Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa
File: 68ece0e7-075e-4bcd-873e-0c74882a8546.roa (raw, json)
Hash identifier: BdilsicgJMp4METZtLQ2H5IhNv2o/INURMkNrnE07Mg=
Subject key identifier: 58:C7:BF:A1:AE:A1:E0:92:A7:C0:2D:45:1D:DB:04:7E:FE:4B:1E:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E36FDACE1DDD30F04C1E1E09D25B7B3DEACC0AD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa
Signing time: Fri 11 Jul 2025 19:20:08 +0000
ROA not before: Fri 11 Jul 2025 19:20:08 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:36:fd:ac:e1:dd:d3:0f:04:c1:e1:e0:9d:25:b7:b3:de:ac:c0:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:20:08 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=59aef2f703e069435beb56f7bc25100343d34923a7c5eb4c082becf9aa62e0d6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:85:c9:9d:f2:e3:fd:d6:46:ea:f7:75:47:58:
d7:bf:ad:cb:4a:d3:d4:76:83:8f:91:2e:e3:e9:56:
c9:7e:96:5f:77:92:5c:19:47:90:2d:5c:99:da:f6:
39:1c:a5:8b:2d:4c:5b:60:9a:89:24:b6:e8:81:ac:
32:30:dd:22:9d:9c:1f:f4:bb:08:9b:2a:af:a7:91:
ca:be:8f:06:0c:64:35:a2:95:ea:76:4e:cd:74:08:
bd:78:ab:06:b7:8b:44:98:2d:18:18:26:a2:b7:94:
98:0e:60:2b:8f:e1:25:55:5a:27:04:99:94:bd:b0:
41:ca:fd:c3:c2:5b:50:bd:6b:2f:c4:e3:db:73:e9:
91:71:05:22:2e:17:b8:83:41:ca:06:9a:26:05:f5:
1f:53:b2:e7:f0:3f:34:5d:dc:1e:5e:1a:8f:34:64:
82:b9:c9:28:05:09:05:f7:16:9a:ce:99:a6:a1:66:
48:be:30:7a:ca:4a:ba:df:af:73:bd:3a:e1:15:0e:
17:06:6e:17:4a:9f:9d:75:87:05:64:b8:48:53:11:
56:62:0e:b7:18:d2:cb:2f:45:0c:3d:4c:69:1a:27:
d7:a3:43:8f:01:68:7c:1d:51:41:9b:ce:28:1b:62:
3a:ca:49:21:30:e2:5e:05:02:7e:8f:ad:65:66:ae:
4d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:C7:BF:A1:AE:A1:E0:92:A7:C0:2D:45:1D:DB:04:7E:FE:4B:1E:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68ece0e7-075e-4bcd-873e-0c74882a8546.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8080::/48
Signature Algorithm: sha256WithRSAEncryption
07:1a:d9:4f:41:58:d6:8a:ae:92:4e:f7:ab:d0:21:4d:40:35:
e1:7f:11:6c:b1:82:71:a7:07:d8:bd:f3:3d:d0:c7:8e:7a:74:
f3:5e:17:95:d0:fd:68:d8:f9:fe:a6:cb:36:86:0e:b4:e6:57:
b2:5a:ce:7e:e7:6e:7e:0f:96:eb:f5:f9:86:a7:6a:a9:90:23:
d5:fe:bd:a7:47:97:54:41:30:15:2e:aa:c4:04:c6:d6:5d:39:
a2:af:ff:a2:54:72:84:24:d7:7d:63:c6:d7:c9:46:4f:4b:47:
04:84:11:cd:92:3f:6f:92:b3:27:55:43:4b:07:c1:94:4c:e4:
60:e8:d1:3b:c2:37:7f:81:ac:21:98:82:62:83:f2:da:aa:c1:
3e:0e:99:9f:5e:5c:07:43:ad:48:5e:b2:34:29:c5:77:61:e5:
cf:fe:0d:9f:86:54:78:f6:f5:8f:be:e2:c0:1b:2b:ae:58:59:
99:3c:ff:89:52:8d:f9:44:89:68:62:6e:ae:d7:96:4b:0f:b3:
53:23:3a:61:1d:c6:33:ed:1c:da:35:56:e6:e6:42:88:fe:2a:
14:39:a2:da:d8:c1:c6:9c:4e:20:d7:06:02:3a:a5:0b:c0:ad:
92:f0:ab:e4:44:f6:c4:e2:58:ed:b8:16:71:64:91:a5:95:cd:
92:ec:99:3e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTjb9rOHd0w8EweHgnSW3s96swK0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIwMDhaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5YWVmMmY3MDNlMDY5NDM1YmViNTZmN2JjMjUxMDAzNDNkMzQ5MjNhN2M1
ZWI0YzA4MmJlY2Y5YWE2MmUwZDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+FyZ3y4/3WRur3dUdY17+ty0rT1HaDj5Eu4+lWyX6WX3eSXBlHkC1cmdr2
ORyliy1MW2CaiSS26IGsMjDdIp2cH/S7CJsqr6eRyr6PBgxkNaKV6nZOzXQIvXir
BreLRJgtGBgmoreUmA5gK4/hJVVaJwSZlL2wQcr9w8JbUL1rL8Tj23PpkXEFIi4X
uINBygaaJgX1H1Oy5/A/NF3cHl4ajzRkgrnJKAUJBfcWms6ZpqFmSL4wespKut+v
c7064RUOFwZuF0qfnXWHBWS4SFMRVmIOtxjSyy9FDD1MaRon16NDjwFofB1RQZvO
KBtiOspJITDiXgUCfo+tZWauTYcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRYx7+h
rqHgkqfALUUd2wR+/kseQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhlY2UwZTctMDc1ZS00YmNkLTg3M2UtMGM3NDg4MmE4NTQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
gDANBgkqhkiG9w0BAQsFAAOCAQEABxrZT0FY1oqukk73q9AhTUA14X8RbLGCcacH
2L3zPdDHjnp0814XldD9aNj5/qbLNoYOtOZXslrOfudufg+W6/X5hqdqqZAj1f69
p0eXVEEwFS6qxATG1l05oq//olRyhCTXfWPG18lGT0tHBIQRzZI/b5KzJ1VDSwfB
lEzkYOjRO8I3f4GsIZiCYoPy2qrBPg6Zn15cB0OtSF6yNCnFd2Hlz/4Nn4ZUePb1
j77iwBsrrlhZmTz/iVKN+USJaGJurteWSw+zUyM6YR3GM+0c2jVW5uZCiP4qFDmi
2tjBxpxOINcGAjqlC8CtkvCr5ET2xOJY7bgWcWSRpZXNkuyZPg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:35:45 2025 by rpki-client