Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65c46db4-023b-4885-8c6b-9444db174ad3.roa
File: 65c46db4-023b-4885-8c6b-9444db174ad3.roa (raw, json)
Hash identifier: ulToEpf09/1YmM3E2VUNAcvfpA6oWIjdu9jhH3INinA=
Subject key identifier: 73:B8:87:CA:CA:94:B1:39:CF:79:65:6D:F0:A7:E7:A5:41:58:EC:5B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 254AC40BA7E9EFBB0D171F5A4EE1B15484889A50
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65c46db4-023b-4885-8c6b-9444db174ad3.roa
Signing time: Fri 11 Jul 2025 20:00:50 +0000
ROA not before: Fri 11 Jul 2025 20:00:50 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:c080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:4a:c4:0b:a7:e9:ef:bb:0d:17:1f:5a:4e:e1:b1:54:84:88:9a:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:00:50 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=69bfc61d419050ca77bf5fc65b0e4f3c7ee219a141cf2c2645f7b36890a412a1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:7b:73:72:e9:ee:c4:82:16:b8:17:e2:ab:ee:
18:db:ff:03:bc:e3:26:8a:05:b3:86:7a:3c:a7:f9:
bc:7b:68:8f:e7:24:00:34:21:07:7a:36:b7:89:f4:
bd:6f:2a:e9:19:45:26:b4:2b:57:9b:98:c5:f0:27:
9f:60:47:f6:15:cc:b2:60:97:a8:eb:d6:96:ec:e2:
c1:23:84:37:57:aa:77:81:84:65:d3:af:d9:0b:f8:
aa:c2:7c:a0:52:74:51:a0:ce:cd:fa:e5:73:8f:6c:
b3:01:98:28:1b:45:15:97:fe:84:be:d3:fa:f0:df:
6d:ee:dc:e8:24:91:ab:61:d8:df:d7:c8:78:85:f6:
8c:fb:65:07:13:84:21:85:02:c8:3a:f6:8c:a0:a0:
9a:15:3d:83:98:55:32:95:e6:5c:56:3e:35:cc:ce:
3b:0e:39:0e:1e:bd:90:d8:9b:49:47:64:a6:d4:85:
8a:72:20:0b:81:af:d0:5b:88:23:c5:97:b6:ee:55:
41:39:8b:c1:e1:4b:a2:de:71:63:52:7b:e6:b2:1a:
f9:64:31:5c:5a:64:b5:9b:22:a0:23:ed:2b:16:16:
50:7d:d6:ce:d0:88:d2:79:43:53:4b:4c:60:ef:a9:
59:14:6c:31:a8:7d:61:90:8e:01:45:23:70:74:fe:
b5:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:B8:87:CA:CA:94:B1:39:CF:79:65:6D:F0:A7:E7:A5:41:58:EC:5B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65c46db4-023b-4885-8c6b-9444db174ad3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:c080::/46
Signature Algorithm: sha256WithRSAEncryption
49:66:9f:8d:0d:8c:a2:05:7a:7a:fc:a9:fd:c9:46:78:bf:26:
ce:00:2f:96:49:6c:a2:f4:82:3c:dc:24:cf:68:75:a6:b9:55:
86:92:80:89:5c:51:43:4f:d5:b7:32:65:66:50:76:e6:63:29:
80:42:5b:b3:b6:e0:38:51:98:c0:ad:51:03:1a:64:2c:6d:c7:
34:55:ca:c3:39:4c:ed:00:e9:fd:e0:42:0c:00:6b:7f:0e:9c:
95:6c:7e:7e:94:de:73:5d:b4:d9:f6:ee:26:48:d2:bb:41:5c:
21:af:1c:e6:bc:d8:5e:99:3f:38:2a:f8:3c:25:66:91:82:50:
26:08:07:d1:1f:e2:de:bd:91:2a:0e:5d:c8:b3:49:e0:97:c8:
40:4e:bc:ce:1f:2e:6c:eb:76:7c:e5:5b:a8:02:25:5e:1c:51:
11:98:25:db:18:3f:d0:8a:18:b9:48:83:22:01:21:d3:d4:f1:
f2:f6:77:08:9b:a1:04:9c:5f:d6:e9:28:3b:86:3a:3f:54:e5:
84:e9:b0:bb:d3:fc:42:a7:69:3f:a1:e4:72:7c:48:d5:f6:c5:
3a:41:0f:5a:d7:f5:c8:af:10:c7:ff:02:dc:84:b8:9e:b7:9b:
c3:4e:a1:15:d8:85:30:40:9a:ed:04:8f:a9:93:ac:b9:b0:31:
40:c9:eb:e4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJUrEC6fp77sNFx9aTuGxVISImlAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAwNTBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5YmZjNjFkNDE5MDUwY2E3N2JmNWZjNjViMGU0ZjNjN2VlMjE5YTE0MWNm
MmMyNjQ1ZjdiMzY4OTBhNDEyYTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPd7c3Lp7sSCFrgX4qvuGNv/A7zjJooFs4Z6PKf5vHtoj+ckADQhB3o2t4n0
vW8q6RlFJrQrV5uYxfAnn2BH9hXMsmCXqOvWluziwSOEN1eqd4GEZdOv2Qv4qsJ8
oFJ0UaDOzfrlc49sswGYKBtFFZf+hL7T+vDfbe7c6CSRq2HY39fIeIX2jPtlBxOE
IYUCyDr2jKCgmhU9g5hVMpXmXFY+NczOOw45Dh69kNibSUdkptSFinIgC4Gv0FuI
I8WXtu5VQTmLweFLot5xY1J75rIa+WQxXFpktZsioCPtKxYWUH3WztCI0nlDU0tM
YO+pWRRsMah9YZCOAUUjcHT+tXsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRzuIfK
ypSxOc95ZW3wp+elQVjsWzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjVjNDZkYjQtMDIzYi00ODg1LThjNmItOTQ0NGRiMTc0YWQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HvA
gDANBgkqhkiG9w0BAQsFAAOCAQEASWafjQ2MogV6evyp/clGeL8mzgAvlklsovSC
PNwkz2h1prlVhpKAiVxRQ0/VtzJlZlB25mMpgEJbs7bgOFGYwK1RAxpkLG3HNFXK
wzlM7QDp/eBCDABrfw6clWx+fpTec1202fbuJkjSu0FcIa8c5rzYXpk/OCr4PCVm
kYJQJggH0R/i3r2RKg5dyLNJ4JfIQE68zh8ubOt2fOVbqAIlXhxREZgl2xg/0IoY
uUiDIgEh09Tx8vZ3CJuhBJxf1ukoO4Y6P1TlhOmwu9P8QqdpP6HkcnxI1fbFOkEP
Wtf1yK8Qx/8C3IS4nrebw06hFdiFMECa7QSPqZOsubAxQMnr5A==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:15 2025 by rpki-client