Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
File: 68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa (raw, json)
Hash identifier: AFk+wGllf4BCRWInBth/lgjIQUlP6/5c/yZPEoy9NPI=
Subject key identifier: D6:1D:AE:D4:D4:3A:66:23:EC:6C:6D:F6:15:67:74:CD:AA:1B:DF:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F9032B078EC4CAEB5CD3D9FC42D75757AC14217
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
Signing time: Fri 11 Jul 2025 20:21:46 +0000
ROA not before: Fri 11 Jul 2025 20:21:46 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:90:32:b0:78:ec:4c:ae:b5:cd:3d:9f:c4:2d:75:75:7a:c1:42:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:21:46 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=ed2231b460f0c3f6cd8f14f961d0846176103f5fb89b3fc429874ec804c073ce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6e:4c:11:bf:2c:65:3c:53:53:52:7a:c5:6d:
47:b7:87:74:eb:07:e8:47:cb:aa:83:17:7c:a4:48:
de:07:aa:98:8f:94:57:05:fb:2d:2a:46:37:51:7d:
0a:17:1b:c5:84:c6:28:ce:09:37:a7:31:ab:69:e7:
1f:28:4a:6c:bc:2b:bb:93:ef:5c:c1:77:0d:06:99:
53:8d:2e:58:cd:43:c1:56:28:58:6f:9b:91:cd:cf:
18:85:a4:25:e6:9a:5f:36:93:5c:a3:28:80:9a:12:
13:22:3e:70:e9:d2:43:75:bf:c4:70:17:1e:68:48:
6d:55:a4:5a:a5:12:e2:be:42:45:aa:1d:b4:e5:98:
52:91:ff:ee:46:9f:3d:7a:c6:12:3c:19:71:a8:f0:
8f:48:e8:b2:40:a7:32:9f:c2:e9:89:5b:a8:cb:05:
95:d6:2a:50:d5:69:c7:13:2f:52:a2:49:d0:44:87:
81:37:00:62:86:26:38:e8:af:0a:dc:82:00:6a:a0:
f4:e4:9d:03:a7:d8:6c:69:3f:b5:d4:45:4b:48:26:
5f:19:02:19:8b:33:93:f9:50:21:e8:00:62:e2:db:
5d:b3:fe:e4:14:f5:b3:17:b3:51:d5:a1:b1:7a:8e:
78:fc:af:bd:09:d1:68:4a:3e:f6:48:fe:ec:d7:17:
27:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:1D:AE:D4:D4:3A:66:23:EC:6C:6D:F6:15:67:74:CD:AA:1B:DF:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:a000::/40
Signature Algorithm: sha256WithRSAEncryption
7d:6b:7d:a8:aa:75:2b:de:b7:b7:aa:af:92:01:84:1d:5b:c3:
98:96:52:53:73:02:40:ba:2f:be:a0:f5:d2:4a:05:46:1b:10:
49:b0:21:2f:a8:56:8c:4b:e0:f5:ff:b3:a5:69:f0:43:ae:7d:
d3:d6:9d:aa:65:84:d4:2e:b3:79:d5:3e:0c:01:03:8d:70:7c:
de:07:73:68:62:47:f2:c7:1b:63:e1:84:d3:81:ae:f0:6d:c1:
d1:3a:49:d8:16:86:d3:e9:64:34:fc:4b:f6:5a:45:18:60:9e:
23:93:bd:d6:bb:c9:42:47:14:06:47:ad:3d:30:b3:29:5e:6b:
52:29:db:84:76:d9:b8:fe:8f:48:78:9e:92:55:59:a4:eb:6e:
21:1c:c3:38:6b:38:cf:81:af:00:7f:04:55:d0:79:61:39:df:
76:c3:7d:fb:b1:1f:e7:62:1f:e8:0e:c8:dc:77:b3:65:69:09:
0a:91:51:d4:1c:d7:32:b3:ef:70:4b:19:c9:1c:31:61:33:ec:
f8:2e:76:f4:b0:e8:2e:7d:0a:09:93:31:64:d5:5a:95:31:da:
03:f4:2d:4b:fa:f4:1c:37:de:d4:8b:df:61:9e:c5:5c:1b:16:
a6:5a:49:e4:e9:c5:47:ab:c2:aa:5d:7d:1d:7f:aa:f0:8e:d5:
c7:02:2d:b5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH5AysHjsTK61zT2fxC11dXrBQhcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDIxNDZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkMjIzMWI0NjBmMGMzZjZjZDhmMTRmOTYxZDA4NDYxNzYxMDNmNWZiODli
M2ZjNDI5ODc0ZWM4MDRjMDczY2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBuTBG/LGU8U1NSesVtR7eHdOsH6EfLqoMXfKRI3geqmI+UVwX7LSpGN1F9
ChcbxYTGKM4JN6cxq2nnHyhKbLwru5PvXMF3DQaZU40uWM1DwVYoWG+bkc3PGIWk
JeaaXzaTXKMogJoSEyI+cOnSQ3W/xHAXHmhIbVWkWqUS4r5CRaodtOWYUpH/7kaf
PXrGEjwZcajwj0joskCnMp/C6YlbqMsFldYqUNVpxxMvUqJJ0ESHgTcAYoYmOOiv
CtyCAGqg9OSdA6fYbGk/tdRFS0gmXxkCGYszk/lQIegAYuLbXbP+5BT1sxezUdWh
sXqOePyvvQnRaEo+9kj+7NcXJysCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTWHa7U
1DpmI+xsbfYVZ3TNqhvfijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhkNWQ5MzQtZmVkNi00OWE1LWFlMDMtYTI4YTU4NmU5YzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fig
MA0GCSqGSIb3DQEBCwUAA4IBAQB9a32oqnUr3re3qq+SAYQdW8OYllJTcwJAui++
oPXSSgVGGxBJsCEvqFaMS+D1/7OlafBDrn3T1p2qZYTULrN51T4MAQONcHzeB3No
Ykfyxxtj4YTTga7wbcHROknYFobT6WQ0/Ev2WkUYYJ4jk73Wu8lCRxQGR609MLMp
XmtSKduEdtm4/o9IeJ6SVVmk624hHMM4azjPga8AfwRV0HlhOd92w337sR/nYh/o
Dsjcd7NlaQkKkVHUHNcys+9wSxnJHDFhM+z4Lnb0sOgufQoJkzFk1VqVMdoD9C1L
+vQcN97Ui99hnsVcGxamWknk6cVHq8KqXX0df6rwjtXHAi21
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:14 2025 by rpki-client