Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
File: 72c1c04d-5c77-431c-825c-1633fac1964d.roa (raw, json)
Hash identifier: 3SrNGO1jwwAh/m3VGpCb2NRGmRxhz8QZKk3S7JApW8I=
Subject key identifier: F9:56:23:DF:43:66:95:9B:1B:ED:3F:2F:9A:F2:85:22:73:CA:AF:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2972C04CFE8F33371970AE8047BFF274E4AFA837
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
Signing time: Fri 11 Jul 2025 19:31:25 +0000
ROA not before: Fri 11 Jul 2025 19:31:25 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8030::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:72:c0:4c:fe:8f:33:37:19:70:ae:80:47:bf:f2:74:e4:af:a8:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:31:25 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=2d999a8955e49798e8f6f88ce4f357ee0584a003743325cfdbcbe42578dff9f7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:31:bb:bb:cc:e8:06:e8:83:1d:0b:60:cc:5f:
42:dc:95:1e:12:7e:7d:d5:29:7d:29:9d:a2:6a:c1:
64:ad:ee:fe:49:e5:f5:08:e5:c4:5a:74:39:aa:62:
4b:1b:0b:76:09:2d:ea:28:fa:c1:73:8b:9f:e5:9a:
f9:7e:0a:a9:ae:a9:f7:b9:bd:7c:88:4d:da:02:18:
27:60:3d:a1:46:58:51:90:43:bf:48:99:9d:35:fc:
08:df:d6:00:d0:79:e0:4c:ac:7b:54:03:a5:e4:25:
e4:7d:94:31:77:86:0e:c2:ba:9e:9a:da:cc:45:6a:
87:b2:fb:a6:b8:56:51:f0:a7:67:78:c2:5b:2d:3d:
98:82:47:a3:b0:82:45:de:f4:48:da:37:51:6e:b2:
4f:eb:00:15:4f:12:b2:1c:1b:df:68:1f:3d:85:76:
e2:9a:57:b1:70:d9:6b:23:09:c4:7f:2a:7b:48:90:
2a:82:4e:00:bb:ea:1c:a2:2e:d4:75:7b:53:8c:1e:
8f:5a:41:8d:0a:ff:93:23:f1:9c:5f:8a:3c:c5:00:
e7:c3:15:ec:d1:e1:b9:46:1e:ac:6c:0a:7e:65:47:
65:6b:df:e9:ca:d0:0b:ac:9b:f3:43:9b:37:5b:cb:
70:b0:38:d8:e9:2f:e5:6b:98:2a:7d:16:4e:64:71:
b0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:56:23:DF:43:66:95:9B:1B:ED:3F:2F:9A:F2:85:22:73:CA:AF:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8030::/48
Signature Algorithm: sha256WithRSAEncryption
6b:66:84:16:b8:6f:e3:0a:e8:fb:a0:99:1f:dc:1a:ff:dd:c5:
4b:08:6c:4c:e4:fa:c2:5e:b2:48:9d:bc:89:81:e2:fc:03:37:
cd:12:d4:21:59:2f:b1:15:f2:02:8a:df:53:c4:60:c8:97:73:
6e:39:3a:46:dd:e5:ab:d1:cc:de:e3:57:46:ff:a0:c6:04:52:
62:a5:96:60:0a:40:71:4a:98:24:ac:f8:80:56:9f:ce:c9:2a:
be:7e:21:23:06:fd:2b:3d:8a:4c:9a:f7:2f:8f:62:b4:41:5b:
63:11:19:27:54:df:a5:6e:c0:58:81:cb:90:c0:a7:cf:48:fb:
25:a6:f6:6d:2b:22:3a:24:94:ae:a7:1b:d2:45:f4:71:8e:90:
42:4a:42:dc:6f:63:18:b7:87:9c:f6:3e:da:51:9a:7b:09:aa:
7d:1d:1e:3e:2e:db:1e:f4:d1:5e:a1:ba:bc:18:18:d4:4a:dd:
cc:75:c8:6a:74:ae:c8:18:91:31:aa:49:fa:40:12:ee:e2:81:
9a:12:40:d2:e6:f5:f4:db:57:37:37:2a:7a:81:b2:3f:62:98:
c3:79:ba:d5:f4:d0:e6:60:4b:c5:ee:ae:59:2f:ef:85:6e:bb:
00:b4:fa:a3:fe:ff:c7:84:74:ab:1c:20:7c:63:6b:5d:45:27:
93:c4:56:38
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKXLATP6PMzcZcK6AR7/ydOSvqDcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMxMjVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkOTk5YTg5NTVlNDk3OThlOGY2Zjg4Y2U0ZjM1N2VlMDU4NGEwMDM3NDMz
MjVjZmRiY2JlNDI1NzhkZmY5ZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJcxu7vM6Abogx0LYMxfQtyVHhJ+fdUpfSmdomrBZK3u/knl9QjlxFp0Oapi
SxsLdgkt6ij6wXOLn+Wa+X4Kqa6p97m9fIhN2gIYJ2A9oUZYUZBDv0iZnTX8CN/W
ANB54Eyse1QDpeQl5H2UMXeGDsK6nprazEVqh7L7prhWUfCnZ3jCWy09mIJHo7CC
Rd70SNo3UW6yT+sAFU8Sshwb32gfPYV24ppXsXDZayMJxH8qe0iQKoJOALvqHKIu
1HV7U4wej1pBjQr/kyPxnF+KPMUA58MV7NHhuUYerGwKfmVHZWvf6crQC6yb80Ob
N1vLcLA42Okv5WuYKn0WTmRxsKsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT5ViPf
Q2aVmxvtPy+a8oUic8qvpDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzJjMWMwNGQtNWM3Ny00MzFjLTgyNWMtMTYzM2ZhYzE5NjRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
MDANBgkqhkiG9w0BAQsFAAOCAQEAa2aEFrhv4wro+6CZH9wa/93FSwhsTOT6wl6y
SJ28iYHi/AM3zRLUIVkvsRXyAorfU8RgyJdzbjk6Rt3lq9HM3uNXRv+gxgRSYqWW
YApAcUqYJKz4gFafzskqvn4hIwb9Kz2KTJr3L49itEFbYxEZJ1TfpW7AWIHLkMCn
z0j7Jab2bSsiOiSUrqcb0kX0cY6QQkpC3G9jGLeHnPY+2lGaewmqfR0ePi7bHvTR
XqG6vBgY1ErdzHXIanSuyBiRMapJ+kAS7uKBmhJA0ub19NtXNzcqeoGyP2KYw3m6
1fTQ5mBLxe6uWS/vhW67ALT6o/7/x4R0qxwgfGNrXUUnk8RWOA==
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:16 2025 by rpki-client