Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72da9f02-356c-4664-864e-e60b7c9e874d.roa
File: 72da9f02-356c-4664-864e-e60b7c9e874d.roa (raw, json)
Hash identifier: DigFRTifwuebYLhCKgaLJFCfiI05NBlZyBeo6Y0lqAs=
Subject key identifier: E3:37:55:30:A8:96:48:3F:84:C8:6F:AD:4F:E4:BD:2A:F4:A9:A3:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71D8C06D99D61E8DF7F16D2267E627D32928F61B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72da9f02-356c-4664-864e-e60b7c9e874d.roa
Signing time: Fri 11 Jul 2025 19:51:10 +0000
ROA not before: Fri 11 Jul 2025 19:51:10 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:c040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:d8:c0:6d:99:d6:1e:8d:f7:f1:6d:22:67:e6:27:d3:29:28:f6:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:51:10 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=7e73c60ec7668cc4cc4d5eb1132961fdedf910f4a57c34bad743f0b3a7982dbe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e9:fb:cd:d3:f4:35:e0:ae:e9:c6:b2:af:9a:
83:82:07:06:e9:34:50:df:e4:2d:26:35:eb:ee:76:
f5:65:ca:de:9e:fb:a2:43:9f:6a:9d:8b:64:c9:9e:
40:f6:8a:42:7b:85:00:64:9b:7a:80:1e:4d:df:e3:
92:a7:68:21:d4:e1:b6:c2:90:b7:ae:0b:b8:12:1b:
07:7b:63:24:08:02:1c:4f:dc:bf:99:59:79:9f:98:
d0:35:f8:72:46:9d:cd:0b:be:ae:cb:9a:e8:a4:9a:
70:ce:ec:f6:ea:72:53:39:5e:63:8c:84:6f:46:f4:
a4:28:2e:cf:60:ca:8f:23:e4:79:3d:54:8c:d4:75:
ff:a8:d8:4f:f5:79:56:e9:20:55:2e:4e:e5:1c:56:
ae:b2:6a:01:4e:21:39:8c:ad:a3:26:57:d8:11:98:
e5:d8:ee:f7:a1:47:8c:5c:47:ba:79:ee:35:7c:8b:
0a:ce:d7:c0:3c:4b:32:c7:a1:a6:49:af:ed:69:74:
58:1c:a2:20:cf:5c:0b:a9:cb:a1:b2:ec:f6:05:0b:
04:82:00:27:e7:46:8c:cc:65:ce:5d:22:b5:b6:44:
6d:27:05:25:72:a7:8e:b4:b8:30:65:46:a8:b9:3b:
4d:7b:92:e2:78:04:b9:4d:78:81:d9:ca:78:aa:6c:
61:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:37:55:30:A8:96:48:3F:84:C8:6F:AD:4F:E4:BD:2A:F4:A9:A3:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72da9f02-356c-4664-864e-e60b7c9e874d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:c040::/46
Signature Algorithm: sha256WithRSAEncryption
11:98:71:1d:da:11:17:30:b6:27:4d:80:08:fd:66:c5:6b:b5:
9d:6b:c9:bc:6a:74:fb:87:f6:51:7b:6f:cd:e9:15:e1:3b:10:
ac:cf:26:18:32:84:ad:05:b9:24:1e:86:46:33:a2:90:6d:3d:
26:30:39:61:42:01:a8:8e:e8:9f:33:d9:48:10:7e:b8:56:c8:
2c:87:32:bd:71:43:bc:4d:c5:79:d7:b0:e1:e5:98:d3:81:7f:
52:43:e3:06:84:bf:fd:5f:41:e1:35:12:9d:e1:9e:cd:bb:a1:
fd:f6:85:77:f7:62:98:fb:f8:ae:d5:20:30:9f:82:c6:96:00:
59:a4:05:a5:a4:d7:6b:02:f7:21:4c:b5:e7:18:96:cd:39:da:
66:2b:40:45:18:10:37:33:ff:6a:48:c8:ca:d1:18:b2:24:94:
59:e0:58:0b:60:9d:25:85:f8:08:ab:62:de:5b:9b:76:a4:d4:
03:bf:4f:e2:c6:4b:c7:57:3e:5d:34:09:13:ac:32:cc:ae:d5:
52:1d:a5:85:4c:a0:b0:3b:fa:ad:11:b3:50:47:7b:0f:f6:1e:
c8:9a:aa:dc:00:70:ff:04:5d:08:24:9e:a2:7c:85:f4:9e:7a:
ed:31:07:de:05:e3:f6:84:14:a5:a8:b0:f5:67:dc:09:16:9b:
d6:24:dd:58
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcdjAbZnWHo338W0iZ+Yn0yko9hswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUxMTBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlNzNjNjBlYzc2NjhjYzRjYzRkNWViMTEzMjk2MWZkZWRmOTEwZjRhNTdj
MzRiYWQ3NDNmMGIzYTc5ODJkYmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMXp+83T9DXgrunGsq+ag4IHBuk0UN/kLSY16+529WXK3p77okOfap2LZMme
QPaKQnuFAGSbeoAeTd/jkqdoIdThtsKQt64LuBIbB3tjJAgCHE/cv5lZeZ+Y0DX4
ckadzQu+rsua6KSacM7s9upyUzleY4yEb0b0pCguz2DKjyPkeT1UjNR1/6jYT/V5
VukgVS5O5RxWrrJqAU4hOYytoyZX2BGY5dju96FHjFxHunnuNXyLCs7XwDxLMseh
pkmv7Wl0WByiIM9cC6nLobLs9gULBIIAJ+dGjMxlzl0itbZEbScFJXKnjrS4MGVG
qLk7TXuS4ngEuU14gdnKeKpsYfsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTjN1Uw
qJZIP4TIb61P5L0q9KmjJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzJkYTlmMDItMzU2Yy00NjY0LTg2NGUtZTYwYjdjOWU4NzRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HfA
QDANBgkqhkiG9w0BAQsFAAOCAQEAEZhxHdoRFzC2J02ACP1mxWu1nWvJvGp0+4f2
UXtvzekV4TsQrM8mGDKErQW5JB6GRjOikG09JjA5YUIBqI7onzPZSBB+uFbILIcy
vXFDvE3Fedew4eWY04F/UkPjBoS//V9B4TUSneGezbuh/faFd/dimPv4rtUgMJ+C
xpYAWaQFpaTXawL3IUy15xiWzTnaZitARRgQNzP/akjIytEYsiSUWeBYC2CdJYX4
CKti3lubdqTUA79P4sZLx1c+XTQJE6wyzK7VUh2lhUygsDv6rRGzUEd7D/YeyJqq
3ABw/wRdCCSeonyF9J567TEH3gXj9oQUpaiw9WfcCRab1iTdWA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:15 2025 by rpki-client