Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
File: 5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa (raw, json)
Hash identifier: sHsjR2EauL+fFulxv4CgVxzteKajsclZ64t0h34ZfsU=
Subject key identifier: F4:6B:C4:E7:93:A9:57:02:14:23:06:74:6D:1E:C1:66:CB:A8:CB:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D5227ACF30DFF37A81FD3757AB20ADBBF15567F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
Signing time: Tue 01 Jul 2025 15:10:10 +0000
ROA not before: Tue 01 Jul 2025 15:10:10 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:52:27:ac:f3:0d:ff:37:a8:1f:d3:75:7a:b2:0a:db:bf:15:56:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:10:10 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=cf4321c0066a00356949fa6d65d76a0f5e0f409a69f416d47e6e341eb088a474, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7e:51:6c:52:5e:f8:26:ad:46:08:76:73:ae:
31:06:4a:a8:54:f4:88:10:59:ca:90:ab:1d:c4:67:
b9:ab:e9:b4:60:3d:0e:f0:35:7d:25:34:b4:b4:db:
f4:4c:14:86:bc:09:dc:f7:44:54:a3:99:ff:7d:0f:
09:7a:14:12:f2:b3:a8:b0:b5:4b:a1:fc:2f:70:c0:
2c:65:c2:9b:ca:76:a5:19:47:c8:94:19:71:f5:bd:
0b:fc:90:19:d8:d3:1f:ef:28:8c:71:40:56:ed:f0:
58:04:0a:f6:8a:23:b2:09:65:41:03:f3:75:e0:d8:
ec:ff:15:d1:85:01:6e:57:34:d7:76:5e:01:e1:89:
a2:5d:80:13:6e:53:c6:b8:eb:49:6c:22:10:df:e2:
7c:9d:60:43:1b:8f:39:d0:ae:5f:43:89:22:d1:7c:
0d:32:b7:9b:5d:0d:c5:8d:85:58:d2:6b:e1:5f:00:
b0:b9:a3:da:5b:79:af:d7:12:ed:09:b3:7f:ab:3f:
fb:ee:7a:8e:0d:c0:3e:ed:29:75:b8:a1:01:50:01:
f6:aa:e3:e7:20:81:02:6b:05:29:62:1c:06:1d:b1:
9d:34:67:d3:70:d2:25:52:c4:04:11:0d:b6:3f:7e:
0e:e3:bb:4d:03:e4:29:a1:7f:7a:36:ba:1f:1a:37:
e1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:6B:C4:E7:93:A9:57:02:14:23:06:74:6D:1E:C1:66:CB:A8:CB:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:8000::/40
Signature Algorithm: sha256WithRSAEncryption
6d:10:ef:c0:a3:e5:ee:cc:cb:3c:06:81:f5:2b:28:fe:17:24:
1a:7e:94:98:20:27:75:1f:99:c9:b7:8f:1e:50:53:f2:35:00:
1d:8d:0e:6f:4d:69:e3:c0:76:73:08:30:ed:70:38:fa:bd:ad:
7b:fd:69:59:f4:99:06:da:6a:6f:85:cf:3b:f0:75:31:93:72:
6b:01:b2:85:7c:c9:1f:63:68:0c:a9:e4:4f:5a:db:78:8d:c4:
2e:1a:56:05:ef:59:1f:3c:af:63:6b:97:91:e6:ff:e5:02:ef:
38:2a:79:78:ec:ec:6a:a5:4d:65:87:2a:53:b8:39:8a:92:af:
36:89:90:5c:24:6a:bb:56:d4:94:5c:db:bf:fe:3f:a1:f5:13:
83:f5:63:fb:8e:5e:86:e7:9f:54:88:e9:ea:c5:6f:47:17:f9:
b3:7f:b6:d6:ff:1f:0b:41:6d:21:b3:5f:9a:e5:20:51:4f:6c:
b0:c7:8d:f8:70:c5:e9:a5:d7:4f:0a:86:65:79:1f:8e:cc:49:
25:3e:ef:7f:85:85:d4:2e:26:0f:1d:d2:1d:f0:3c:5b:11:b0:
c4:b4:a5:b5:00:93:41:f0:9d:15:5a:68:21:50:30:df:d4:8b:
28:fa:78:f4:91:dc:09:8c:8a:49:a5:9b:42:21:1d:2c:36:57:
ff:b8:0b:f7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTVInrPMN/zeoH9N1erIK278VVn8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTEwMTBaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmNDMyMWMwMDY2YTAwMzU2OTQ5ZmE2ZDY1ZDc2YTBmNWUwZjQwOWE2OWY0
MTZkNDdlNmUzNDFlYjA4OGE0NzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMd+UWxSXvgmrUYIdnOuMQZKqFT0iBBZypCrHcRnuavptGA9DvA1fSU0tLTb
9EwUhrwJ3PdEVKOZ/30PCXoUEvKzqLC1S6H8L3DALGXCm8p2pRlHyJQZcfW9C/yQ
GdjTH+8ojHFAVu3wWAQK9oojsgllQQPzdeDY7P8V0YUBblc013ZeAeGJol2AE25T
xrjrSWwiEN/ifJ1gQxuPOdCuX0OJItF8DTK3m10NxY2FWNJr4V8AsLmj2lt5r9cS
7Qmzf6s/++56jg3APu0pdbihAVAB9qrj5yCBAmsFKWIcBh2xnTRn03DSJVLEBBEN
tj9+DuO7TQPkKaF/eja6Hxo34ecCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT0a8Tn
k6lXAhQjBnRtHsFmy6jLqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWI4Zjk4MzItZGY5Yi00ZmM4LTk0ZGEtNWU4ODNlMGQ2ZTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCA
MA0GCSqGSIb3DQEBCwUAA4IBAQBtEO/Ao+XuzMs8BoH1Kyj+FyQafpSYICd1H5nJ
t48eUFPyNQAdjQ5vTWnjwHZzCDDtcDj6va17/WlZ9JkG2mpvhc878HUxk3JrAbKF
fMkfY2gMqeRPWtt4jcQuGlYF71kfPK9ja5eR5v/lAu84Knl47OxqpU1lhypTuDmK
kq82iZBcJGq7VtSUXNu//j+h9ROD9WP7jl6G559UiOnqxW9HF/mzf7bW/x8LQW0h
s1+a5SBRT2ywx434cMXppddPCoZleR+OzEklPu9/hYXULiYPHdId8DxbEbDEtKW1
AJNB8J0VWmghUDDf1Iso+nj0kdwJjIpJpZtCIR0sNlf/uAv3
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:36:52 2025 by rpki-client