Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
File: 492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa (raw, json)
Hash identifier: qW0X4FB9g8dWkkwEIT6CLEBiMu4APlCQZo6dpUqfRQM=
Subject key identifier: 45:07:E6:B0:3F:BC:FC:DA:E8:B8:10:EF:5A:E3:08:1D:0F:96:78:CC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25E5B26B3A54E5CC74AABC42AF86E565210AB964
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
Signing time: Fri 11 Jul 2025 20:20:53 +0000
ROA not before: Fri 11 Jul 2025 20:20:53 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:e5:b2:6b:3a:54:e5:cc:74:aa:bc:42:af:86:e5:65:21:0a:b9:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:20:53 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=0a0ebd11da73bb4ddeef973e6bc1a5da0dc43b297869cc99e96ea77b57a3fcec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3f:e9:c3:52:1d:15:3f:84:0c:ef:9e:3e:ac:
df:c0:f8:c2:38:c6:34:78:9c:a0:1f:98:6d:60:bb:
a2:d6:72:e6:10:0e:f0:00:45:a6:16:68:48:9b:0f:
7f:e9:7c:6d:c5:d5:0b:84:dd:1d:77:b5:3a:64:05:
1b:86:61:03:f0:3b:f3:c9:96:ec:f8:10:e4:dd:1a:
a7:92:4a:f5:b9:36:01:c7:7c:3c:6a:00:a7:25:bc:
2e:44:04:d2:27:37:ee:7a:05:37:a6:e4:ed:26:b2:
99:9f:28:14:2e:36:aa:92:b7:80:52:4f:73:2b:b4:
a8:b8:06:05:20:a7:a7:63:96:1e:32:66:fa:79:53:
d8:8c:b6:ba:cb:11:b5:44:d6:f4:37:3f:77:86:ab:
b3:f1:90:74:89:2e:bb:fb:7e:9b:d1:d2:47:0a:8c:
4a:5a:09:e8:0e:55:4d:38:7a:3b:03:5b:42:19:b2:
b4:2f:ab:36:b6:2b:6c:d8:2c:4d:76:dc:4f:e7:0e:
f9:ec:73:ea:36:47:81:e7:bf:6f:85:0a:d9:47:56:
af:0e:3e:a6:b3:aa:32:56:96:02:26:f8:b7:ca:34:
a1:d3:ac:0e:e8:b8:e4:14:da:08:ae:c6:45:29:ea:
8f:b3:7d:ae:2b:d1:8e:79:be:02:c1:bc:f0:48:7f:
a5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:07:E6:B0:3F:BC:FC:DA:E8:B8:10:EF:5A:E3:08:1D:0F:96:78:CC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:4000::/40
Signature Algorithm: sha256WithRSAEncryption
c8:23:a9:b5:46:d4:00:26:f1:bb:6f:d9:ce:dc:f8:97:c3:5c:
77:4d:9f:60:3c:8e:43:ef:07:55:28:44:81:1d:6d:6b:23:6e:
ce:5a:3e:d2:c8:01:6d:fe:e9:85:c7:1f:09:27:83:0d:04:42:
2b:3b:1b:03:4f:6e:fc:37:7d:05:ee:4c:0b:bc:d6:1f:03:e3:
54:a7:7a:46:0f:ec:0a:22:55:93:08:c3:b5:fa:d8:20:bd:40:
52:1d:60:e2:e3:db:58:1c:0e:6b:e2:e5:59:c2:c9:87:4b:d0:
a9:af:8e:e6:ab:c4:44:bb:8f:2b:09:22:65:05:c4:d8:c5:3a:
50:38:47:6b:6a:93:b8:e8:8a:7d:ff:d0:03:da:ed:76:db:5c:
6f:13:33:e6:15:a7:11:02:0e:9c:ff:65:61:a5:e3:5c:03:31:
51:8e:89:05:a6:06:01:c1:ce:51:10:47:8c:0f:9f:69:34:b2:
8a:bd:a3:77:88:59:7b:be:5b:a7:09:4a:4c:79:29:8a:eb:fe:
b2:91:2a:a4:2f:df:b3:04:70:11:88:ce:5c:c2:a2:4c:31:49:
1c:b1:40:5c:f3:df:c8:9b:21:d1:f2:a2:d8:de:30:6a:5c:51:
d0:dc:46:6e:60:00:e9:68:bb:92:f9:5c:f8:47:82:ce:e9:3e:
40:cd:d5:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJeWyazpU5cx0qrxCr4blZSEKuWQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDIwNTNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhMGViZDExZGE3M2JiNGRkZWVmOTczZTZiYzFhNWRhMGRjNDNiMjk3ODY5
Y2M5OWU5NmVhNzdiNTdhM2ZjZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJA/6cNSHRU/hAzvnj6s38D4wjjGNHicoB+YbWC7otZy5hAO8ABFphZoSJsP
f+l8bcXVC4TdHXe1OmQFG4ZhA/A788mW7PgQ5N0ap5JK9bk2Acd8PGoApyW8LkQE
0ic37noFN6bk7SaymZ8oFC42qpK3gFJPcyu0qLgGBSCnp2OWHjJm+nlT2Iy2ussR
tUTW9Dc/d4ars/GQdIkuu/t+m9HSRwqMSloJ6A5VTTh6OwNbQhmytC+rNrYrbNgs
TXbcT+cO+exz6jZHgee/b4UK2UdWrw4+prOqMlaWAib4t8o0odOsDui45BTaCK7G
RSnqj7N9rivRjnm+AsG88Eh/pZECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRFB+aw
P7z82ui4EO9a4wgdD5Z4zDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkyZWQ4Y2EtZWZhNC00MDQxLWFjOGQtYjBhNzhlZjA1MzA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1A
MA0GCSqGSIb3DQEBCwUAA4IBAQDII6m1RtQAJvG7b9nO3PiXw1x3TZ9gPI5D7wdV
KESBHW1rI27OWj7SyAFt/umFxx8JJ4MNBEIrOxsDT278N30F7kwLvNYfA+NUp3pG
D+wKIlWTCMO1+tggvUBSHWDi49tYHA5r4uVZwsmHS9Cpr47mq8REu48rCSJlBcTY
xTpQOEdrapO46Ip9/9AD2u1221xvEzPmFacRAg6c/2VhpeNcAzFRjokFpgYBwc5R
EEeMD59pNLKKvaN3iFl7vlunCUpMeSmK6/6ykSqkL9+zBHARiM5cwqJMMUkcsUBc
89/ImyHR8qLY3jBqXFHQ3EZuYADpaLuS+Vz4R4LO6T5AzdW5
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:31 2025 by rpki-client