Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
File: 67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa (raw, json)
Hash identifier: nhCLfA8nNXpK0jK/Q1KFl1wrd2YI0rEyUCFZm8tPO84=
Subject key identifier: 0F:14:B1:48:65:95:62:11:5A:10:39:55:38:A8:4A:E3:15:49:9F:94
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 387E50E72942C239FBFC85FA7D467CC1F0B44645
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
Signing time: Tue 01 Jul 2025 15:10:59 +0000
ROA not before: Tue 01 Jul 2025 15:10:59 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:7e:50:e7:29:42:c2:39:fb:fc:85:fa:7d:46:7c:c1:f0:b4:46:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:10:59 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=782bcdc20f9d34081bcb639dcb006040767a12ef3f8b6f720dd025b0339ac283, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8a:01:33:9e:6a:5f:f9:cd:4c:a0:83:65:dc:
c6:97:d4:06:ab:40:e4:4c:92:89:49:53:09:13:d9:
9a:43:c4:b3:e5:b4:85:a2:57:59:16:ab:08:62:a9:
c0:4a:08:0e:fa:4a:df:88:9b:3c:e0:a7:3b:fe:4b:
fc:2c:ff:f4:2a:10:d9:10:85:5e:1a:27:7d:78:f7:
a6:91:5b:ba:95:fa:12:57:6b:6e:b2:f1:6f:0b:66:
e4:2f:4d:34:01:f5:65:46:2a:ba:26:aa:ee:5d:4a:
3f:21:d8:65:c5:81:18:d4:cc:b2:f7:57:9e:b7:c2:
8e:85:f4:37:ec:91:f0:19:7f:53:4d:ba:5a:0b:61:
63:82:0e:17:e8:cf:6d:88:9f:98:2f:d8:3e:86:35:
53:97:db:e2:02:cf:55:06:03:68:4b:59:58:d5:db:
b3:e4:e1:40:0c:ca:a2:95:83:3b:77:2b:42:8a:ab:
3f:72:be:be:b3:f6:d5:47:0e:10:14:f5:02:69:3e:
b3:87:7b:11:aa:e4:25:41:5b:44:21:d2:71:e3:4d:
31:52:c5:b7:81:33:f3:22:c8:10:5c:5e:21:75:8d:
09:59:0c:e0:7a:9d:7e:9d:34:6e:ab:30:64:f3:da:
52:50:f4:08:97:0a:e3:39:46:36:bd:2d:cb:3e:59:
e7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:14:B1:48:65:95:62:11:5A:10:39:55:38:A8:4A:E3:15:49:9F:94
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:6000::/40
Signature Algorithm: sha256WithRSAEncryption
12:ba:36:65:a6:ef:fe:fd:f1:dc:55:fc:14:52:cb:b3:27:eb:
bf:1f:24:1a:ad:22:82:52:be:20:47:4a:79:f3:ee:b1:90:d0:
1b:6d:f8:1a:9b:80:b2:10:cf:03:a0:af:f3:d8:4f:16:79:0a:
44:85:8b:f2:43:a6:39:49:66:49:2a:9c:d5:13:ac:99:76:08:
54:2a:22:5b:03:82:5e:c7:5f:af:e0:d6:0b:69:c0:d0:20:52:
fa:ec:ae:5f:4f:d4:a1:bb:bb:3a:5e:6a:ee:81:9c:e6:25:bf:
29:03:c1:e2:23:94:19:b3:9e:cb:80:19:f1:fd:9c:ca:c0:38:
27:3c:90:2b:a1:95:0b:b2:0d:30:c8:55:24:a1:54:95:ca:b3:
71:0c:81:b3:65:d6:b8:2a:a3:1d:fc:0d:83:ac:0f:95:e4:72:
4b:02:b1:d9:bd:69:bb:8c:e6:6a:a2:be:6d:b5:57:e8:4c:28:
05:ec:cd:49:b1:4e:3f:68:7a:cd:0f:60:20:27:71:9d:c5:94:
93:8f:38:38:9a:0a:64:b0:6a:db:24:49:46:73:35:52:b5:aa:
62:0d:b0:86:c5:e4:7e:49:07:1b:89:01:f9:7c:5b:38:20:15:
d4:d6:2a:48:ac:01:ef:b4:35:95:41:c3:b4:40:c0:5e:dc:29:
c7:17:e5:39
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOH5Q5ylCwjn7/IX6fUZ8wfC0RkUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTEwNTlaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4MmJjZGMyMGY5ZDM0MDgxYmNiNjM5ZGNiMDA2MDQwNzY3YTEyZWYzZjhi
NmY3MjBkZDAyNWIwMzM5YWMyODMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOKATOeal/5zUygg2XcxpfUBqtA5EySiUlTCRPZmkPEs+W0haJXWRarCGKp
wEoIDvpK34ibPOCnO/5L/Cz/9CoQ2RCFXhonfXj3ppFbupX6EldrbrLxbwtm5C9N
NAH1ZUYquiaq7l1KPyHYZcWBGNTMsvdXnrfCjoX0N+yR8Bl/U026WgthY4IOF+jP
bYifmC/YPoY1U5fb4gLPVQYDaEtZWNXbs+ThQAzKopWDO3crQoqrP3K+vrP21UcO
EBT1Amk+s4d7EarkJUFbRCHSceNNMVLFt4Ez8yLIEFxeIXWNCVkM4Hqdfp00bqsw
ZPPaUlD0CJcK4zlGNr0tyz5Z530CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQPFLFI
ZZViEVoQOVU4qErjFUmflDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjdhOTE5MTAtYTU3Yy00YTA0LThkN2ItNDA0YmNkNWZlY2YyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBg
MA0GCSqGSIb3DQEBCwUAA4IBAQASujZlpu/+/fHcVfwUUsuzJ+u/HyQarSKCUr4g
R0p58+6xkNAbbfgam4CyEM8DoK/z2E8WeQpEhYvyQ6Y5SWZJKpzVE6yZdghUKiJb
A4Jex1+v4NYLacDQIFL67K5fT9Shu7s6XmrugZzmJb8pA8HiI5QZs57LgBnx/ZzK
wDgnPJAroZULsg0wyFUkoVSVyrNxDIGzZda4KqMd/A2DrA+V5HJLArHZvWm7jOZq
or5ttVfoTCgF7M1JsU4/aHrND2AgJ3GdxZSTjzg4mgpksGrbJElGczVStapiDbCG
xeR+SQcbiQH5fFs4IBXU1ipIrAHvtDWVQcO0QMBe3CnHF+U5
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:32:52 2025 by rpki-client