Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64b71704-2a76-40c8-a5e1-57ebfb451913.roa
File: 64b71704-2a76-40c8-a5e1-57ebfb451913.roa (raw, json)
Hash identifier: ZUPdKC6TOePeJej+gp06j/JtloRUgT4F6ASAbVTs2dE=
Subject key identifier: 9B:FA:25:4D:56:B9:55:B5:2F:DB:70:C3:E1:D5:6C:76:CB:A2:5F:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 216DD3E8528E5748ABD2D81949EF8BF048212A45
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64b71704-2a76-40c8-a5e1-57ebfb451913.roa
Signing time: Fri 11 Jul 2025 19:51:14 +0000
ROA not before: Fri 11 Jul 2025 19:51:14 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:e080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:6d:d3:e8:52:8e:57:48:ab:d2:d8:19:49:ef:8b:f0:48:21:2a:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:51:14 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=f235d0910892810ee34648a136eea0320b64ea6dcfb92e1e3a7b651d4d2fef95, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ac:b2:2e:95:41:e3:84:79:66:1b:f0:bd:1a:
6c:40:a1:54:0d:a7:dc:c1:7a:48:ee:b2:9b:0e:bb:
7b:14:76:d6:bb:c2:16:e5:c8:66:3c:1a:4f:ba:58:
f7:e0:e4:5b:75:b5:ae:71:00:4e:07:38:2e:dc:85:
d3:d2:c9:45:07:82:42:05:58:66:a5:be:a5:95:21:
72:41:1a:53:12:b1:c8:5b:d8:6e:ce:ce:a7:05:de:
20:fa:b7:36:cc:d2:7b:ab:db:19:48:cf:d9:03:1d:
6c:15:42:5c:3b:e6:ba:e7:46:c9:bf:eb:a4:a2:3b:
32:6c:58:c4:47:36:b8:ea:7f:8f:8e:71:ee:c1:08:
f9:3c:b2:3d:75:ba:c6:73:85:5d:14:f3:1b:9d:f7:
94:22:68:d4:e4:61:59:8f:36:7a:84:8a:fb:98:60:
25:91:0e:4b:ca:01:bc:3a:19:78:8d:f1:51:f7:8c:
10:a2:03:33:88:23:f6:d8:fe:8f:6a:04:9b:7b:62:
ba:d5:7c:cb:13:00:c4:17:c8:01:39:ba:9e:36:45:
fb:52:9e:8d:e9:2d:b6:02:41:d5:6b:18:09:57:5a:
b1:23:56:53:09:2a:5e:42:67:1c:88:2e:54:1d:3d:
1c:34:07:fd:52:f7:c5:2e:21:94:ec:09:4b:3a:79:
db:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:FA:25:4D:56:B9:55:B5:2F:DB:70:C3:E1:D5:6C:76:CB:A2:5F:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64b71704-2a76-40c8-a5e1-57ebfb451913.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:e080::/46
Signature Algorithm: sha256WithRSAEncryption
0c:7a:69:cf:e5:cd:b9:f9:e6:5c:8f:7d:4b:1f:b9:72:f3:dc:
6d:5f:e5:1d:a8:1d:7c:dc:ad:5c:e1:9a:6b:a1:53:fa:68:f5:
4b:8b:70:ba:65:9e:af:69:f2:3e:f6:bf:bc:0e:0f:8c:36:92:
c5:1f:16:fa:f6:03:80:03:4e:cb:14:4d:ca:34:f0:e4:4a:74:
b4:aa:f9:da:03:83:61:c2:35:06:68:a4:e9:b4:86:a1:42:7f:
29:35:b8:0e:15:15:b2:bc:a5:d0:8d:93:4a:6b:fb:7a:07:49:
48:5a:5d:38:a5:b3:cc:32:25:cf:0e:9b:ea:e2:33:57:0a:fb:
83:05:cd:f1:68:c0:05:64:53:56:e1:33:1c:2f:65:e5:8d:4e:
ae:64:82:81:b8:dd:06:3f:1f:90:36:2d:b4:6e:c9:24:77:63:
03:c4:ed:51:05:ee:dc:46:b4:c5:fc:bd:c5:1e:1a:95:b0:22:
01:a6:54:e2:47:4b:42:35:2f:72:be:da:ee:e7:9f:44:d7:a2:
6a:d7:ac:06:d4:c5:a3:fd:4b:fc:4f:35:f8:f7:37:02:83:ec:
c3:ea:1a:1a:35:8d:8e:d2:9d:7b:ad:eb:a3:5d:8b:6d:a3:01:
90:8d:8c:3d:d9:47:53:6d:e3:8a:8c:62:a3:eb:48:7a:25:87:
ef:9a:9e:f5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIW3T6FKOV0ir0tgZSe+L8EghKkUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUxMTRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyMzVkMDkxMDg5MjgxMGVlMzQ2NDhhMTM2ZWVhMDMyMGI2NGVhNmRjZmI5
MmUxZTNhN2I2NTFkNGQyZmVmOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKssi6VQeOEeWYb8L0abEChVA2n3MF6SO6ymw67exR21rvCFuXIZjwaT7pY
9+DkW3W1rnEATgc4LtyF09LJRQeCQgVYZqW+pZUhckEaUxKxyFvYbs7OpwXeIPq3
NszSe6vbGUjP2QMdbBVCXDvmuudGyb/rpKI7MmxYxEc2uOp/j45x7sEI+TyyPXW6
xnOFXRTzG533lCJo1ORhWY82eoSK+5hgJZEOS8oBvDoZeI3xUfeMEKIDM4gj9tj+
j2oEm3tiutV8yxMAxBfIATm6njZF+1KejekttgJB1WsYCVdasSNWUwkqXkJnHIgu
VB09HDQH/VL3xS4hlOwJSzp52zkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSb+iVN
VrlVtS/bcMPh1Wx2y6Jf0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjRiNzE3MDQtMmE3Ni00MGM4LWE1ZTEtNTdlYmZiNDUxOTEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hfg
gDANBgkqhkiG9w0BAQsFAAOCAQEADHppz+XNufnmXI99Sx+5cvPcbV/lHagdfNyt
XOGaa6FT+mj1S4twumWer2nyPva/vA4PjDaSxR8W+vYDgANOyxRNyjTw5Ep0tKr5
2gODYcI1Bmik6bSGoUJ/KTW4DhUVsryl0I2TSmv7egdJSFpdOKWzzDIlzw6b6uIz
Vwr7gwXN8WjABWRTVuEzHC9l5Y1OrmSCgbjdBj8fkDYttG7JJHdjA8TtUQXu3Ea0
xfy9xR4albAiAaZU4kdLQjUvcr7a7uefRNeiatesBtTFo/1L/E81+Pc3AoPsw+oa
GjWNjtKde63ro12LbaMBkI2MPdlHU23jioxio+tIeiWH75qe9Q==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:44:27 2025 by rpki-client