Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
File: 58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa (raw, json)
Hash identifier: HfeFM8rbDHXqmuwqbOFcHFCxi/eU9wfx1ep7m1lRSIs=
Subject key identifier: ED:F8:C0:18:D6:3C:9B:AC:5D:F3:30:56:14:4A:D7:93:AF:AF:CF:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 05DFD889505559741F0AE349AF9F2E08C8CC49D1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
Signing time: Fri 11 Jul 2025 19:31:15 +0000
ROA not before: Fri 11 Jul 2025 19:31:15 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:df:d8:89:50:55:59:74:1f:0a:e3:49:af:9f:2e:08:c8:cc:49:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:31:15 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=394a8687acd0484428743b22e6bef7675a0fc50537f1a84fae4f8282060b6473, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7c:0f:e4:a3:28:eb:0c:00:73:39:0c:e5:6d:
b7:16:b8:93:5e:c7:2a:50:d1:f5:fb:90:97:38:2a:
ea:3f:29:32:e0:f0:9c:ce:7f:15:5c:8a:4e:2e:00:
58:8e:38:66:1b:1a:fd:9f:a4:ee:d6:56:ad:15:71:
7c:90:6e:9e:c0:6a:b5:18:f1:ea:e2:48:2d:f1:6b:
eb:50:73:bc:0a:cf:29:b4:fc:f2:c6:0d:d4:a5:5b:
cc:06:1c:58:42:d9:21:94:11:8e:48:94:a6:c1:69:
07:d0:e1:e9:ed:31:a2:a4:0d:6b:c2:a4:8a:79:42:
3f:fc:6e:99:f1:05:4d:c0:0b:dc:cb:04:60:ba:60:
88:93:77:44:e3:01:d6:fe:59:23:92:6e:a9:d6:f7:
f4:d6:9c:71:29:2e:34:55:87:b5:92:33:ef:13:56:
6e:b4:d4:56:d5:a4:b9:f1:c2:06:95:cd:28:bc:1f:
a0:2b:fc:b2:86:9c:86:38:26:46:74:bf:0e:cd:f9:
d2:20:cd:a3:3c:ee:9b:76:d4:3d:23:91:0e:e4:9d:
1b:a6:8e:24:96:da:0f:f7:3c:89:9c:b6:1f:6a:01:
ff:f9:de:d6:c9:cb:26:aa:da:e3:b0:b1:28:75:7c:
94:81:43:32:80:d0:d6:d0:52:fa:93:ea:a0:92:d2:
64:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:F8:C0:18:D6:3C:9B:AC:5D:F3:30:56:14:4A:D7:93:AF:AF:CF:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2040::/48
Signature Algorithm: sha256WithRSAEncryption
5e:24:de:97:6c:32:8c:54:d4:8f:d5:34:70:4b:a5:e3:84:b6:
d5:27:8c:7a:a8:fe:b2:65:0c:c2:88:ff:8e:ce:e9:ea:7b:91:
c9:e1:90:c4:d0:64:a5:2f:2b:7f:72:66:62:60:ca:78:6d:30:
74:e7:19:53:a0:b8:d5:e5:1c:66:31:0b:5a:24:67:28:ce:2f:
fe:79:f5:41:a9:48:f0:30:11:ce:5a:e1:36:fe:c5:8c:d9:b6:
87:14:cf:c6:f8:73:54:9c:86:ff:f5:a9:b7:86:06:3d:0a:c7:
e5:ea:d1:1a:41:4e:d5:6d:3f:58:51:5e:3d:5c:d1:fb:ab:25:
ef:95:1d:31:d8:2d:a5:d2:f2:56:aa:66:bb:95:45:27:1b:b1:
19:81:98:f0:92:48:e9:a6:a6:05:69:e0:31:bc:2d:7d:b2:6a:
54:66:f2:68:c9:67:c7:17:8a:9d:70:e8:53:ef:4d:44:2c:0a:
73:f8:2c:b0:2c:00:c9:79:df:45:8a:1d:c5:a7:1b:86:ad:a2:
b1:76:26:e4:07:c3:29:07:26:cc:4d:26:94:d9:28:33:25:9d:
13:64:6d:33:54:1c:17:8b:16:14:68:0d:40:28:62:6b:21:c9:
7c:a6:bc:07:76:22:63:ee:9a:8b:79:86:83:a2:9d:46:18:04:
28:d0:97:e3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBd/YiVBVWXQfCuNJr58uCMjMSdEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMxMTVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5NGE4Njg3YWNkMDQ4NDQyODc0M2IyMmU2YmVmNzY3NWEwZmM1MDUzN2Yx
YTg0ZmFlNGY4MjgyMDYwYjY0NzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANl8D+SjKOsMAHM5DOVttxa4k17HKlDR9fuQlzgq6j8pMuDwnM5/FVyKTi4A
WI44Zhsa/Z+k7tZWrRVxfJBunsBqtRjx6uJILfFr61BzvArPKbT88sYN1KVbzAYc
WELZIZQRjkiUpsFpB9Dh6e0xoqQNa8KkinlCP/xumfEFTcAL3MsEYLpgiJN3ROMB
1v5ZI5Juqdb39NaccSkuNFWHtZIz7xNWbrTUVtWkufHCBpXNKLwfoCv8soachjgm
RnS/Ds350iDNozzum3bUPSORDuSdG6aOJJbaD/c8iZy2H2oB//ne1snLJqra47Cx
KHV8lIFDMoDQ1tBS+pPqoJLSZN0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTt+MAY
1jybrF3zMFYUSteTr6/PdTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTg1NTdhODktYjQzMS00OWMzLWJjMGUtZDQ5ZTJkNGM3OWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
QDANBgkqhkiG9w0BAQsFAAOCAQEAXiTel2wyjFTUj9U0cEul44S21SeMeqj+smUM
woj/js7p6nuRyeGQxNBkpS8rf3JmYmDKeG0wdOcZU6C41eUcZjELWiRnKM4v/nn1
QalI8DARzlrhNv7FjNm2hxTPxvhzVJyG//Wpt4YGPQrH5erRGkFO1W0/WFFePVzR
+6sl75UdMdgtpdLyVqpmu5VFJxuxGYGY8JJI6aamBWngMbwtfbJqVGbyaMlnxxeK
nXDoU+9NRCwKc/gssCwAyXnfRYodxacbhq2isXYm5AfDKQcmzE0mlNkoMyWdE2Rt
M1QcF4sWFGgNQChiayHJfKa8B3YiY+6ai3mGg6KdRhgEKNCX4w==
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:33:04 2025 by rpki-client