Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
File: 631196a4-90f5-4760-982e-15fbaf4805ec.roa (raw, json)
Hash identifier: gK2pIyxw74aDCzpJa5dSrzk6hDNOeZNr/1xu+y4hDdg=
Subject key identifier: 15:90:82:CC:C0:A2:CF:B4:17:AF:80:6D:EF:8F:4F:3A:34:70:3F:F6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0149D76C84E65D7334DA0FF90068C0D3023EA8B1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
Signing time: Mon 07 Jul 2025 18:30:06 +0000
ROA not before: Mon 07 Jul 2025 18:30:06 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d020:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:49:d7:6c:84:e6:5d:73:34:da:0f:f9:00:68:c0:d3:02:3e:a8:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:30:06 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=f4c3caeb677d7c5e03e90f6ced39393be1162bc28fbba255f484d102f94c6766, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e6:83:27:ee:f4:5a:6a:b6:0e:50:a6:67:11:
2d:cc:b0:bb:dd:96:97:d3:56:dc:93:16:dc:16:9a:
9c:67:06:bc:ed:dc:35:36:c1:98:bb:f1:1b:9a:7e:
69:49:f4:81:5d:b2:6a:c1:af:84:a0:a9:ef:c0:83:
e7:59:c3:c8:43:28:90:09:df:7e:aa:14:5a:16:e1:
dc:ed:d0:c7:1a:ce:f1:98:02:fa:89:85:6d:cc:3d:
f8:1b:d3:c8:ec:a7:30:ef:7f:5e:fd:b6:01:e0:d6:
16:0a:de:41:b0:cd:64:3e:7c:cb:cb:26:ca:47:97:
88:ee:93:04:38:5b:79:c0:6b:a3:e6:3b:ae:a8:0a:
84:1e:27:07:c6:fe:25:a0:15:48:b1:8a:c7:54:13:
0d:da:d7:11:53:89:33:ce:29:15:06:37:63:eb:fc:
92:ba:fc:11:19:ff:5d:17:b9:4d:0d:7c:76:7b:84:
18:7a:e8:2f:64:05:af:46:da:59:91:40:81:de:4c:
e0:2c:15:7c:40:ec:48:54:4e:3e:03:2f:30:ec:93:
3f:41:c7:92:1b:4f:3e:97:ff:4a:1f:62:6c:2c:da:
12:92:8a:89:ab:d2:7f:e5:dc:67:02:1e:87:af:c8:
65:c8:c6:3e:ed:ae:55:f3:2c:1d:d8:c9:f9:7d:2a:
4e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:90:82:CC:C0:A2:CF:B4:17:AF:80:6D:EF:8F:4F:3A:34:70:3F:F6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d020:8000::/36
Signature Algorithm: sha256WithRSAEncryption
7e:1e:f4:2b:59:b0:af:c0:d3:b1:51:d7:1c:32:1d:3e:f2:53:
a3:26:9a:4a:bf:ae:f6:ef:43:e0:de:0e:b4:97:2a:ed:15:5e:
10:5f:63:31:eb:5b:87:ef:da:c0:5f:b9:d7:cd:d8:25:98:b0:
89:2c:db:23:26:de:50:e3:0d:20:1a:34:97:a7:61:77:41:b3:
d6:a4:ba:8e:b9:39:43:25:66:c7:01:3c:bc:4f:cb:90:8d:b2:
6c:ff:53:68:bf:da:36:d4:2a:4d:5b:1f:92:7a:f4:58:56:94:
3c:34:04:a6:fe:b6:85:5c:af:1b:b8:bc:32:42:45:ae:07:5f:
58:47:25:f7:48:6b:b0:81:a7:de:58:05:de:a4:65:16:78:07:
63:03:ca:95:6d:63:2c:18:99:8e:0f:d3:d4:f0:72:c1:e8:7e:
bd:75:f1:1e:91:c1:81:d3:81:32:1e:99:35:d6:e5:fe:fc:6d:
06:8c:4d:4e:c2:d3:b6:42:94:59:57:02:41:36:af:8e:11:c0:
c6:7d:9a:63:83:fd:2c:a5:d5:11:cb:a8:f7:22:5b:f6:3d:73:
60:fd:15:92:7e:3a:95:e8:58:0f:87:08:3d:65:34:f0:c9:a3:
98:08:c8:5c:9c:3c:f4:9b:1b:62:5b:37:29:5a:1e:f0:e7:b6:
a6:89:83:c6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAUnXbITmXXM02g/5AGjA0wI+qLEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODMwMDZaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0YzNjYWViNjc3ZDdjNWUwM2U5MGY2Y2VkMzkzOTNiZTExNjJiYzI4ZmJi
YTI1NWY0ODRkMTAyZjk0YzY3NjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/mgyfu9Fpqtg5QpmcRLcywu92Wl9NW3JMW3BaanGcGvO3cNTbBmLvxG5p+
aUn0gV2yasGvhKCp78CD51nDyEMokAnffqoUWhbh3O3QxxrO8ZgC+omFbcw9+BvT
yOynMO9/Xv22AeDWFgreQbDNZD58y8smykeXiO6TBDhbecBro+Y7rqgKhB4nB8b+
JaAVSLGKx1QTDdrXEVOJM84pFQY3Y+v8krr8ERn/XRe5TQ18dnuEGHroL2QFr0ba
WZFAgd5M4CwVfEDsSFROPgMvMOyTP0HHkhtPPpf/Sh9ibCzaEpKKiavSf+XcZwIe
h6/IZcjGPu2uVfMsHdjJ+X0qTi0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQVkILM
wKLPtBevgG3vj086NHA/9jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjMxMTk2YTQtOTBmNS00NzYwLTk4MmUtMTVmYmFmNDgwNWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CCA
MA0GCSqGSIb3DQEBCwUAA4IBAQB+HvQrWbCvwNOxUdccMh0+8lOjJppKv67270Pg
3g60lyrtFV4QX2Mx61uH79rAX7nXzdglmLCJLNsjJt5Q4w0gGjSXp2F3QbPWpLqO
uTlDJWbHATy8T8uQjbJs/1Nov9o21CpNWx+SevRYVpQ8NASm/raFXK8buLwyQkWu
B19YRyX3SGuwgafeWAXepGUWeAdjA8qVbWMsGJmOD9PU8HLB6H69dfEekcGB04Ey
Hpk11uX+/G0GjE1OwtO2QpRZVwJBNq+OEcDGfZpjg/0spdURy6j3Ilv2PXNg/RWS
fjqV6FgPhwg9ZTTwyaOYCMhcnDz0mxtiWzcpWh7w57amiYPG
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:12 2025 by rpki-client