Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/730c632c-0510-4eef-8649-b29c7a1d089b.roa
File: 730c632c-0510-4eef-8649-b29c7a1d089b.roa (raw, json)
Hash identifier: BDElva2gTHeQ5eFl7uhaXLOIpxuXDH+HnsXAzMOzaFY=
Subject key identifier: 56:B4:B8:9E:82:05:58:87:28:E4:DA:D4:8A:A9:54:F9:A8:1E:1C:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0CEC130F00130307F6E5673CEDDC9D7EA3CF7663
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/730c632c-0510-4eef-8649-b29c7a1d089b.roa
Signing time: Fri 11 Jul 2025 18:41:04 +0000
ROA not before: Fri 11 Jul 2025 18:41:04 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:ec:13:0f:00:13:03:07:f6:e5:67:3c:ed:dc:9d:7e:a3:cf:76:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:41:04 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=4e076646098ee52eacab83dbe4efdb41eff83be2f5795c74c2edd575d35169e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b6:81:d2:9f:5a:0e:81:6f:d5:ef:e8:90:42:
f6:ea:61:94:db:ad:fe:12:d6:cc:bc:f4:9d:cd:c0:
75:3d:f8:ae:80:82:7e:68:cb:a2:b6:d6:e5:a9:fb:
f7:3d:a8:4e:a2:70:9e:ba:6d:cc:c3:12:3f:a3:9b:
7b:9b:88:4e:09:b7:b8:c3:09:2d:6e:2c:87:7b:60:
38:97:b7:b4:bf:f7:33:28:af:4f:ef:b3:60:f8:d2:
83:e9:47:ed:3a:fd:da:7a:42:cf:04:b8:02:d9:11:
00:4d:99:7d:6a:91:9d:aa:0a:c5:b6:f6:65:40:03:
50:e9:c8:4d:f8:d0:d3:22:07:3d:ab:99:4e:be:04:
fe:01:49:cf:52:19:fe:b0:2b:4e:bd:0a:e3:36:dc:
64:ae:ca:79:4f:53:ac:cc:bf:b3:fe:1d:58:63:c8:
cc:63:e3:99:d4:6b:47:a2:17:75:54:9d:ec:8d:1b:
2b:c0:55:9f:9d:d9:bc:35:08:82:55:a1:2c:26:0b:
30:9f:74:ad:63:b1:e5:46:f6:db:b9:62:79:08:6d:
92:f5:c7:27:ce:95:f3:4c:22:21:4a:2f:17:d9:85:
07:47:9e:83:7a:de:09:56:6a:92:4a:77:b7:e9:76:
58:4a:f8:7f:bb:b9:84:fb:5b:06:2e:cb:60:c3:7d:
c9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B4:B8:9E:82:05:58:87:28:E4:DA:D4:8A:A9:54:F9:A8:1E:1C:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/730c632c-0510-4eef-8649-b29c7a1d089b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:2040::/48
Signature Algorithm: sha256WithRSAEncryption
c5:74:cc:9f:9b:58:c0:c4:02:2f:e5:0a:44:f3:19:f5:fa:4f:
79:3a:ab:14:cc:f0:f7:8b:d4:ae:d4:cd:e1:d0:5e:e1:80:cf:
2d:a2:3d:39:82:60:95:0b:44:79:0d:87:33:71:e8:71:62:af:
2d:1b:89:41:38:da:47:98:ad:c3:bf:3e:e7:90:5a:bb:e5:70:
ef:ca:46:25:44:90:87:e1:43:2d:fb:2c:65:dc:2b:a9:e3:a3:
82:6e:71:56:7b:bf:86:0b:f5:a1:10:be:bf:f9:33:c4:08:6d:
9e:29:58:1f:eb:20:a4:88:e3:2a:8c:d5:80:48:da:0b:5e:01:
09:ee:b2:e8:04:31:ac:60:b6:af:0b:bc:06:6e:92:8d:d1:1f:
d9:8f:96:57:58:1b:c1:79:98:78:21:c4:fe:2a:f7:95:c5:f6:
f1:c6:4c:fb:05:1c:9b:a5:0a:74:c3:22:1e:a7:89:b7:08:aa:
89:ad:10:63:58:1e:03:31:c9:7c:bd:55:d2:b1:c6:e3:8d:e1:
42:a4:1c:89:62:94:e5:f8:4d:a0:78:69:c9:d1:74:ca:fc:1a:
59:fd:d0:0a:6a:67:39:dd:6b:1c:cf:45:73:cc:0e:e2:d1:69:
47:87:74:97:09:11:89:d1:59:c4:98:1c:de:0a:e9:f3:1e:9f:
b3:83:6b:73
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDOwTDwATAwf25Wc87dydfqPPdmMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQxMDRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlMDc2NjQ2MDk4ZWU1MmVhY2FiODNkYmU0ZWZkYjQxZWZmODNiZTJmNTc5
NWM3NGMyZWRkNTc1ZDM1MTY5ZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJu2gdKfWg6Bb9Xv6JBC9uphlNut/hLWzLz0nc3AdT34roCCfmjLorbW5an7
9z2oTqJwnrptzMMSP6Obe5uITgm3uMMJLW4sh3tgOJe3tL/3MyivT++zYPjSg+lH
7Tr92npCzwS4AtkRAE2ZfWqRnaoKxbb2ZUADUOnITfjQ0yIHPauZTr4E/gFJz1IZ
/rArTr0K4zbcZK7KeU9TrMy/s/4dWGPIzGPjmdRrR6IXdVSd7I0bK8BVn53ZvDUI
glWhLCYLMJ90rWOx5Ub227lieQhtkvXHJ86V80wiIUovF9mFB0eeg3reCVZqkkp3
t+l2WEr4f7u5hPtbBi7LYMN9yZsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRWtLie
ggVYhyjk2tSKqVT5qB4cJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzMwYzYzMmMtMDUxMC00ZWVmLTg2NDktYjI5YzdhMWQwODliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEg
QDANBgkqhkiG9w0BAQsFAAOCAQEAxXTMn5tYwMQCL+UKRPMZ9fpPeTqrFMzw94vU
rtTN4dBe4YDPLaI9OYJglQtEeQ2HM3HocWKvLRuJQTjaR5itw78+55Bau+Vw78pG
JUSQh+FDLfssZdwrqeOjgm5xVnu/hgv1oRC+v/kzxAhtnilYH+sgpIjjKozVgEja
C14BCe6y6AQxrGC2rwu8Bm6SjdEf2Y+WV1gbwXmYeCHE/ir3lcX28cZM+wUcm6UK
dMMiHqeJtwiqia0QY1geAzHJfL1V0rHG443hQqQciWKU5fhNoHhpydF0yvwaWf3Q
CmpnOd1rHM9Fc8wO4tFpR4d0lwkRidFZxJgc3grp8x6fs4Nrcw==
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:46:31 2025 by rpki-client