Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
File: 4c78114f-4347-44fe-aef1-32fc688c69b9.roa (raw, json)
Hash identifier: xHql9Wwb3Iee5YnedlxrgVhfq94qjQmBGY1VA9fZp0s=
Subject key identifier: DA:C5:25:97:E3:DF:4E:72:B5:BD:E7:01:37:6A:59:CE:1A:72:2C:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1590E030CE0005917AA3F509D4996785DFE4551D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
Signing time: Fri 11 Jul 2025 19:10:13 +0000
ROA not before: Fri 11 Jul 2025 19:10:13 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:90:e0:30:ce:00:05:91:7a:a3:f5:09:d4:99:67:85:df:e4:55:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:10:13 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=5be41c80892a8bc91703cfae3b13803191ed66f66efc589ebac2bfd6f004598b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:75:92:1a:92:70:fc:7f:69:71:36:0e:45:8f:
d1:ec:d7:fa:4f:ea:29:88:b1:9e:33:2b:fd:f2:71:
6e:01:26:82:76:d5:c6:b3:ac:c9:72:f7:a0:42:93:
34:d7:e6:75:33:c9:55:8f:dc:6b:89:6a:a8:7b:d5:
5d:75:f8:87:dd:79:5e:52:8c:16:59:87:98:2a:07:
19:3a:86:eb:8b:d5:10:1f:0b:6e:53:5f:27:f2:42:
36:4a:83:4e:d0:d2:f0:28:9b:71:51:29:f6:75:45:
0a:3a:eb:06:bf:a1:54:bf:3b:c5:6c:94:c4:24:be:
85:b3:32:d7:d3:2c:e4:95:0e:e1:96:f1:91:01:8f:
7f:45:a1:76:b8:30:5d:50:84:30:a5:4e:bd:df:b9:
6e:fc:2f:43:06:92:50:b2:c0:59:98:50:85:98:25:
64:e7:88:05:80:b8:c5:d9:26:c8:ab:26:f2:01:0b:
56:ea:fe:fb:10:79:c2:24:e2:6a:70:a6:41:1b:d6:
54:c2:a8:55:22:24:ed:55:91:ff:dc:f7:75:35:25:
e7:cc:db:a7:df:ef:ab:58:e2:0c:67:90:b8:1e:9f:
7e:b9:52:f4:1b:0c:e8:4c:27:1d:cc:eb:0a:5f:f3:
3f:a1:ce:69:ac:5d:a8:14:b0:a4:c7:97:1e:92:51:
60:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C5:25:97:E3:DF:4E:72:B5:BD:E7:01:37:6A:59:CE:1A:72:2C:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c78114f-4347-44fe-aef1-32fc688c69b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8020::/48
Signature Algorithm: sha256WithRSAEncryption
c1:9b:58:17:c0:8f:a3:76:d7:d4:0f:1a:ae:a7:83:28:f0:65:
cd:77:39:46:5a:51:ea:6a:e0:d9:f9:75:b7:b9:19:9a:3f:c6:
28:01:93:14:0a:48:3e:e6:cb:c1:46:9e:ba:f4:6c:58:6e:a5:
77:7b:7b:c5:47:68:67:01:8f:74:fa:51:15:d1:72:42:a1:7e:
41:17:3d:37:42:dc:14:d2:60:53:ab:fa:1c:50:d7:00:71:df:
c0:c4:fb:89:71:44:4b:9d:b0:1f:a7:4b:f2:f3:5b:40:23:a1:
5c:a1:bd:e3:42:ae:66:cd:2e:ff:69:df:cc:50:87:d9:0e:80:
05:c7:b0:bb:10:20:fa:a3:97:aa:79:93:b3:c6:fa:80:63:fa:
00:a1:2f:d8:ea:ae:b3:59:d3:51:dd:3a:2c:32:91:4e:f1:8c:
56:f2:a7:2f:98:da:1a:56:a6:42:1d:6b:00:8e:48:dd:23:47:
e5:30:84:01:a6:ef:7a:e4:6f:ff:e5:48:35:c1:fb:70:f4:0e:
77:da:36:ac:1f:a7:dc:f9:ab:07:b1:62:ae:08:dc:2b:01:09:
98:a9:b0:8e:f6:37:fa:2f:b8:d4:b5:4a:5e:20:18:42:a1:23:
6c:ab:6e:f7:e3:0c:cc:e0:f7:df:e0:52:7b:f5:bb:6c:2d:57:
0c:33:a5:0a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFZDgMM4ABZF6o/UJ1Jlnhd/kVR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTEwMTNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDViZTQxYzgwODkyYThiYzkxNzAzY2ZhZTNiMTM4MDMxOTFlZDY2ZjY2ZWZj
NTg5ZWJhYzJiZmQ2ZjAwNDU5OGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOF1khqScPx/aXE2DkWP0ezX+k/qKYixnjMr/fJxbgEmgnbVxrOsyXL3oEKT
NNfmdTPJVY/ca4lqqHvVXXX4h915XlKMFlmHmCoHGTqG64vVEB8LblNfJ/JCNkqD
TtDS8CibcVEp9nVFCjrrBr+hVL87xWyUxCS+hbMy19Ms5JUO4ZbxkQGPf0Whdrgw
XVCEMKVOvd+5bvwvQwaSULLAWZhQhZglZOeIBYC4xdkmyKsm8gELVur++xB5wiTi
anCmQRvWVMKoVSIk7VWR/9z3dTUl58zbp9/vq1jiDGeQuB6ffrlS9BsM6EwnHczr
Cl/zP6HOaaxdqBSwpMeXHpJRYNsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTaxSWX
499OcrW95wE3alnOGnIsyzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM3ODExNGYtNDM0Ny00NGZlLWFlZjEtMzJmYzY4OGM2OWI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
IDANBgkqhkiG9w0BAQsFAAOCAQEAwZtYF8CPo3bX1A8arqeDKPBlzXc5RlpR6mrg
2fl1t7kZmj/GKAGTFApIPubLwUaeuvRsWG6ld3t7xUdoZwGPdPpRFdFyQqF+QRc9
N0LcFNJgU6v6HFDXAHHfwMT7iXFES52wH6dL8vNbQCOhXKG940KuZs0u/2nfzFCH
2Q6ABcewuxAg+qOXqnmTs8b6gGP6AKEv2Oqus1nTUd06LDKRTvGMVvKnL5jaGlam
Qh1rAI5I3SNH5TCEAabveuRv/+VINcH7cPQOd9o2rB+n3PmrB7FirgjcKwEJmKmw
jvY3+i+41LVKXiAYQqEjbKtu9+MMzOD33+BSe/W7bC1XDDOlCg==
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:18 2025 by rpki-client