Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5836d090-8999-43ab-a38c-f63a0e829c0b.roa
File: 5836d090-8999-43ab-a38c-f63a0e829c0b.roa (raw, json)
Hash identifier: RlZhEI9ebdPeJko8UsfWyJjzi20wrM9P6nU9CvKQyfo=
Subject key identifier: B8:9C:70:5A:0F:AE:4D:F1:1F:DD:F5:1B:DC:93:78:E7:88:9A:A5:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7339B374924DE091BE004DFA73EDED92D450DB64
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5836d090-8999-43ab-a38c-f63a0e829c0b.roa
Signing time: Fri 11 Jul 2025 18:51:14 +0000
ROA not before: Fri 11 Jul 2025 18:51:14 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:39:b3:74:92:4d:e0:91:be:00:4d:fa:73:ed:ed:92:d4:50:db:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:51:14 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a593cc7b71585d46143355bb3531af21271678a1935c4e67e4fc047ad86b5585, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:54:d2:fd:28:be:e3:12:3e:d8:45:fb:b4:8a:
f0:b9:41:44:bd:b2:41:87:e5:91:f0:c2:0f:01:b3:
63:a6:34:fd:d8:46:68:59:9f:a2:0a:4b:08:6c:f2:
52:86:a2:f0:e8:44:3c:0a:f9:22:d2:a6:28:9c:e6:
71:8b:ab:fe:39:cb:3f:cf:75:03:96:df:f5:1a:8e:
11:9c:12:20:ac:5c:52:98:a2:20:8f:6c:89:c2:e1:
36:dd:b1:18:03:47:c0:0f:1c:41:39:5f:98:ab:c1:
a6:1c:91:15:40:66:01:61:17:8b:b5:ec:ce:5f:9e:
24:36:a8:9e:53:f1:44:40:2b:ec:87:58:a6:61:eb:
4b:e1:c8:0d:1e:d1:6e:62:41:ef:b8:65:03:a8:13:
cf:e2:48:05:58:30:58:ae:8d:32:fd:6e:d3:f7:ed:
bb:26:16:bf:f4:d2:c5:39:28:b3:42:c9:d1:3f:5e:
60:23:b1:28:68:ea:d9:23:09:17:0a:eb:da:9c:17:
ae:74:f8:3d:f6:76:9f:9c:61:29:5b:77:e2:66:bb:
36:1d:03:a3:9b:9b:53:ff:58:14:3f:c7:e7:9d:a8:
ed:83:b8:cf:8d:30:22:7e:29:4a:e9:6d:9e:cd:9f:
f4:ec:50:72:e4:e6:27:0b:d9:b7:21:e5:dc:ff:90:
65:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:9C:70:5A:0F:AE:4D:F1:1F:DD:F5:1B:DC:93:78:E7:88:9A:A5:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5836d090-8999-43ab-a38c-f63a0e829c0b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
95:0e:57:81:51:0d:31:9c:67:be:7e:b8:54:7f:11:7a:5c:4b:
a0:37:21:48:1d:88:49:e3:74:75:59:bb:b6:61:67:2a:88:62:
a3:a5:e8:b3:9b:53:20:3d:e1:c7:f1:cb:79:7f:61:89:8c:f4:
58:60:8a:8d:d6:a8:ec:f1:e8:96:64:3a:7e:fe:f7:d3:c3:a3:
74:8a:3c:b1:83:ab:fa:72:ff:99:95:93:a3:84:13:11:d7:ef:
4b:c5:17:6e:6d:41:89:a0:bd:d4:cd:92:e8:72:ab:e3:f6:8e:
8f:ce:52:e9:27:71:40:f7:20:4c:e2:a9:e0:4d:68:66:f1:ac:
8e:8f:53:2d:4f:1d:f5:40:e2:d3:90:cb:8e:4e:6a:a7:a1:20:
8a:a9:d5:17:d3:eb:35:13:96:5c:09:f6:b5:81:a9:46:a0:de:
23:e8:8e:0e:a2:12:f2:27:5d:77:0f:89:d1:86:fa:b5:64:d5:
8f:3b:d7:bf:32:0c:bd:9e:4d:4b:e9:2a:e2:85:20:b6:33:a8:
d0:17:0f:41:b3:64:59:ee:25:59:73:33:43:91:2b:29:44:6d:
df:31:b2:7c:02:b4:b8:d4:cf:62:25:b3:7e:b1:23:30:a3:9c:
1f:3b:69:4d:bf:3c:7b:69:25:25:17:fe:26:eb:66:6a:79:24:
88:ce:0c:ba
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUczmzdJJN4JG+AE36c+3tktRQ22QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODUxMTRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1OTNjYzdiNzE1ODVkNDYxNDMzNTViYjM1MzFhZjIxMjcxNjc4YTE5MzVj
NGU2N2U0ZmMwNDdhZDg2YjU1ODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBU0v0ovuMSPthF+7SK8LlBRL2yQYflkfDCDwGzY6Y0/dhGaFmfogpLCGzy
Uoai8OhEPAr5ItKmKJzmcYur/jnLP891A5bf9RqOEZwSIKxcUpiiII9sicLhNt2x
GANHwA8cQTlfmKvBphyRFUBmAWEXi7Xszl+eJDaonlPxREAr7IdYpmHrS+HIDR7R
bmJB77hlA6gTz+JIBVgwWK6NMv1u0/ftuyYWv/TSxTkos0LJ0T9eYCOxKGjq2SMJ
Fwrr2pwXrnT4PfZ2n5xhKVt34ma7Nh0Do5ubU/9YFD/H552o7YO4z40wIn4pSult
ns2f9OxQcuTmJwvZtyHl3P+QZTECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS4nHBa
D65N8R/d9Rvck3jniJqlnjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTgzNmQwOTAtODk5OS00M2FiLWEzOGMtZjYzYTBlODI5YzBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCVDleBUQ0xnGe+frhUfxF6XEugNyFIHYhJ43R1
Wbu2YWcqiGKjpeizm1MgPeHH8ct5f2GJjPRYYIqN1qjs8eiWZDp+/vfTw6N0ijyx
g6v6cv+ZlZOjhBMR1+9LxRdubUGJoL3UzZLocqvj9o6PzlLpJ3FA9yBM4qngTWhm
8ayOj1MtTx31QOLTkMuOTmqnoSCKqdUX0+s1E5ZcCfa1galGoN4j6I4OohLyJ113
D4nRhvq1ZNWPO9e/Mgy9nk1L6SrihSC2M6jQFw9Bs2RZ7iVZczNDkSspRG3fMbJ8
ArS41M9iJbN+sSMwo5wfO2lNvzx7aSUlF/4m62ZqeSSIzgy6
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:47 2025 by rpki-client