Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64f0a197-0057-458b-924a-0b7079fbd04c.roa
File: 64f0a197-0057-458b-924a-0b7079fbd04c.roa (raw, json)
Hash identifier: m9RXBtR5vDy808fBgI1eiffJwDyGEywTIBocSVQlEbA=
Subject key identifier: 79:F7:5F:B3:EF:36:22:86:83:30:3F:81:A1:D4:41:1F:F9:12:37:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C6FB6723EF5B805A3BBC0C257220B2F00F1EE1D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64f0a197-0057-458b-924a-0b7079fbd04c.roa
Signing time: Mon 07 Jul 2025 18:20:48 +0000
ROA not before: Mon 07 Jul 2025 18:20:48 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:6f:b6:72:3e:f5:b8:05:a3:bb:c0:c2:57:22:0b:2f:00:f1:ee:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:20:48 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=4c0775f91b3c7cee3dcb7fa1e3b9f7cf51831019776925f3a3e8074c7deaefd4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:37:3d:00:c3:a2:0c:d4:82:e3:81:3f:e5:71:
5b:a7:f7:49:bc:64:89:4f:49:2f:29:bb:e0:cd:0c:
d0:b3:f3:4a:94:2a:bb:53:05:f5:ba:98:a1:18:34:
41:5b:cd:05:48:80:3b:39:fb:f1:2d:69:ad:ac:07:
91:de:90:b0:9d:81:94:84:34:87:f3:e8:c4:c2:8f:
9c:ee:ac:be:ad:91:76:39:ca:e7:c9:1a:a7:2d:8e:
9b:85:9b:ee:5f:ab:24:98:f4:47:df:a8:05:3d:8a:
34:22:f7:5b:03:f0:fc:35:c0:67:75:67:d3:fe:7a:
07:e9:be:61:16:c2:af:09:57:13:cc:89:81:02:30:
71:74:b0:6d:32:ca:3a:88:aa:70:61:1d:2a:8c:e5:
98:6d:40:b9:18:ca:a8:9a:50:a7:84:9a:29:47:21:
97:22:1f:b6:ae:12:80:a0:fc:76:83:4d:f9:77:18:
d6:e3:2c:08:95:58:a4:14:e0:09:69:3f:5d:0e:4a:
88:bb:9b:8f:b3:17:ad:6d:56:e0:8d:5c:1f:d3:b4:
4e:e0:1e:32:80:a2:59:5d:ea:0e:95:67:4b:14:31:
4c:ce:a3:5b:0a:4b:02:d8:1f:60:f2:d4:b7:3b:73:
4b:b2:20:6c:3e:75:d6:5a:e6:e8:07:79:f4:eb:3c:
80:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:F7:5F:B3:EF:36:22:86:83:30:3F:81:A1:D4:41:1F:F9:12:37:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64f0a197-0057-458b-924a-0b7079fbd04c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:840::/48
Signature Algorithm: sha256WithRSAEncryption
44:70:f3:ac:77:11:a4:87:1c:02:28:fa:c6:18:8e:ff:1e:29:
14:47:10:e0:20:85:66:58:23:89:8f:e9:9f:90:cb:ba:04:52:
f6:ad:ef:b3:3d:22:60:0d:f3:b8:a4:b2:2f:53:1c:13:1a:ff:
19:f3:dd:de:03:be:68:3b:54:04:d4:bf:7f:e0:78:de:19:e3:
b3:c2:33:87:5a:70:c3:ba:29:e0:01:5f:fe:ea:f2:a4:30:28:
91:dc:d5:a3:8d:b7:b2:79:60:a4:61:0c:cf:48:41:82:53:42:
7e:6a:5c:87:1b:51:fa:16:cf:c1:d3:1e:00:64:a9:0e:08:b8:
d7:a0:bb:2f:e1:53:3f:57:6f:56:11:77:dc:8c:6d:f4:20:d0:
1c:4e:72:0c:0c:c4:5d:f4:7c:ab:94:53:82:14:3a:b4:00:0f:
12:65:05:1c:c5:4a:67:19:b6:f0:ca:42:5e:eb:f8:e4:33:21:
0f:19:46:6e:b5:74:44:b2:88:22:9b:d1:36:b4:a1:d1:eb:67:
94:6c:0d:51:d3:e9:6f:f7:41:5f:6e:2b:fa:c5:0e:41:3e:b4:
5a:ab:11:56:d1:7c:0f:ad:4d:b7:89:c0:fc:05:10:ce:e7:7e:
05:c4:d5:97:ae:62:2f:76:cc:ee:18:17:c5:5e:21:12:ec:3e:
18:f5:ea:6c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHG+2cj71uAWju8DCVyILLwDx7h0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIwNDhaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjMDc3NWY5MWIzYzdjZWUzZGNiN2ZhMWUzYjlmN2NmNTE4MzEwMTk3NzY5
MjVmM2EzZTgwNzRjN2RlYWVmZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQ3PQDDogzUguOBP+VxW6f3SbxkiU9JLym74M0M0LPzSpQqu1MF9bqYoRg0
QVvNBUiAOzn78S1prawHkd6QsJ2BlIQ0h/PoxMKPnO6svq2RdjnK58kapy2Om4Wb
7l+rJJj0R9+oBT2KNCL3WwPw/DXAZ3Vn0/56B+m+YRbCrwlXE8yJgQIwcXSwbTLK
OoiqcGEdKozlmG1AuRjKqJpQp4SaKUchlyIftq4SgKD8doNN+XcY1uMsCJVYpBTg
CWk/XQ5KiLubj7MXrW1W4I1cH9O0TuAeMoCiWV3qDpVnSxQxTM6jWwpLAtgfYPLU
tztzS7IgbD511lrm6Ad59Os8gBsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR591+z
7zYihoMwP4Gh1EEf+RI3aTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjRmMGExOTctMDA1Ny00NThiLTkyNGEtMGI3MDc5ZmJkMDRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEI
QDANBgkqhkiG9w0BAQsFAAOCAQEARHDzrHcRpIccAij6xhiO/x4pFEcQ4CCFZlgj
iY/pn5DLugRS9q3vsz0iYA3zuKSyL1McExr/GfPd3gO+aDtUBNS/f+B43hnjs8Iz
h1pww7op4AFf/urypDAokdzVo423snlgpGEMz0hBglNCfmpchxtR+hbPwdMeAGSp
Dgi416C7L+FTP1dvVhF33Ixt9CDQHE5yDAzEXfR8q5RTghQ6tAAPEmUFHMVKZxm2
8MpCXuv45DMhDxlGbrV0RLKIIpvRNrSh0etnlGwNUdPpb/dBX24r+sUOQT60WqsR
VtF8D61Nt4nA/AUQzud+BcTVl65iL3bM7hgXxV4hEuw+GPXqbA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:45 2025 by rpki-client