Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73488a43-875c-415a-9969-c278b245b9fb.roa
File: 73488a43-875c-415a-9969-c278b245b9fb.roa (raw, json)
Hash identifier: m99otNHud4WFviDTcgoXv0sdVF+kfy0aq2WxLw27zaY=
Subject key identifier: 4E:B8:AB:A0:D4:88:B7:86:A0:BE:CB:AB:34:FB:FF:2C:39:C4:33:D7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B069FC73E862A9F157E60BF8672F343B5072FBA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73488a43-875c-415a-9969-c278b245b9fb.roa
Signing time: Fri 11 Jul 2025 19:31:24 +0000
ROA not before: Fri 11 Jul 2025 19:31:24 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:06:9f:c7:3e:86:2a:9f:15:7e:60:bf:86:72:f3:43:b5:07:2f:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:31:24 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=6d64052dc7302d84464a8db44a00338327d1ca9643916b69163962fb0e0d629a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:99:23:05:92:e9:76:c3:bd:19:6c:7f:95:cb:
74:53:5a:38:37:2b:bc:26:a1:73:c3:f5:99:57:df:
0d:87:5e:f7:11:45:f8:0e:8e:e1:99:1a:10:d9:09:
fe:f2:82:c4:70:3b:b9:2f:a5:72:5f:8c:51:4c:32:
c5:0c:74:0e:49:6c:45:29:03:47:59:bb:0a:7a:50:
b9:db:47:de:af:3c:21:94:b1:3a:ea:a9:16:b8:c0:
39:a6:f6:f1:16:57:9e:d9:aa:f5:25:64:08:50:ff:
72:4a:43:de:95:0c:e2:f8:f4:9f:0a:67:a2:ce:e6:
2e:a1:3f:d1:89:c8:bd:f5:54:26:4a:00:62:e1:dd:
fd:db:59:17:2c:e7:a4:ba:d1:18:c3:a4:a5:d2:f9:
3c:2f:76:55:07:9c:30:ab:b0:fc:e4:e0:16:3d:dc:
f2:69:85:80:83:a0:71:33:07:e8:67:65:95:86:19:
eb:f4:7b:58:a2:f4:bf:3e:4d:d3:8f:6b:44:1e:53:
f1:31:77:dd:e2:08:49:04:c2:fc:fa:05:2a:63:4e:
e3:86:d8:e7:5a:4a:84:3d:ce:2f:ab:eb:c6:43:06:
e1:90:dc:8e:9b:cd:e1:fd:b8:32:d1:8d:61:54:c7:
7b:a1:64:b1:e8:98:55:9a:a2:2f:58:e7:3f:79:d5:
8e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B8:AB:A0:D4:88:B7:86:A0:BE:CB:AB:34:FB:FF:2C:39:C4:33:D7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73488a43-875c-415a-9969-c278b245b9fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e080::/48
Signature Algorithm: sha256WithRSAEncryption
39:e4:2c:64:2a:6a:1c:25:23:f4:d4:63:57:45:21:01:49:cf:
06:63:a4:52:3f:a3:e2:5d:2d:56:a5:ff:1a:d7:56:96:e9:d3:
3d:db:f0:2f:1b:dc:a3:61:35:26:e0:ba:dc:61:c6:ea:30:f7:
ef:77:aa:e9:e4:4f:6d:a3:dc:f7:3f:f2:52:1b:ac:ae:c0:d1:
9f:e3:7e:90:bf:4c:30:60:02:3f:26:1c:58:4d:80:59:d3:65:
9a:af:17:9f:22:e5:d3:02:e6:f2:08:67:43:af:9f:9d:1f:d2:
ca:99:4c:d1:ba:9d:76:92:f7:c1:ed:99:a9:f6:37:bd:cc:f2:
ec:21:9d:27:46:d5:e0:1d:58:6e:49:17:fc:5d:2c:6d:11:45:
bc:fc:ba:22:e5:15:89:1c:97:9a:32:de:21:af:50:3b:85:81:
57:eb:1d:21:85:09:7f:d8:d1:a1:59:b2:98:7f:4c:0f:95:f2:
c9:90:7d:fc:b1:d1:98:af:77:12:6e:7d:2a:4d:9c:a0:7d:d7:
b8:1a:a4:ec:38:76:0a:30:ed:5c:a6:60:0d:71:56:73:0b:e7:
e9:5a:32:07:d5:14:d9:1e:d4:74:cd:00:e0:96:5f:9c:a4:65:
9c:03:fd:cf:59:30:02:47:17:be:87:e3:31:6c:5e:d4:9e:ec:
f4:9e:4a:bc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCwafxz6GKp8VfmC/hnLzQ7UHL7owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMxMjRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkNjQwNTJkYzczMDJkODQ0NjRhOGRiNDRhMDAzMzgzMjdkMWNhOTY0Mzkx
NmI2OTE2Mzk2MmZiMGUwZDYyOWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPOZIwWS6XbDvRlsf5XLdFNaODcrvCahc8P1mVffDYde9xFF+A6O4ZkaENkJ
/vKCxHA7uS+lcl+MUUwyxQx0DklsRSkDR1m7CnpQudtH3q88IZSxOuqpFrjAOab2
8RZXntmq9SVkCFD/ckpD3pUM4vj0nwpnos7mLqE/0YnIvfVUJkoAYuHd/dtZFyzn
pLrRGMOkpdL5PC92VQecMKuw/OTgFj3c8mmFgIOgcTMH6GdllYYZ6/R7WKL0vz5N
049rRB5T8TF33eIISQTC/PoFKmNO44bY51pKhD3OL6vrxkMG4ZDcjpvN4f24MtGN
YVTHe6FkseiYVZqiL1jnP3nVjnMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBROuKug
1Ii3hqC+y6s0+/8sOcQz1zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM0ODhhNDMtODc1Yy00MTVhLTk5NjktYzI3OGIyNDViOWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
gDANBgkqhkiG9w0BAQsFAAOCAQEAOeQsZCpqHCUj9NRjV0UhAUnPBmOkUj+j4l0t
VqX/GtdWlunTPdvwLxvco2E1JuC63GHG6jD373eq6eRPbaPc9z/yUhusrsDRn+N+
kL9MMGACPyYcWE2AWdNlmq8XnyLl0wLm8ghnQ6+fnR/SyplM0bqddpL3we2ZqfY3
vczy7CGdJ0bV4B1YbkkX/F0sbRFFvPy6IuUViRyXmjLeIa9QO4WBV+sdIYUJf9jR
oVmymH9MD5XyyZB9/LHRmK93Em59Kk2coH3XuBqk7Dh2CjDtXKZgDXFWcwvn6Voy
B9UU2R7UdM0A4JZfnKRlnAP9z1kwAkcXvofjMWxe1J7s9J5KvA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:36:59 2025 by rpki-client