Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
File: 4967c03f-f17b-42f4-bfca-8694bb963ab0.roa (raw, json)
Hash identifier: RI3xWLjd/nMlcmajOnbn5ADot0rVtSf3ztBGr/xKUyA=
Subject key identifier: 1E:3E:05:72:02:19:A6:4B:99:8E:7E:C2:E6:39:D5:B3:30:87:DF:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D850E07ABE5282D7CE1728194DDBCBA812AB14E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
Signing time: Fri 11 Jul 2025 18:51:20 +0000
ROA not before: Fri 11 Jul 2025 18:51:20 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:85:0e:07:ab:e5:28:2d:7c:e1:72:81:94:dd:bc:ba:81:2a:b1:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:51:20 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=ce8e9e5c47b6df81b0a66435d37a543a84bd507136fd09b0839d60f3a8d5184e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b5:05:18:5f:03:15:3e:12:e6:c0:d5:b3:d5:
3e:6e:7a:96:29:29:ec:7b:09:6e:0d:a2:f2:43:35:
e6:8a:ab:51:f7:3c:88:b2:cc:53:d0:da:dd:d6:2c:
82:ec:e5:d9:f7:67:57:46:32:da:35:fe:47:da:3f:
d4:ae:4c:67:2b:a4:be:48:b1:68:30:b4:95:8a:22:
5d:98:e9:fe:e7:96:2f:d1:6d:1d:bc:a0:78:26:40:
52:ad:bb:38:d3:56:0c:69:32:15:de:d5:37:60:d9:
a5:6b:9d:62:58:52:91:c8:17:d7:de:13:51:f3:2e:
de:5d:4b:70:91:d1:8d:d6:7a:c6:27:9c:a7:ea:af:
5f:d1:88:59:cb:f1:d3:ee:cc:6d:91:dd:6c:ac:e8:
5a:7b:45:51:f1:47:0b:4d:f0:bf:fd:b7:0f:ea:da:
29:17:3b:5f:9f:c2:87:55:03:e7:92:6c:74:99:88:
99:82:de:fa:24:5f:4f:e5:fa:20:e0:c2:f5:64:dd:
1f:02:46:ce:04:c5:88:c3:9a:a9:ec:9b:5f:8f:12:
00:00:05:54:f1:2a:52:d1:ee:44:43:ae:6a:f3:85:
f1:4d:f3:22:39:34:f4:63:55:c6:f4:69:ac:94:12:
28:e7:71:f5:c7:29:e1:74:f0:e2:a6:ea:75:67:28:
ab:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:3E:05:72:02:19:A6:4B:99:8E:7E:C2:E6:39:D5:B3:30:87:DF:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9040::/48
Signature Algorithm: sha256WithRSAEncryption
aa:a5:11:5b:19:13:a5:91:bc:5b:47:a8:fd:ea:2c:5a:16:56:
25:db:9b:2c:13:bd:02:03:91:52:32:16:d9:11:7f:c1:dc:b2:
ea:d6:e3:a2:e6:fd:3b:c3:68:31:04:e5:ea:0f:49:2e:72:4b:
52:b2:71:a9:5c:43:8b:4e:2d:08:bf:d8:e4:21:8c:c2:18:32:
e4:ee:a1:f2:a4:de:6a:52:48:ec:bd:20:35:de:e7:c6:f4:df:
ae:d5:a0:8d:1d:4f:30:31:b5:2e:4a:8d:02:d8:41:88:09:a1:
9a:7f:9f:8c:97:06:3d:d7:cd:bc:bf:fd:7b:8e:0d:95:1f:06:
69:6b:d5:0e:2a:ba:1b:b0:95:b9:11:d7:f5:1a:71:5d:6a:2e:
87:76:20:05:2c:14:1f:74:f3:35:b6:09:74:f3:da:75:67:c8:
52:70:d1:fe:2f:4b:f8:dc:b1:0c:90:a5:a2:72:2e:f8:0c:c8:
58:94:8f:57:05:7e:86:31:45:cd:2c:ea:b5:af:47:3d:50:cb:
90:91:56:b4:6a:e5:37:05:27:35:1b:5d:0d:6a:a7:69:45:e7:
7f:d4:68:af:f4:87:39:f8:cf:f6:22:cf:6b:de:61:85:3d:c8:
01:37:68:59:64:d1:79:c5:f0:59:40:73:c3:49:a8:9c:6d:4e:
32:bb:02:d7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHYUOB6vlKC184XKBlN28uoEqsU4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODUxMjBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlOGU5ZTVjNDdiNmRmODFiMGE2NjQzNWQzN2E1NDNhODRiZDUwNzEzNmZk
MDliMDgzOWQ2MGYzYThkNTE4NGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALq1BRhfAxU+EubA1bPVPm56likp7HsJbg2i8kM15oqrUfc8iLLMU9Da3dYs
guzl2fdnV0Yy2jX+R9o/1K5MZyukvkixaDC0lYoiXZjp/ueWL9FtHbygeCZAUq27
ONNWDGkyFd7VN2DZpWudYlhSkcgX194TUfMu3l1LcJHRjdZ6xiecp+qvX9GIWcvx
0+7MbZHdbKzoWntFUfFHC03wv/23D+raKRc7X5/Ch1UD55JsdJmImYLe+iRfT+X6
IODC9WTdHwJGzgTFiMOaqeybX48SAAAFVPEqUtHuREOuavOF8U3zIjk09GNVxvRp
rJQSKOdx9ccp4XTw4qbqdWcoq6UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQePgVy
AhmmS5mOfsLmOdWzMIffDDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDk2N2MwM2YtZjE3Yi00MmY0LWJmY2EtODY5NGJiOTYzYWIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAqqURWxkTpZG8W0eo/eosWhZWJdubLBO9AgOR
UjIW2RF/wdyy6tbjoub9O8NoMQTl6g9JLnJLUrJxqVxDi04tCL/Y5CGMwhgy5O6h
8qTealJI7L0gNd7nxvTfrtWgjR1PMDG1LkqNAthBiAmhmn+fjJcGPdfNvL/9e44N
lR8GaWvVDiq6G7CVuRHX9RpxXWouh3YgBSwUH3TzNbYJdPPadWfIUnDR/i9L+Nyx
DJClonIu+AzIWJSPVwV+hjFFzSzqta9HPVDLkJFWtGrlNwUnNRtdDWqnaUXnf9Ro
r/SHOfjP9iLPa95hhT3IATdoWWTRecXwWUBzw0monG1OMrsC1w==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:36:48 2025 by rpki-client