Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ddc52a-8a4f-4ef2-95ec-dbf3a76be98d.roa
File: 62ddc52a-8a4f-4ef2-95ec-dbf3a76be98d.roa (raw, json)
Hash identifier: LANkf6PMnHZ1NROFs56NQTCOB6mm439viSN71B4xJII=
Subject key identifier: AA:71:08:A0:CD:C4:50:DF:CC:52:04:EB:10:3E:48:BC:7E:CB:D5:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B61F5CE210562F3EB79F1E37729F62CA321B790
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ddc52a-8a4f-4ef2-95ec-dbf3a76be98d.roa
Signing time: Mon 07 Jul 2025 18:20:17 +0000
ROA not before: Mon 07 Jul 2025 18:20:17 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:61:f5:ce:21:05:62:f3:eb:79:f1:e3:77:29:f6:2c:a3:21:b7:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:20:17 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=81868287ae91b23d0129f51a369ef9e00c2b9bfbfb1e97e4c81a02a6e20a9623, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:96:c4:b3:d3:0a:63:22:dd:00:91:c3:76:97:
e7:f3:d6:cf:cf:7f:26:2d:3f:18:4d:12:1d:22:3d:
bb:60:e7:06:8f:92:03:7b:8a:41:04:7f:4e:ec:0d:
f0:6d:9e:50:cb:06:f8:80:93:34:86:f7:d3:85:18:
64:87:ba:d3:a5:86:88:b1:f4:89:e2:44:4d:da:d4:
3e:3d:1e:bc:c3:04:a0:4d:3f:fe:da:87:7c:5a:27:
64:9f:71:8b:74:73:62:84:be:2f:54:8c:13:41:1c:
0e:be:7a:49:12:57:09:3e:bb:9b:a3:9f:fc:d0:b5:
48:63:29:38:f3:89:65:ff:d4:5a:a9:28:a9:a3:da:
48:39:85:ba:1f:fd:3e:41:2d:42:86:8f:d7:92:35:
96:b3:24:ca:e1:fe:91:68:22:74:f9:81:3e:98:2d:
07:d2:f4:fb:d9:4b:21:31:60:02:c4:d0:e7:49:0b:
8a:1d:b1:5d:ab:0d:ce:00:b7:80:94:02:0f:88:cb:
8d:51:ef:82:57:a5:d9:dc:bf:34:05:b6:a1:26:20:
67:2d:a1:5b:a0:20:e0:e6:b5:51:46:69:54:b0:f1:
00:a2:97:73:2b:3f:03:fd:84:d8:2f:bd:0c:d7:14:
45:72:af:0e:fc:f9:e4:61:0a:b0:69:57:16:a5:25:
b4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:71:08:A0:CD:C4:50:DF:CC:52:04:EB:10:3E:48:BC:7E:CB:D5:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ddc52a-8a4f-4ef2-95ec-dbf3a76be98d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:840::/46
Signature Algorithm: sha256WithRSAEncryption
7a:d7:e0:4d:a5:2a:1e:51:2d:0a:50:a7:d0:d9:60:b9:f6:fa:
64:51:90:41:81:7b:aa:23:50:2a:e0:d1:7b:b6:08:e1:cd:40:
0b:0c:ac:47:9e:3a:72:c2:57:25:19:74:e2:56:43:0a:35:53:
4c:dd:64:f2:c5:f0:42:21:75:24:ba:0d:06:b1:92:43:94:8f:
7a:ea:2c:4e:23:0a:d6:7e:3b:c9:0a:7d:dd:36:e8:d5:de:00:
89:33:ce:fc:35:c2:68:c5:76:a1:2f:0c:08:d5:df:5b:4f:a3:
8f:ad:07:cc:b5:52:c2:c8:61:86:f7:66:ca:b2:d8:3c:43:05:
2a:91:23:54:5a:35:8c:b5:02:f0:4f:49:3c:6b:17:93:03:53:
e9:e1:9e:fe:c8:5b:e2:90:5b:d3:05:6b:4f:fe:74:fd:32:fd:
33:fc:2b:03:22:ba:0f:af:47:7c:e7:94:c0:be:7c:2d:c7:2c:
53:50:26:b5:09:b8:c3:45:ec:70:61:d3:56:21:e1:4f:c7:1c:
ce:aa:b9:d8:fd:53:d1:fb:b0:a2:be:34:22:9d:8b:a6:1d:5b:
78:96:b4:eb:10:e5:27:1f:3b:a0:63:8e:54:8f:c7:7a:b8:a9:
11:c9:25:88:36:80:b4:33:71:64:03:e6:36:7a:49:12:25:88:
7b:dc:ba:5e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe2H1ziEFYvPrefHjdyn2LKMht5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIwMTdaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxODY4Mjg3YWU5MWIyM2QwMTI5ZjUxYTM2OWVmOWUwMGMyYjliZmJmYjFl
OTdlNGM4MWEwMmE2ZTIwYTk2MjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKWxLPTCmMi3QCRw3aX5/PWz89/Ji0/GE0SHSI9u2DnBo+SA3uKQQR/TuwN
8G2eUMsG+ICTNIb304UYZIe606WGiLH0ieJETdrUPj0evMMEoE0//tqHfFonZJ9x
i3RzYoS+L1SME0EcDr56SRJXCT67m6Of/NC1SGMpOPOJZf/UWqkoqaPaSDmFuh/9
PkEtQoaP15I1lrMkyuH+kWgidPmBPpgtB9L0+9lLITFgAsTQ50kLih2xXasNzgC3
gJQCD4jLjVHvglel2dy/NAW2oSYgZy2hW6Ag4Oa1UUZpVLDxAKKXcys/A/2E2C+9
DNcURXKvDvz55GEKsGlXFqUltLUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSqcQig
zcRQ38xSBOsQPki8fsvVKzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjJkZGM1MmEtOGE0Zi00ZWYyLTk1ZWMtZGJmM2E3NmJlOThkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DUI
QDANBgkqhkiG9w0BAQsFAAOCAQEAetfgTaUqHlEtClCn0Nlgufb6ZFGQQYF7qiNQ
KuDRe7YI4c1ACwysR546csJXJRl04lZDCjVTTN1k8sXwQiF1JLoNBrGSQ5SPeuos
TiMK1n47yQp93Tbo1d4AiTPO/DXCaMV2oS8MCNXfW0+jj60HzLVSwshhhvdmyrLY
PEMFKpEjVFo1jLUC8E9JPGsXkwNT6eGe/shb4pBb0wVrT/50/TL9M/wrAyK6D69H
fOeUwL58LccsU1AmtQm4w0XscGHTViHhT8cczqq52P1T0fuwor40Ip2Lph1beJa0
6xDlJx87oGOOVI/HeripEckliDaAtDNxZAPmNnpJEiWIe9y6Xg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:36:44 2025 by rpki-client