Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/581266ac-af97-4864-a566-36693b593269.roa
File: 581266ac-af97-4864-a566-36693b593269.roa (raw, json)
Hash identifier: qPmeiCaCg1Lowk8ik9BPWMEKUqED3FbqkiPaNawDBwQ=
Subject key identifier: 7E:0A:74:26:DF:DF:A2:08:E8:AD:ED:26:AB:19:48:2C:45:A7:71:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 210BD57A68CDF8A1B3581537C142713ADBBCD569
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/581266ac-af97-4864-a566-36693b593269.roa
Signing time: Fri 11 Jul 2025 19:31:27 +0000
ROA not before: Fri 11 Jul 2025 19:31:27 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:0b:d5:7a:68:cd:f8:a1:b3:58:15:37:c1:42:71:3a:db:bc:d5:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:31:27 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=1b73a4d34b0f17a965ef49872b6bd94cd6876de80fa214f5fb083c687564f2bb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0a:85:9e:2f:12:cc:b3:95:4f:4b:07:2e:56:
d6:fe:1c:41:7d:58:f8:62:cf:43:30:5a:41:cd:4f:
b1:96:fa:2f:8e:da:11:2e:f9:44:71:eb:ab:a3:8a:
f0:89:7e:e0:73:ee:02:1c:d8:00:3d:94:5f:9b:6b:
9d:4b:9a:94:b2:45:05:2e:e3:d9:af:bc:48:11:5a:
3d:b8:54:53:30:bb:39:eb:3d:82:58:62:86:69:3a:
cf:f5:6a:1d:a5:06:fc:47:29:b8:df:20:71:b2:ba:
31:f3:3e:f4:3b:e4:2e:e0:58:fa:e2:d0:9e:e4:e3:
3c:13:1d:1d:f5:c9:e5:3d:6c:b9:dd:5a:9d:f9:e6:
8a:18:01:c2:5a:4c:ff:2e:49:68:37:90:bb:46:e9:
33:cc:0c:0b:51:a6:0d:a6:19:44:5e:6f:71:30:b3:
4b:f2:2f:39:14:e9:04:0f:1d:67:1f:a0:73:20:3f:
8a:94:24:1f:0a:5e:e7:83:27:bf:cf:b3:3f:a5:42:
e8:e0:85:0f:14:5b:a8:9f:ce:7b:f8:1f:f6:81:04:
e0:dd:5b:ee:6e:d2:fe:66:b2:0b:e0:35:38:f4:ec:
7e:ee:53:45:56:86:1e:61:0d:47:ac:ca:df:44:1a:
aa:69:1a:69:1e:cb:2e:05:56:07:83:5b:4f:3c:ec:
4e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:0A:74:26:DF:DF:A2:08:E8:AD:ED:26:AB:19:48:2C:45:A7:71:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/581266ac-af97-4864-a566-36693b593269.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8000::/40
Signature Algorithm: sha256WithRSAEncryption
b9:7d:89:e8:80:ff:4c:96:64:c2:7a:28:6b:a3:32:c5:df:27:
30:37:a7:8c:e9:95:70:6b:33:48:1a:25:be:3a:31:d1:fe:01:
3a:60:2e:dc:f3:0b:9c:72:bc:43:72:4b:ba:22:62:55:fa:33:
75:91:0b:98:f1:0d:ab:53:c8:88:62:f3:c3:d1:cf:88:56:0d:
6f:0e:f9:78:d7:2e:ba:ab:bd:d8:0c:16:83:3c:e3:81:d0:ee:
76:61:0a:1d:3d:00:fb:4b:2e:97:4b:ee:59:2d:be:32:a8:dd:
c0:db:43:94:41:c8:0f:50:29:c8:77:6f:1e:0f:67:35:87:5a:
ac:4f:dd:13:1c:19:8c:d8:f2:99:38:d9:ac:91:4f:76:fb:6d:
49:68:4c:7b:17:0b:d0:b9:cf:8d:95:bd:78:8e:ed:79:3a:b6:
86:97:81:0e:f4:e6:15:76:3a:aa:36:5d:1c:7d:c8:1d:0d:38:
a3:22:e7:c4:32:ae:30:23:c3:ed:05:60:51:3b:6d:29:c7:1f:
64:a0:71:f7:74:4d:2f:69:6a:db:b5:7f:d2:d5:98:e4:07:28:
06:72:e4:d6:0c:fc:55:bc:85:ac:b9:d0:a5:a2:42:57:a5:c0:
3b:6a:3b:ea:e1:d6:c4:0c:96:2e:de:be:44:1b:b1:1c:b1:59:
00:6c:e4:ad
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIQvVemjN+KGzWBU3wUJxOtu81WkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMxMjdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiNzNhNGQzNGIwZjE3YTk2NWVmNDk4NzJiNmJkOTRjZDY4NzZkZTgwZmEy
MTRmNWZiMDgzYzY4NzU2NGYyYmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUKhZ4vEsyzlU9LBy5W1v4cQX1Y+GLPQzBaQc1PsZb6L47aES75RHHrq6OK
8Il+4HPuAhzYAD2UX5trnUualLJFBS7j2a+8SBFaPbhUUzC7Oes9glhihmk6z/Vq
HaUG/EcpuN8gcbK6MfM+9DvkLuBY+uLQnuTjPBMdHfXJ5T1sud1anfnmihgBwlpM
/y5JaDeQu0bpM8wMC1GmDaYZRF5vcTCzS/IvORTpBA8dZx+gcyA/ipQkHwpe54Mn
v8+zP6VC6OCFDxRbqJ/Oe/gf9oEE4N1b7m7S/mayC+A1OPTsfu5TRVaGHmENR6zK
30QaqmkaaR7LLgVWB4NbTzzsTgUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR+CnQm
39+iCOit7SarGUgsRadxnDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTgxMjY2YWMtYWY5Ny00ODY0LWE1NjYtMzY2OTNiNTkzMjY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+A
MA0GCSqGSIb3DQEBCwUAA4IBAQC5fYnogP9MlmTCeihrozLF3ycwN6eM6ZVwazNI
GiW+OjHR/gE6YC7c8wuccrxDcku6ImJV+jN1kQuY8Q2rU8iIYvPD0c+IVg1vDvl4
1y66q73YDBaDPOOB0O52YQodPQD7Sy6XS+5ZLb4yqN3A20OUQcgPUCnId28eD2c1
h1qsT90THBmM2PKZONmskU92+21JaEx7FwvQuc+Nlb14ju15OraGl4EO9OYVdjqq
Nl0cfcgdDTijIufEMq4wI8PtBWBRO20pxx9koHH3dE0vaWrbtX/S1ZjkBygGcuTW
DPxVvIWsudClokJXpcA7ajvq4dbEDJYu3r5EG7EcsVkAbOSt
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:06 2025 by rpki-client