Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6cba8379-da94-4697-867f-03730e03e9ac.roa
File: 6cba8379-da94-4697-867f-03730e03e9ac.roa (raw, json)
Hash identifier: sQyW37JWJ8xZj9ocdIMX+syx01L5GEpCY/29Zfi93yo=
Subject key identifier: E9:0D:7A:37:F4:35:AA:71:E1:B9:4C:79:5A:3C:E0:8C:7E:6F:25:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7AC84D299DF3A1E9F70F7EE39C4C5A33CEF3CB8D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6cba8379-da94-4697-867f-03730e03e9ac.roa
Signing time: Fri 11 Jul 2025 19:50:07 +0000
ROA not before: Fri 11 Jul 2025 19:50:07 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:c8:4d:29:9d:f3:a1:e9:f7:0f:7e:e3:9c:4c:5a:33:ce:f3:cb:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:50:07 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=723eaa1f5aea1c74485f536a0af21812338036b0d0fde346a0398ac93a18fd9e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a2:80:7c:59:18:73:20:dc:ab:06:89:03:85:
8d:2c:48:fe:f3:0c:09:cd:23:96:7c:dc:b0:00:8a:
41:fb:a5:c9:52:ed:b7:6d:69:81:55:e8:d3:62:23:
e7:ab:e1:b3:7d:6b:d8:7f:2d:b9:0b:14:2a:5f:f9:
bd:af:0e:3d:2f:b9:56:8d:e5:73:49:0d:3f:7b:13:
4c:fe:79:b3:5d:b0:d2:30:33:ca:d1:ef:cd:b4:f1:
75:82:f7:81:9c:99:40:b0:50:cd:e7:95:db:6d:da:
db:37:fa:fe:a3:38:91:60:4b:c7:89:65:d8:74:0a:
eb:8f:9b:15:92:45:1d:db:f8:e6:9c:07:83:6f:e3:
14:83:3e:2a:52:e3:0c:9f:e5:f8:e0:09:2b:1f:f7:
69:ad:85:3c:5b:f7:1d:7e:54:d7:65:1f:80:e6:5d:
45:92:f4:75:b3:fd:62:37:60:f0:43:5e:58:85:1c:
a7:f0:b3:22:1b:97:9e:36:5e:66:d2:a6:46:0c:63:
b5:c3:50:84:ca:e4:80:eb:f5:a2:e0:94:33:ce:ea:
3e:6a:77:5f:97:92:56:e2:09:02:d9:19:c3:e9:8a:
d4:1d:13:eb:ae:25:35:92:7d:4e:be:5c:16:de:01:
fc:fe:dd:f3:ac:12:eb:da:7f:ec:c3:1f:d8:23:d4:
64:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:0D:7A:37:F4:35:AA:71:E1:B9:4C:79:5A:3C:E0:8C:7E:6F:25:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6cba8379-da94-4697-867f-03730e03e9ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8000::/40
Signature Algorithm: sha256WithRSAEncryption
bd:5e:be:c0:c2:b0:59:71:a0:be:82:74:99:07:f1:4b:b1:d5:
b5:6d:bd:ff:03:d2:1f:fb:4e:5f:b1:c0:e4:bb:a8:04:fc:ea:
74:67:7e:99:d8:99:14:c3:5a:5c:1d:99:d4:29:a3:67:17:df:
43:7c:25:e3:08:7c:6f:31:fe:2b:76:47:62:02:99:2c:25:8f:
41:d1:92:57:f1:a1:1a:7e:af:45:2c:33:91:7e:1d:59:d5:b8:
81:d0:11:cd:73:54:8c:65:dc:ce:aa:c5:2d:70:8f:d7:28:b5:
c5:ad:d4:4e:16:09:3f:59:af:7e:6e:cd:27:30:6f:f5:9c:a5:
23:71:54:05:b4:44:6e:ca:4f:7f:9b:27:a8:2c:82:ba:4f:0d:
be:57:59:4a:65:7f:80:9e:b2:cb:a9:9b:df:11:20:00:af:78:
cc:b6:f4:f1:aa:ba:95:08:2e:9d:25:a5:83:22:cc:64:a2:c8:
e9:da:da:9f:c2:98:bc:cc:25:30:e3:a9:1f:30:04:30:4e:cb:
ba:50:b0:55:66:f1:71:bd:63:48:f5:3d:51:c6:a7:56:5c:16:
aa:37:37:fd:13:33:37:0f:fd:71:08:84:6e:70:c1:c3:8a:16:
f7:aa:7a:19:96:f2:35:b6:b3:a0:3f:07:3d:cb:fd:83:96:88:
ef:85:ee:4f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeshNKZ3zoen3D37jnExaM87zy40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUwMDdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyM2VhYTFmNWFlYTFjNzQ0ODVmNTM2YTBhZjIxODEyMzM4MDM2YjBkMGZk
ZTM0NmEwMzk4YWM5M2ExOGZkOWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWigHxZGHMg3KsGiQOFjSxI/vMMCc0jlnzcsACKQfulyVLtt21pgVXo02Ij
56vhs31r2H8tuQsUKl/5va8OPS+5Vo3lc0kNP3sTTP55s12w0jAzytHvzbTxdYL3
gZyZQLBQzeeV223a2zf6/qM4kWBLx4ll2HQK64+bFZJFHdv45pwHg2/jFIM+KlLj
DJ/l+OAJKx/3aa2FPFv3HX5U12UfgOZdRZL0dbP9Yjdg8ENeWIUcp/CzIhuXnjZe
ZtKmRgxjtcNQhMrkgOv1ouCUM87qPmp3X5eSVuIJAtkZw+mK1B0T664lNZJ9Tr5c
Ft4B/P7d86wS69p/7MMf2CPUZOMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTpDXo3
9DWqceG5THlaPOCMfm8lLjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmNiYTgzNzktZGE5NC00Njk3LTg2N2YtMDM3MzBlMDNlOWFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWA
MA0GCSqGSIb3DQEBCwUAA4IBAQC9Xr7AwrBZcaC+gnSZB/FLsdW1bb3/A9If+05f
scDku6gE/Op0Z36Z2JkUw1pcHZnUKaNnF99DfCXjCHxvMf4rdkdiApksJY9B0ZJX
8aEafq9FLDORfh1Z1biB0BHNc1SMZdzOqsUtcI/XKLXFrdROFgk/Wa9+bs0nMG/1
nKUjcVQFtERuyk9/myeoLIK6Tw2+V1lKZX+AnrLLqZvfESAAr3jMtvTxqrqVCC6d
JaWDIsxkosjp2tqfwpi8zCUw46kfMAQwTsu6ULBVZvFxvWNI9T1RxqdWXBaqNzf9
EzM3D/1xCIRucMHDihb3qnoZlvI1trOgPwc9y/2Dlojvhe5P
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:35 2025 by rpki-client