Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d2dcf71-0209-4006-a427-f221e27d6ed7.roa
File: 5d2dcf71-0209-4006-a427-f221e27d6ed7.roa (raw, json)
Hash identifier: rXzfX6QA5utT4RrcKAY6dIL3UswiuoQE1pY+/a2yuks=
Subject key identifier: 62:33:14:27:9C:DD:21:B8:FC:BA:F8:D8:7B:A1:44:15:5C:04:7D:2F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 144145B77D744A08C9C61904721BECA027E6C11F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d2dcf71-0209-4006-a427-f221e27d6ed7.roa
Signing time: Fri 11 Jul 2025 19:41:44 +0000
ROA not before: Fri 11 Jul 2025 19:41:44 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:c080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:41:45:b7:7d:74:4a:08:c9:c6:19:04:72:1b:ec:a0:27:e6:c1:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:41:44 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=5b32f4bddec2688cc54dc0e26beb2a94bf970f3b57112c206083e33391a03db4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3b:aa:18:b8:bd:e2:ee:5c:4c:0e:01:27:b3:
d2:68:c7:dc:fe:53:db:e9:e6:fa:76:dd:ca:c3:60:
81:50:81:2b:28:6f:fa:87:96:3d:57:4e:1f:65:50:
c4:05:b6:45:68:e0:c1:77:4b:0e:de:b4:8f:1a:6e:
4d:57:7f:eb:ea:a8:a4:eb:70:6f:b0:11:05:e1:3d:
5b:55:8e:50:7a:75:7a:07:a5:9f:b9:bd:e8:7e:d8:
8a:c2:2a:3f:eb:56:37:fb:1d:97:84:86:11:59:3c:
b8:84:26:0a:5b:ae:f9:16:ba:e5:da:59:08:9a:c5:
24:29:f6:a2:13:1b:eb:c8:92:0a:13:31:db:60:e3:
05:36:26:18:d6:65:28:f3:52:8d:7b:73:8e:3c:a4:
95:15:9f:e8:12:ed:37:a9:46:3a:0a:f0:fc:93:ea:
48:5e:0d:56:78:cd:4f:4f:f0:ea:ad:2c:b6:23:f9:
e1:56:d4:54:20:e6:d5:ab:50:67:d5:70:f8:2c:65:
3f:86:27:8d:28:3a:51:ed:2a:d6:f9:d0:53:da:15:
5d:3d:39:26:9c:a0:1a:83:3c:9f:a2:98:0a:95:d5:
6e:13:88:66:1d:c0:38:9f:bd:8c:38:15:69:42:89:
87:ca:95:81:b6:9a:1e:8f:84:ca:f1:3d:f5:64:4d:
02:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:33:14:27:9C:DD:21:B8:FC:BA:F8:D8:7B:A1:44:15:5C:04:7D:2F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d2dcf71-0209-4006-a427-f221e27d6ed7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:c080::/46
Signature Algorithm: sha256WithRSAEncryption
1e:fb:8c:0b:0b:9f:57:12:bd:a3:d4:73:45:a5:7e:df:3a:24:
e6:dc:a9:10:10:5e:9c:b3:35:e6:2c:83:0f:60:46:79:ba:b1:
88:0b:aa:ea:47:ce:b1:b6:7c:9e:1c:e4:22:13:bb:a8:bd:12:
b7:01:40:c5:4e:af:7a:f7:2c:e8:47:bf:2d:50:09:30:56:e1:
19:11:bc:b3:b6:7f:91:04:c7:67:ea:2c:c9:00:ed:38:7e:2d:
57:cc:47:a5:b1:6b:aa:eb:e1:0d:ea:28:32:a0:87:3e:d3:ea:
1d:23:43:25:fc:c1:9c:b8:dd:a1:3f:02:a1:bf:dd:b2:bf:f5:
b3:16:15:62:7f:d3:9d:2a:10:e1:13:ae:59:01:ae:e9:19:00:
94:cc:84:22:16:54:6c:23:da:6d:8f:16:93:ec:d6:e3:7a:fd:
ee:b0:76:b3:87:c1:09:e0:c4:49:a0:dd:5b:ac:7e:f4:a2:f5:
a0:58:48:f5:90:95:43:44:a0:e6:88:70:fc:c8:78:ce:f6:fc:
0a:90:98:96:b1:f6:22:47:8a:fa:b8:58:b7:db:5c:5f:6e:70:
7d:93:f6:89:9d:e6:7d:61:dd:9b:bf:0f:b3:63:19:a9:ad:c4:
91:8b:5c:9f:1c:44:bd:52:cb:45:18:96:be:42:52:0c:c8:03:
f4:29:e6:6b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFEFFt310SgjJxhkEchvsoCfmwR8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTQxNDRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDViMzJmNGJkZGVjMjY4OGNjNTRkYzBlMjZiZWIyYTk0YmY5NzBmM2I1NzEx
MmMyMDYwODNlMzMzOTFhMDNkYjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIs7qhi4veLuXEwOASez0mjH3P5T2+nm+nbdysNggVCBKyhv+oeWPVdOH2VQ
xAW2RWjgwXdLDt60jxpuTVd/6+qopOtwb7ARBeE9W1WOUHp1egeln7m96H7YisIq
P+tWN/sdl4SGEVk8uIQmCluu+Ra65dpZCJrFJCn2ohMb68iSChMx22DjBTYmGNZl
KPNSjXtzjjyklRWf6BLtN6lGOgrw/JPqSF4NVnjNT0/w6q0stiP54VbUVCDm1atQ
Z9Vw+CxlP4YnjSg6Ue0q1vnQU9oVXT05JpygGoM8n6KYCpXVbhOIZh3AOJ+9jDgV
aUKJh8qVgbaaHo+EyvE99WRNAoECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRiMxQn
nN0huPy6+Nh7oUQVXAR9LzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQyZGNmNzEtMDIwOS00MDA2LWE0MjctZjIyMWUyN2Q2ZWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DXA
gDANBgkqhkiG9w0BAQsFAAOCAQEAHvuMCwufVxK9o9RzRaV+3zok5typEBBenLM1
5iyDD2BGebqxiAuq6kfOsbZ8nhzkIhO7qL0StwFAxU6vevcs6Ee/LVAJMFbhGRG8
s7Z/kQTHZ+osyQDtOH4tV8xHpbFrquvhDeooMqCHPtPqHSNDJfzBnLjdoT8Cob/d
sr/1sxYVYn/TnSoQ4ROuWQGu6RkAlMyEIhZUbCPabY8Wk+zW43r97rB2s4fBCeDE
SaDdW6x+9KL1oFhI9ZCVQ0Sg5ohw/Mh4zvb8CpCYlrH2IkeK+rhYt9tcX25wfZP2
iZ3mfWHdm78Ps2MZqa3EkYtcnxxEvVLLRRiWvkJSDMgD9Cnmaw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:44 2025 by rpki-client