Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
File: 48202432-610c-42b2-9763-e895c6cbe70d.roa (raw, json)
Hash identifier: 3wknp/i8kJi4/8dHXP2LiAG0WmjO6GK2VPkiXFyFA+4=
Subject key identifier: 73:DF:22:DC:71:6A:6C:9C:A8:E8:89:F1:1D:93:88:9E:5A:D1:D9:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FB9AF838ED78B591B737A059F8B0FE04736A5B5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
Signing time: Fri 04 Jul 2025 18:30:22 +0000
ROA not before: Fri 04 Jul 2025 18:30:22 +0000
ROA not after: Fri 08 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:b9:af:83:8e:d7:8b:59:1b:73:7a:05:9f:8b:0f:e0:47:36:a5:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 4 18:30:22 2025 GMT
Not After : Aug 8 23:59:59 2025 GMT
Subject: serialNumber=f6f39f2bbacb766b85e219a4156e9b6b41bcf3867418e6cd194a238db08e1173, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a9:01:19:24:55:50:53:7e:1e:f2:80:7d:c9:
ab:da:4c:c1:64:ef:88:5d:c7:a2:7c:a5:9c:28:31:
10:29:6f:e0:9f:8d:0a:b4:8c:9d:80:ec:ef:09:fa:
79:33:e0:f8:ff:38:f4:b4:da:24:70:c1:3b:95:5f:
90:1f:5e:5a:99:d0:57:c8:02:19:f2:0a:54:f3:48:
a5:66:5d:95:44:fd:ca:f5:e8:88:a7:f2:35:1c:f6:
a8:48:e1:0a:bc:97:4d:d2:74:8b:c2:cb:fc:75:ec:
d5:7b:9a:de:fd:b0:12:8a:cf:c9:cb:5f:2a:6a:da:
20:9f:f2:ed:f3:e1:c2:8a:a4:86:4b:8b:dd:ef:c1:
65:af:5a:87:83:15:a5:08:a7:4c:4e:10:18:dd:80:
b9:64:4f:19:76:a2:16:8e:ca:51:57:d2:76:6d:3d:
07:45:33:14:fb:1f:7d:61:83:8d:70:5d:64:e2:5a:
a1:63:d9:19:54:b1:73:0d:4e:5a:af:1d:91:16:a9:
e6:c3:c5:08:79:d6:14:9e:aa:f8:9d:92:99:ff:04:
70:4d:04:a0:e3:f7:a2:59:d2:3d:d2:5b:28:ca:8d:
fb:85:4b:5c:4e:12:3e:2e:9f:94:7b:17:6f:cd:ef:
b6:41:ed:93:cf:12:ca:9d:03:4a:e2:5d:83:a6:df:
ec:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:DF:22:DC:71:6A:6C:9C:A8:E8:89:F1:1D:93:88:9E:5A:D1:D9:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:1000::/48
Signature Algorithm: sha256WithRSAEncryption
13:eb:24:fa:5f:01:2d:79:c8:82:7f:21:b9:5b:b3:38:68:c2:
7f:e2:97:dc:8d:d0:5a:56:58:89:d4:8a:7a:d7:00:46:47:1a:
fd:33:ca:c7:13:b7:49:a3:6b:60:70:6d:87:89:94:85:63:67:
30:c5:7b:38:86:7f:db:c6:73:7f:60:a7:ff:b3:ff:5c:83:ce:
14:4a:7d:d5:1d:00:36:1e:9d:82:94:77:f3:83:3d:c2:be:b6:
e4:ad:1d:b0:36:8f:0e:7a:5c:1e:37:a5:a1:34:70:15:09:a3:
9e:0c:78:11:08:70:db:dc:2f:a5:e8:0f:10:27:30:19:21:85:
73:23:4a:72:92:7a:a4:f4:3c:a1:08:45:80:ab:e9:05:67:41:
b3:ac:99:ed:0f:42:b1:17:8d:a5:7d:42:c9:ae:4b:c6:d0:9e:
cd:86:ca:1b:f4:5f:a7:ef:20:3f:69:2e:12:63:fd:b4:3c:9b:
fa:48:10:28:b6:cf:b7:3f:00:0d:87:d7:9e:fb:14:3e:e2:c2:
65:cf:88:dc:76:84:da:ca:26:4f:91:53:51:8d:86:59:23:87:
36:6e:a9:b2:a1:b2:dc:1d:4b:81:aa:14:76:c9:ee:c4:b6:42:
5e:33:70:07:c7:41:8f:95:6a:3c:35:9d:f7:d5:64:9f:db:67:
54:b1:49:78
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUf7mvg47Xi1kbc3oFn4sP4Ec2pbUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDQxODMwMjJaFw0yNTA4MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2ZjM5ZjJiYmFjYjc2NmI4NWUyMTlhNDE1NmU5YjZiNDFiY2YzODY3NDE4
ZTZjZDE5NGEyMzhkYjA4ZTExNzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJmpARkkVVBTfh7ygH3Jq9pMwWTviF3HonylnCgxEClv4J+NCrSMnYDs7wn6
eTPg+P849LTaJHDBO5VfkB9eWpnQV8gCGfIKVPNIpWZdlUT9yvXoiKfyNRz2qEjh
CryXTdJ0i8LL/HXs1Xua3v2wEorPyctfKmraIJ/y7fPhwoqkhkuL3e/BZa9ah4MV
pQinTE4QGN2AuWRPGXaiFo7KUVfSdm09B0UzFPsffWGDjXBdZOJaoWPZGVSxcw1O
Wq8dkRap5sPFCHnWFJ6q+J2Smf8EcE0EoOP3olnSPdJbKMqN+4VLXE4SPi6flHsX
b83vtkHtk88Syp0DSuJdg6bf7FkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRz3yLc
cWpsnKjoifEdk4ieWtHZBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDgyMDI0MzItNjEwYy00MmIyLTk3NjMtZTg5NWM2Y2JlNzBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HYQ
ADANBgkqhkiG9w0BAQsFAAOCAQEAE+sk+l8BLXnIgn8huVuzOGjCf+KX3I3QWlZY
idSKetcARkca/TPKxxO3SaNrYHBth4mUhWNnMMV7OIZ/28Zzf2Cn/7P/XIPOFEp9
1R0ANh6dgpR384M9wr625K0dsDaPDnpcHjeloTRwFQmjngx4EQhw29wvpegPECcw
GSGFcyNKcpJ6pPQ8oQhFgKvpBWdBs6yZ7Q9CsReNpX1Cya5LxtCezYbKG/Rfp+8g
P2kuEmP9tDyb+kgQKLbPtz8ADYfXnvsUPuLCZc+I3HaE2somT5FTUY2GWSOHNm6p
sqGy3B1LgaoUdsnuxLZCXjNwB8dBj5VqPDWd99Vkn9tnVLFJeA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:18 2025 by rpki-client