Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa
File: 70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa (raw, json)
Hash identifier: h9m1+gBqreTnFydtBeRh1zmRpTlHIPYNznr3Ado5epA=
Subject key identifier: 54:31:A7:C2:68:76:6A:5D:5D:B2:05:5A:55:DC:67:F6:F8:A0:2C:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2885188126393BFF13102F2C53FEBCDA23A83479
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa
Signing time: Fri 11 Jul 2025 20:20:09 +0000
ROA not before: Fri 11 Jul 2025 20:20:09 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:85:18:81:26:39:3b:ff:13:10:2f:2c:53:fe:bc:da:23:a8:34:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:20:09 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=90f30f12c5abbe6a471a0f80ebf06afa0d6d80cffca79288ba0e18742cedc895, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:81:c6:91:92:58:52:9c:99:0f:6a:6d:7f:90:
87:08:f8:58:74:7c:ed:f2:6d:32:25:79:09:de:f7:
a5:cc:cd:b1:65:11:9d:34:dd:e1:3d:58:0d:0d:07:
27:44:66:4d:06:00:d3:a0:ad:6e:23:37:52:2d:f6:
e0:47:4f:da:0c:29:cc:0f:12:9f:94:01:48:dd:16:
1b:ef:90:2f:7f:09:66:de:77:f4:b7:ce:4c:59:b4:
39:15:3b:9b:c4:96:bf:a0:e3:27:d6:4e:79:9d:76:
5b:ea:1d:90:24:c3:58:ea:45:b0:5d:19:37:26:c9:
e1:ef:88:07:67:b7:11:45:2c:a1:00:c0:86:c3:c3:
ea:f2:9d:ec:97:9a:8f:68:c6:7c:6e:88:51:9f:6d:
04:09:7c:9c:89:21:d3:34:17:1a:20:3e:a3:c7:90:
02:c0:3e:b7:15:20:cb:be:e3:ae:ce:ec:08:4f:b6:
2f:ac:79:0d:21:08:01:5d:7a:0d:5e:6a:d0:40:1e:
8f:68:5a:1e:85:9a:62:e5:b1:59:27:59:35:90:56:
05:fc:01:54:47:ba:23:5e:16:e7:f0:d1:0a:cd:b7:
ee:b8:86:74:f9:25:14:6f:5d:22:cc:0f:fb:9d:65:
81:25:8f:37:d3:2e:23:be:74:a1:fe:b7:3d:68:1a:
8c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:31:A7:C2:68:76:6A:5D:5D:B2:05:5A:55:DC:67:F6:F8:A0:2C:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:e000::/40
Signature Algorithm: sha256WithRSAEncryption
15:ce:9a:18:24:6c:9b:55:24:08:99:d7:da:86:56:5a:ec:72:
5c:1b:e4:4b:bb:65:e5:2a:02:0b:5a:e6:9a:35:41:1c:49:83:
7f:fd:6a:d0:01:e4:03:25:18:c9:b6:0e:5e:7c:06:90:18:0e:
33:73:08:b6:81:d2:84:37:a4:09:55:90:e0:b6:fd:cc:74:21:
f9:12:53:78:a5:63:50:68:b4:35:20:be:bc:c2:21:07:19:78:
f1:52:ff:93:4f:20:ae:f5:e0:6e:5e:4f:8d:e7:30:6a:96:52:
94:57:3f:0d:85:45:c6:c5:45:66:bd:11:7c:b1:f2:95:d6:e7:
53:2d:b0:a0:13:01:80:49:ca:36:8f:ea:b8:14:2d:0d:54:44:
c7:fe:60:ab:8c:77:5c:fb:3c:43:60:70:4b:14:10:7f:25:43:
dc:66:57:0f:b4:49:1b:89:2c:d5:19:f2:78:2b:f2:44:63:0b:
d2:08:d6:76:db:05:10:6f:55:bd:c5:68:d2:02:97:f9:d0:79:
b6:08:b2:a2:14:03:76:1c:01:6a:c1:ad:23:a4:f1:6d:2d:22:
f9:f2:67:6f:8e:05:a2:a8:80:a8:d9:05:eb:5f:44:3e:76:48:
e4:e7:5f:8b:ec:d3:e6:e7:c2:45:95:0b:a2:78:98:b2:af:16:
aa:c5:b8:71
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKIUYgSY5O/8TEC8sU/682iOoNHkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDIwMDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwZjMwZjEyYzVhYmJlNmE0NzFhMGY4MGViZjA2YWZhMGQ2ZDgwY2ZmY2E3
OTI4OGJhMGUxODc0MmNlZGM4OTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMSBxpGSWFKcmQ9qbX+Qhwj4WHR87fJtMiV5Cd73pczNsWURnTTd4T1YDQ0H
J0RmTQYA06CtbiM3Ui324EdP2gwpzA8Sn5QBSN0WG++QL38JZt539LfOTFm0ORU7
m8SWv6DjJ9ZOeZ12W+odkCTDWOpFsF0ZNybJ4e+IB2e3EUUsoQDAhsPD6vKd7Jea
j2jGfG6IUZ9tBAl8nIkh0zQXGiA+o8eQAsA+txUgy77jrs7sCE+2L6x5DSEIAV16
DV5q0EAej2haHoWaYuWxWSdZNZBWBfwBVEe6I14W5/DRCs237riGdPklFG9dIswP
+51lgSWPN9MuI750of63PWgajCECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRUMafC
aHZqXV2yBVpV3Gf2+KAsmTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzBhMmJjNmYtYWUwZi00ZjEzLTk0OTktNzhjNTA1YTVmN2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fjg
MA0GCSqGSIb3DQEBCwUAA4IBAQAVzpoYJGybVSQImdfahlZa7HJcG+RLu2XlKgIL
WuaaNUEcSYN//WrQAeQDJRjJtg5efAaQGA4zcwi2gdKEN6QJVZDgtv3MdCH5ElN4
pWNQaLQ1IL68wiEHGXjxUv+TTyCu9eBuXk+N5zBqllKUVz8NhUXGxUVmvRF8sfKV
1udTLbCgEwGASco2j+q4FC0NVETH/mCrjHdc+zxDYHBLFBB/JUPcZlcPtEkbiSzV
GfJ4K/JEYwvSCNZ22wUQb1W9xWjSApf50Hm2CLKiFAN2HAFqwa0jpPFtLSL58mdv
jgWiqICo2QXrX0Q+dkjk51+L7NPm58JFlQuieJiyrxaqxbhx
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:34:34 2025 by rpki-client