Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
File: 68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa (raw, json)
Hash identifier: zNXd1Qyt5BU+RBpJlFDjknYG9RvJlosHSMBR0t4clMU=
Subject key identifier: DC:FB:83:C6:BC:A7:B7:86:74:47:94:C9:A5:C0:A5:7B:FD:0A:B1:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 402795A107EB59E675CC54C8576B086FAD488F46
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
Signing time: Mon 21 Jul 2025 16:40:04 +0000
ROA not before: Mon 21 Jul 2025 16:40:04 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:27:95:a1:07:eb:59:e6:75:cc:54:c8:57:6b:08:6f:ad:48:8f:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:40:04 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=a38b32feedb57d268c4de851db9916647b093400f2712e7c8541f8a3c1239bcb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e1:33:99:64:5f:ce:62:e0:ce:12:7c:f9:d5:
ac:f2:ec:53:10:42:be:a3:ff:ae:2a:e8:02:43:75:
69:db:a4:00:63:79:e8:4c:4f:12:01:e2:4c:92:13:
8e:0f:ad:67:5e:d1:f0:2e:08:ce:b1:a2:02:8a:65:
2f:cc:45:a1:86:5e:25:46:89:45:0e:29:84:1e:87:
cf:96:a3:d5:db:18:aa:f1:2b:7a:7b:df:5d:16:3b:
86:30:3a:1a:e5:ca:55:36:d8:61:2c:e4:de:5c:24:
d9:df:b0:fe:63:8a:2f:63:b9:a3:e2:2a:d7:a4:57:
1a:fa:e7:fb:0f:3f:f5:c3:69:46:74:5b:71:d2:f9:
a7:23:03:1f:a7:5f:de:06:5e:c9:54:0b:b3:7d:90:
d0:a6:7f:5e:ad:ab:a8:a2:16:dc:d7:7a:f3:43:de:
38:8c:f2:61:4a:15:cd:92:20:b6:52:db:ad:36:70:
34:c1:a7:f2:69:07:6f:6d:39:c5:7b:2a:af:1a:d4:
48:0f:79:e6:51:f8:fe:66:73:2c:66:bb:9b:ed:9b:
b8:2d:3b:26:6e:bf:47:5c:ea:87:44:f0:37:86:09:
35:bb:98:91:c0:21:36:75:5d:bb:66:d8:41:1f:3a:
0c:ba:d9:37:f0:44:18:43:43:dc:90:6d:8a:b9:7e:
82:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:FB:83:C6:BC:A7:B7:86:74:47:94:C9:A5:C0:A5:7B:FD:0A:B1:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c000::/40
Signature Algorithm: sha256WithRSAEncryption
5e:90:e4:b1:4a:95:7d:ed:b4:b3:b5:3a:b1:03:e3:4d:4d:97:
8c:20:e1:e4:9d:0b:9f:ca:07:a4:a9:54:ce:96:3b:16:aa:7c:
11:2b:00:b2:a0:aa:b2:fd:19:82:d6:dc:2c:92:da:18:2b:a8:
93:c1:71:57:4f:3c:db:25:b3:4b:0a:ac:52:ef:ec:a0:00:f0:
63:67:4d:dd:c0:5b:ac:95:51:51:55:fa:ac:1c:3f:84:70:68:
c5:6a:c9:a1:57:7f:b0:25:d8:79:5b:6f:e1:33:a5:6a:a7:3b:
98:d4:02:3a:03:e3:45:c6:d1:4e:21:b6:dd:a1:4c:6d:9c:3a:
26:88:81:7b:42:b2:7e:b2:5d:ed:07:f4:33:60:50:d5:a0:96:
37:db:ef:68:cf:20:ef:4a:49:ad:90:75:92:1c:05:79:52:cf:
21:23:37:16:df:95:d9:5e:03:41:f1:82:6a:7d:78:df:54:7b:
d9:44:73:10:01:9a:a9:bd:37:18:6d:44:7f:6c:78:26:49:d4:
25:8a:30:89:8d:14:27:c5:6a:ac:dd:01:32:56:63:d1:49:3d:
d3:69:3b:41:73:03:71:46:77:95:7f:e0:f0:bf:37:24:c9:3c:
62:fe:29:ea:bd:89:a9:6e:a3:77:d1:82:d0:2e:06:ff:9c:ac:
f2:fd:83:2d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQCeVoQfrWeZ1zFTIV2sIb61Ij0YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjQwMDRaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzOGIzMmZlZWRiNTdkMjY4YzRkZTg1MWRiOTkxNjY0N2IwOTM0MDBmMjcx
MmU3Yzg1NDFmOGEzYzEyMzliY2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3hM5lkX85i4M4SfPnVrPLsUxBCvqP/riroAkN1adukAGN56ExPEgHiTJIT
jg+tZ17R8C4IzrGiAoplL8xFoYZeJUaJRQ4phB6Hz5aj1dsYqvErenvfXRY7hjA6
GuXKVTbYYSzk3lwk2d+w/mOKL2O5o+Iq16RXGvrn+w8/9cNpRnRbcdL5pyMDH6df
3gZeyVQLs32Q0KZ/Xq2rqKIW3Nd680PeOIzyYUoVzZIgtlLbrTZwNMGn8mkHb205
xXsqrxrUSA955lH4/mZzLGa7m+2buC07Jm6/R1zqh0TwN4YJNbuYkcAhNnVdu2bY
QR86DLrZN/BEGEND3JBtirl+gr8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTc+4PG
vKe3hnRHlMmlwKV7/QqxWTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhiNmZkM2UtZTA2Yy00NDU2LWJkODgtNmU4ZDljZTkyYjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HLA
MA0GCSqGSIb3DQEBCwUAA4IBAQBekOSxSpV97bSztTqxA+NNTZeMIOHknQufygek
qVTOljsWqnwRKwCyoKqy/RmC1twsktoYK6iTwXFXTzzbJbNLCqxS7+ygAPBjZ03d
wFuslVFRVfqsHD+EcGjFasmhV3+wJdh5W2/hM6VqpzuY1AI6A+NFxtFOIbbdoUxt
nDomiIF7QrJ+sl3tB/QzYFDVoJY32+9ozyDvSkmtkHWSHAV5Us8hIzcW35XZXgNB
8YJqfXjfVHvZRHMQAZqpvTcYbUR/bHgmSdQlijCJjRQnxWqs3QEyVmPRST3TaTtB
cwNxRneVf+DwvzckyTxi/inqvYmpbqN30YLQLgb/nKzy/YMt
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:48 2025 by rpki-client