Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa
File: 613f885a-7f25-486b-9eff-fdd6b2c05b65.roa (raw, json)
Hash identifier: whpuorjQbuwnsJR+115ycryrbuvRhjR7/CK+VOJ2D+Q=
Subject key identifier: 57:11:B2:9A:53:F3:95:1B:AB:F2:03:BB:1B:79:88:BC:D8:14:1E:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 426B0F0BD47D28E2507738D79399EA0227A068F1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa
Signing time: Fri 11 Jul 2025 19:31:11 +0000
ROA not before: Fri 11 Jul 2025 19:31:11 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:6b:0f:0b:d4:7d:28:e2:50:77:38:d7:93:99:ea:02:27:a0:68:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:31:11 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=6cff6a9e4781239d7a44327b928c6acef4014dff77d3705e4e98820b50476059, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a0:17:80:a1:2f:36:f4:bc:9d:03:7c:3b:32:
a1:79:a3:4b:5e:9d:34:4e:d6:09:83:08:51:6d:4f:
00:f1:c5:04:d3:c4:9f:19:9c:cc:bc:3a:a1:64:c7:
59:8b:0a:94:e5:a0:e0:54:33:44:f6:a5:ef:33:48:
01:a9:23:63:39:02:1f:66:98:c7:7c:3f:7a:5a:e6:
3c:3b:05:8e:49:89:85:4c:d3:1f:fc:c6:b2:dc:97:
77:7a:1d:69:b9:0f:b9:48:f8:5b:21:f4:a0:f4:0c:
40:a5:93:39:78:7c:ec:71:f9:34:12:8f:4a:9e:7b:
85:17:57:b5:9d:46:19:85:31:ff:c9:3a:34:f9:ce:
a4:ca:61:ba:65:90:d3:87:28:74:74:aa:dc:f5:5b:
ee:fd:32:d4:3c:dd:5f:8d:ce:c9:dc:9d:f9:b9:be:
77:06:f6:d2:75:40:ac:7e:d8:22:43:8f:2b:08:ea:
30:56:bc:39:9b:21:6d:b1:09:67:ae:fc:c7:b8:55:
0f:a6:b0:fa:f6:1a:ef:45:d2:c1:4e:22:c3:a9:3f:
a3:be:e0:41:35:11:f4:be:91:e3:26:1d:04:70:3f:
01:6d:d8:81:e7:66:71:13:16:22:1e:47:7f:b7:7b:
7c:20:66:8d:19:ee:9a:d8:f5:2c:e3:37:49:0d:bb:
3f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:11:B2:9A:53:F3:95:1B:AB:F2:03:BB:1B:79:88:BC:D8:14:1E:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4080::/48
Signature Algorithm: sha256WithRSAEncryption
1a:38:23:fd:50:5d:a4:87:c3:ce:69:b0:c9:6c:cb:05:ad:b0:
b6:19:7a:0d:52:ae:d2:b1:04:be:19:df:1f:e0:26:ed:fb:67:
d7:ce:cc:f7:33:28:82:d3:89:4d:85:59:8b:40:60:be:22:c0:
b4:62:d7:6a:cb:ff:fd:d2:79:e3:12:97:7c:69:ba:68:8f:93:
5c:11:d7:c9:0d:c4:9d:be:0c:dc:84:67:47:f2:fc:d2:bf:b1:
ed:b5:53:cb:bc:20:33:fd:58:ca:af:91:65:bd:35:1e:9a:a1:
8c:90:14:e4:51:6e:a4:f8:c7:fd:c4:bf:8d:ad:f2:b1:2f:f7:
ed:66:8e:50:7e:59:e5:fe:bc:0e:61:ad:2e:b0:7a:da:d1:4f:
27:a4:4b:07:9d:f3:97:b6:b9:6f:bc:1d:10:23:96:c4:ef:b9:
73:b7:a4:ad:59:dd:19:74:c2:ab:8e:0a:f1:12:8a:9a:9f:2a:
1c:e6:b1:32:d1:d7:a0:7c:de:3a:dd:db:b3:83:ee:59:87:65:
2a:c2:9e:9b:b3:5f:94:27:66:5a:37:ee:ff:a0:b9:29:c7:00:
60:46:f4:ca:a3:c1:f6:70:f7:31:2e:e4:a5:b4:42:83:29:46:
1c:30:30:21:c4:09:22:99:85:f9:aa:f1:eb:9c:69:fc:56:7e:
d5:54:f1:9d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQmsPC9R9KOJQdzjXk5nqAiegaPEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMxMTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjZmY2YTllNDc4MTIzOWQ3YTQ0MzI3YjkyOGM2YWNlZjQwMTRkZmY3N2Qz
NzA1ZTRlOTg4MjBiNTA0NzYwNTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ2gF4ChLzb0vJ0DfDsyoXmjS16dNE7WCYMIUW1PAPHFBNPEnxmczLw6oWTH
WYsKlOWg4FQzRPal7zNIAakjYzkCH2aYx3w/elrmPDsFjkmJhUzTH/zGstyXd3od
abkPuUj4WyH0oPQMQKWTOXh87HH5NBKPSp57hRdXtZ1GGYUx/8k6NPnOpMphumWQ
04codHSq3PVb7v0y1DzdX43Oydyd+bm+dwb20nVArH7YIkOPKwjqMFa8OZshbbEJ
Z678x7hVD6aw+vYa70XSwU4iw6k/o77gQTUR9L6R4yYdBHA/AW3YgedmcRMWIh5H
f7d7fCBmjRnumtj1LOM3SQ27P2kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRXEbKa
U/OVG6vyA7sbeYi82BQeAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjEzZjg4NWEtN2YyNS00ODZiLTllZmYtZmRkNmIyYzA1YjY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
gDANBgkqhkiG9w0BAQsFAAOCAQEAGjgj/VBdpIfDzmmwyWzLBa2wthl6DVKu0rEE
vhnfH+Am7ftn187M9zMogtOJTYVZi0BgviLAtGLXasv//dJ54xKXfGm6aI+TXBHX
yQ3Enb4M3IRnR/L80r+x7bVTy7wgM/1Yyq+RZb01HpqhjJAU5FFupPjH/cS/ja3y
sS/37WaOUH5Z5f68DmGtLrB62tFPJ6RLB53zl7a5b7wdECOWxO+5c7ekrVndGXTC
q44K8RKKmp8qHOaxMtHXoHzeOt3bs4PuWYdlKsKem7NflCdmWjfu/6C5KccAYEb0
yqPB9nD3MS7kpbRCgylGHDAwIcQJIpmF+arx65xp/FZ+1VTxnQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:11 2025 by rpki-client