:d0:44:24:1d:bc:9c:5b:01:b0:2f:c7:41:30:6c:e7:4a:
2c:65:09:aa:6b:4a:49:c7:59:66:f6:eb:ec:45:6d:12:30:c9:
50:51:e4:e4:ff:8a:10:b5:a7:ca:3a:33:e9:9d:33:12:45:a7:
d2:c8:0a:fe:60:e8:8e:88:3e:46:7a:9c:f1:82:9a:64:c2:fc:
d2:db:ed:59:7d:e9:18:89:16:b1:58:da:da:65:a0:44:ca:e0:
f0:32:27:da
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURlQ6aXe8cKvImIZlM8cJGnUIQ8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIwNDBaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2MjI3Y2MyNmExM2RjOTE4YTkzOGY1MTg3MmFhMjlmMzMxYTkzNmU5YThi
Y2Q0Mjg1N2FkMDIwNjEzNzJjZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfhEbQ1ho94lrucopc4C+rCNlskK9x3pkd4oi2kjGBkUjRlEAEYCxPC0mYa
skpgFOGtjt9yedNl2/iUcocmKDOm9duMVZp0DYeCiev4nJEvklbNiz6ihg5Pqkf7
rHj+4fMA7Hmnlm/Dfx229S5ZEzXvvQ6Jklsq39fiIE7Eh+LgvLC9074+Z+kixATw
hyz1Zk/NKEHhbpW7JrLbxE1bKfTIJnf5ROc6N8DPVQrSNBpfBnC9t6eWF6IJtvE3
d6rPvzThXfw7rFYwRcVlCogVTB2VJRIFJHgkZ1SwtL7l9Sv5pYTTLk75G9wM8Jj/
qgbcKTEKBe0D0RJHip0fn7f+5u8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSaZJF1
WzfZD5QjKgAU0tSRsxxCnTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDcwZjNjMDItMjBjMy00ODBmLWE3ODgtNjBkNzM3OGNlYTliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8I
gDANBgkqhkiG9w0BAQsFAAOCAQEAgCpc8wG3GYAYZMrwdFx29kQgmwK/s8XOWvXZ
w2s8inood19lyeyxN08QZQzzCNGw8FR+0gXrxPBhq1B5pB6VDRFwPRD4dcCGaapN
WBVnqshnGBlRrdhfa3G91j5zoZuA+PQm0mg/RHbWLGg7QiucG9sVtK18mCO6L2L/
ceyzG3qIklLtR3VR1u1JcukJxysxSCQYf7X/kcO5TUodj8iIM13SmYjQRCQdvJxb
AbAvx0EwbOdKLGUJqmtKScdZZvbr7EVtEjDJUFHk5P+KELWnyjoz6Z0zEkWn0sgK
/mDojog+Rnqc8YKaZML80tvtWX3pGIkWsVja2mWgRMrg8DIn2g==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:44:44 2025 by rpki-client