Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48ce7dfe-434d-4b57-b520-9001ae26be85.roa
File: 48ce7dfe-434d-4b57-b520-9001ae26be85.roa (raw, json)
Hash identifier: fMW5ncoPI/pB1UutwzcW/EKjzdCMEAHJhv6KWwBjp1U=
Subject key identifier: 55:CD:93:6D:18:C2:88:29:2A:E1:48:B1:2A:1C:82:33:47:B1:FB:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 680DE87F6FF7CAEACB82D2B1B107A5AF1EAE0E0C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48ce7dfe-434d-4b57-b520-9001ae26be85.roa
Signing time: Fri 11 Jul 2025 18:50:08 +0000
ROA not before: Fri 11 Jul 2025 18:50:08 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:0d:e8:7f:6f:f7:ca:ea:cb:82:d2:b1:b1:07:a5:af:1e:ae:0e:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:50:08 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=62dc5b91dd153a90502edb9a5555836b8c6568942cf01d0dfc7d88cfd844dc89, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b9:6f:03:6f:7b:ee:b3:f0:f0:4f:fe:e2:b6:
a1:0f:ad:c7:01:56:c2:99:33:67:53:75:51:00:a9:
11:0f:54:e6:3d:4c:2f:17:7c:4b:75:b7:78:35:91:
f6:d6:5b:ef:aa:93:c5:ce:15:27:b5:4f:1c:71:62:
9b:e5:cf:b7:06:13:93:a4:b6:55:69:d3:26:dc:e5:
a7:88:b6:9b:68:14:1b:1b:06:59:cb:4e:6c:31:23:
ac:be:ee:42:80:6b:8d:58:67:58:7c:ba:3b:90:b1:
b9:bd:f2:54:be:2a:e2:80:ce:3d:f6:e2:80:00:09:
75:4a:93:9c:b5:d4:1b:2f:28:68:a1:51:82:66:00:
a8:48:e4:1a:2a:81:a7:95:8b:9c:61:9e:c8:1a:12:
86:fa:40:84:37:f0:72:35:b6:e7:15:b0:f8:17:0e:
3d:c6:48:04:c5:f7:af:3b:9c:90:48:94:b5:36:0f:
c7:d8:56:dc:bd:b9:4a:f5:18:1e:02:76:18:04:32:
e5:88:fd:53:c3:a3:04:5d:46:88:cb:0a:79:fb:3c:
eb:4f:f2:1b:cb:fd:27:af:e3:36:64:37:48:73:25:
ea:5a:b2:4a:73:1c:63:64:15:15:73:c6:70:ad:2d:
dc:bd:9c:9f:6a:3c:20:9b:52:ec:9e:ca:40:23:f1:
79:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:CD:93:6D:18:C2:88:29:2A:E1:48:B1:2A:1C:82:33:47:B1:FB:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48ce7dfe-434d-4b57-b520-9001ae26be85.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8010::/48
Signature Algorithm: sha256WithRSAEncryption
53:a2:7f:0d:bb:1a:06:96:0d:aa:49:81:43:93:b2:6f:9e:b7:
e8:1e:a0:f7:fa:c2:ba:39:9b:f6:28:d3:bc:df:c9:0b:a2:c6:
1c:36:f4:e4:65:20:f7:a6:af:31:51:cc:ac:ce:54:2d:a2:14:
c8:bc:c9:45:d3:d8:59:c1:c4:b8:0c:7d:fd:92:5f:6e:fb:da:
44:44:6b:15:f7:aa:e5:89:1a:df:c1:cd:30:c9:36:08:05:d9:
6e:30:9e:b5:a5:5f:f5:15:d0:54:1b:89:d4:04:67:40:85:e1:
41:3a:1c:22:e2:9a:1f:06:e1:a4:e7:8b:ad:84:1b:97:7a:57:
78:1d:56:9f:89:86:cb:a8:fc:cb:42:a0:e0:6a:db:51:f5:5a:
5b:01:da:6c:0b:65:bf:20:89:7f:47:5c:ff:b7:c5:0e:62:80:
9c:ca:e6:ba:e5:fc:f4:ca:9a:ec:93:40:47:5d:cb:72:a0:18:
9c:11:82:88:44:9f:04:8f:cb:6b:84:16:ea:ef:01:3e:0b:a5:
a5:49:04:a7:4e:ac:69:22:55:54:0b:a2:ff:30:1e:61:d1:81:
0d:d6:bd:18:5d:e9:72:30:e0:c9:99:a0:13:8d:65:8c:cd:1d:
0a:55:ca:0e:99:7e:ed:d9:2e:53:af:85:66:67:1f:59:7c:3f:
60:6e:47:a2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaA3of2/3yurLgtKxsQelrx6uDgwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODUwMDhaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyZGM1YjkxZGQxNTNhOTA1MDJlZGI5YTU1NTU4MzZiOGM2NTY4OTQyY2Yw
MWQwZGZjN2Q4OGNmZDg0NGRjODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALW5bwNve+6z8PBP/uK2oQ+txwFWwpkzZ1N1UQCpEQ9U5j1MLxd8S3W3eDWR
9tZb76qTxc4VJ7VPHHFim+XPtwYTk6S2VWnTJtzlp4i2m2gUGxsGWctObDEjrL7u
QoBrjVhnWHy6O5Cxub3yVL4q4oDOPfbigAAJdUqTnLXUGy8oaKFRgmYAqEjkGiqB
p5WLnGGeyBoShvpAhDfwcjW25xWw+BcOPcZIBMX3rzuckEiUtTYPx9hW3L25SvUY
HgJ2GAQy5Yj9U8OjBF1GiMsKefs860/yG8v9J6/jNmQ3SHMl6lqySnMcY2QVFXPG
cK0t3L2cn2o8IJtS7J7KQCPxeb0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRVzZNt
GMKIKSrhSLEqHIIzR7H7AjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDhjZTdkZmUtNDM0ZC00YjU3LWI1MjAtOTAwMWFlMjZiZTg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
EDANBgkqhkiG9w0BAQsFAAOCAQEAU6J/DbsaBpYNqkmBQ5Oyb5636B6g9/rCujmb
9ijTvN/JC6LGHDb05GUg96avMVHMrM5ULaIUyLzJRdPYWcHEuAx9/ZJfbvvaRERr
Ffeq5Yka38HNMMk2CAXZbjCetaVf9RXQVBuJ1ARnQIXhQTocIuKaHwbhpOeLrYQb
l3pXeB1Wn4mGy6j8y0Kg4GrbUfVaWwHabAtlvyCJf0dc/7fFDmKAnMrmuuX89Mqa
7JNAR13LcqAYnBGCiESfBI/La4QW6u8BPgulpUkEp06saSJVVAui/zAeYdGBDda9
GF3pcjDgyZmgE41ljM0dClXKDpl+7dkuU6+FZmcfWXw/YG5Hog==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:08 2025 by rpki-client