Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
File: 4aa6172c-f263-4645-8d7a-40a15aee233f.roa (raw, json)
Hash identifier: FCRYRNjLuGP5v3kIjBvOLXFdXQaqpc7an+lag6ML6iE=
Subject key identifier: 89:B9:75:1B:E5:7B:C9:CE:24:64:CB:E2:A2:75:D6:CB:1E:64:8D:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 56EEF929CC85FD6392C4A711C74E50BEB380C3BB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
Signing time: Fri 11 Jul 2025 20:10:10 +0000
ROA not before: Fri 11 Jul 2025 20:10:10 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:ee:f9:29:cc:85:fd:63:92:c4:a7:11:c7:4e:50:be:b3:80:c3:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:10:10 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=d3e46c56dd3867a9ace6be9117353a36993ee3b5c9e7ce58f91e8b4514958442, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ee:71:93:f7:6f:40:72:31:f6:2e:c4:1c:6b:
16:d9:51:39:8e:8f:9d:cb:f0:20:a1:a8:ba:59:2d:
7f:5c:2c:75:de:f5:1a:3b:6e:d4:e1:59:6a:59:3e:
68:d9:f0:bc:7f:57:c4:84:c7:2b:09:f5:cf:ec:46:
8e:29:c4:bc:da:31:7f:6d:bc:cd:3b:93:88:39:c9:
38:52:3e:cb:b3:e5:b6:05:34:89:dd:74:ec:63:1c:
cc:64:88:fc:41:ed:d0:82:22:39:2e:24:26:03:e5:
dc:cf:9a:94:59:ad:b7:18:b9:0d:eb:59:33:a4:7a:
05:d3:fe:d9:b5:06:e0:2b:76:18:fc:4c:ed:58:b5:
ac:66:cf:73:d5:a3:84:ab:68:3b:00:cb:bc:b5:7b:
39:65:e1:80:bf:ba:8d:bf:d3:31:f9:ee:ee:e1:ce:
35:9b:59:a1:c9:9b:65:41:43:b4:f8:24:09:25:6d:
01:49:d4:17:e4:6e:c8:e6:0a:e3:d1:65:bf:46:e2:
9e:c7:24:10:9e:13:dd:dd:8b:05:03:ad:7c:38:b5:
61:22:d1:06:56:c5:7a:1e:99:95:91:77:04:f4:57:
59:f8:6b:ed:74:92:41:d5:49:ea:bf:46:85:3d:d8:
8f:f4:ea:32:76:6c:86:50:55:a4:ab:c3:c1:e6:87:
6c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B9:75:1B:E5:7B:C9:CE:24:64:CB:E2:A2:75:D6:CB:1E:64:8D:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:8000::/40
Signature Algorithm: sha256WithRSAEncryption
08:55:bb:98:f9:23:97:cb:6d:33:35:b8:ea:c0:49:25:67:d0:
dc:7f:94:cd:63:bb:0a:73:04:42:7c:d6:c7:3b:42:17:8e:be:
8b:10:45:11:e9:88:10:4c:b5:7b:78:42:a4:f1:71:23:7c:05:
60:73:0e:71:c1:95:c7:81:e7:fb:f1:a1:d0:f5:17:37:e3:c6:
ee:3b:bd:6b:03:94:3e:bc:3c:1b:3e:d9:f4:bc:08:6b:9b:fb:
45:a7:3d:26:97:69:1f:79:6b:a7:36:94:d8:3b:9c:6f:28:8e:
84:77:ac:ff:c5:dd:8c:41:09:f0:8b:8b:30:70:e7:d6:c2:1c:
69:13:3f:17:56:14:4e:b2:1e:e3:b8:d7:7d:32:51:c8:43:ba:
f5:c5:ce:91:5e:61:7d:96:6f:17:92:b2:2a:9e:69:8b:71:bc:
e8:bd:da:80:bd:88:c9:86:28:40:be:e0:aa:18:29:e2:ec:bd:
f3:b3:f8:77:8f:aa:a7:fa:8e:ce:80:c8:cf:38:1d:77:3c:ac:
be:fd:5c:82:8b:fe:6c:1d:d1:d4:0d:3b:60:af:fc:c7:4c:42:
bd:d7:86:3a:9f:6f:34:fa:a4:ff:ee:37:f4:b2:5e:64:39:f2:
59:83:fe:c6:8b:1a:a2:de:16:6f:58:1c:c5:5d:b0:8c:e9:68:
d3:2f:89:83
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVu75KcyF/WOSxKcRx05QvrOAw7swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDEwMTBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzZTQ2YzU2ZGQzODY3YTlhY2U2YmU5MTE3MzUzYTM2OTkzZWUzYjVjOWU3
Y2U1OGY5MWU4YjQ1MTQ5NTg0NDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjucZP3b0ByMfYuxBxrFtlROY6PncvwIKGoulktf1wsdd71Gjtu1OFZalk+
aNnwvH9XxITHKwn1z+xGjinEvNoxf228zTuTiDnJOFI+y7PltgU0id107GMczGSI
/EHt0IIiOS4kJgPl3M+alFmttxi5DetZM6R6BdP+2bUG4Ct2GPxM7Vi1rGbPc9Wj
hKtoOwDLvLV7OWXhgL+6jb/TMfnu7uHONZtZocmbZUFDtPgkCSVtAUnUF+RuyOYK
49Flv0binsckEJ4T3d2LBQOtfDi1YSLRBlbFeh6ZlZF3BPRXWfhr7XSSQdVJ6r9G
hT3Yj/TqMnZshlBVpKvDweaHbHsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSJuXUb
5XvJziRky+KiddbLHmSNJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhNjE3MmMtZjI2My00NjQ1LThkN2EtNDBhMTVhZWUyMzNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGA
MA0GCSqGSIb3DQEBCwUAA4IBAQAIVbuY+SOXy20zNbjqwEklZ9Dcf5TNY7sKcwRC
fNbHO0IXjr6LEEUR6YgQTLV7eEKk8XEjfAVgcw5xwZXHgef78aHQ9Rc348buO71r
A5Q+vDwbPtn0vAhrm/tFpz0ml2kfeWunNpTYO5xvKI6Ed6z/xd2MQQnwi4swcOfW
whxpEz8XVhROsh7juNd9MlHIQ7r1xc6RXmF9lm8XkrIqnmmLcbzovdqAvYjJhihA
vuCqGCni7L3zs/h3j6qn+o7OgMjPOB13PKy+/VyCi/5sHdHUDTtgr/zHTEK914Y6
n280+qT/7jf0sl5kOfJZg/7Gixqi3hZvWBzFXbCM6WjTL4mD
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:19 2025 by rpki-client