Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/757087af-5baf-4a2f-a9ec-dbadb47313e2.roa
File: 757087af-5baf-4a2f-a9ec-dbadb47313e2.roa (raw, json)
Hash identifier: ZfyFRKUnIJ/Me17ktIidIGPc8F5HbHuo0PGz8uaGE+s=
Subject key identifier: 93:70:A2:81:37:06:EE:30:63:D0:BB:4E:15:EA:D9:BF:B9:12:8B:04
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6CB467BCAEA717005C864B7336D871DC25A599EA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/757087af-5baf-4a2f-a9ec-dbadb47313e2.roa
Signing time: Fri 11 Jul 2025 18:40:58 +0000
ROA not before: Fri 11 Jul 2025 18:40:58 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:50c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:b4:67:bc:ae:a7:17:00:5c:86:4b:73:36:d8:71:dc:25:a5:99:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:40:58 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=0b080d9c52aed9929c52a0863dc989d5762121b9c77433ddae3f77288091dab6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b5:ef:c1:69:31:96:6e:aa:36:6d:1d:40:03:
83:4d:84:40:a7:64:b9:67:8d:c5:b5:b7:ea:42:01:
53:bc:58:f3:56:12:16:b6:c0:b4:80:f4:4c:cd:03:
1f:3b:5a:f9:3e:da:6b:38:21:dd:3e:43:d8:f0:8b:
73:7c:5b:cf:61:06:d3:95:20:0e:54:46:ae:ca:9e:
06:f1:72:f9:91:a9:6d:28:79:a5:24:23:1d:49:9c:
5a:89:8f:1c:d9:8b:a6:b7:f7:99:48:45:23:9c:d7:
3a:6b:5d:8d:83:94:3c:a0:50:ad:83:be:c9:c8:b7:
b4:63:24:96:07:ef:26:f0:2d:b6:3b:7c:ae:ba:b3:
87:4a:71:6f:9e:f7:f7:b8:55:57:71:da:0a:c7:a5:
03:65:34:ae:e8:8d:22:c7:3b:ac:80:7f:ce:3c:c8:
31:eb:9e:ba:00:b9:de:b9:c2:51:f9:6e:3d:d7:5e:
08:46:49:2f:44:cb:37:4f:62:da:a4:f9:a4:d9:2c:
b6:98:85:80:ab:91:bd:33:9b:33:69:f1:ac:c0:4c:
48:89:e0:57:c6:72:64:5c:d1:de:e8:68:14:ef:c3:
9a:69:3d:80:42:9e:87:9c:fe:0e:aa:65:17:03:d8:
86:4e:d5:ba:a4:2f:ef:c4:0a:f2:8a:b4:b9:8a:70:
fb:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:70:A2:81:37:06:EE:30:63:D0:BB:4E:15:EA:D9:BF:B9:12:8B:04
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/757087af-5baf-4a2f-a9ec-dbadb47313e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:50c0::/48
Signature Algorithm: sha256WithRSAEncryption
66:d7:bc:69:16:73:b6:38:f7:a5:7f:e0:ee:be:dd:55:96:87:
60:8a:57:d1:2d:50:4f:63:d0:a3:73:fd:e1:51:88:87:70:a6:
8b:43:e6:4a:11:39:41:0a:b1:6a:bb:49:16:36:12:5a:f2:99:
6d:a3:72:0d:8e:2a:b4:fe:67:83:82:ed:31:0a:56:10:2a:ec:
81:a6:c0:d8:1b:06:bf:77:b6:e8:5a:85:6a:77:06:ae:d4:85:
f0:14:cf:f9:42:56:b3:48:00:cb:17:b1:84:b5:77:70:05:c3:
bc:0f:f5:88:50:08:c9:82:1f:58:ed:8f:a3:b3:e0:32:0f:9b:
e8:38:0d:56:94:f1:d5:d3:7e:29:b4:86:84:8f:f9:f4:bc:c6:
57:7e:b9:1e:81:87:0b:6e:83:61:14:f8:b1:1e:94:ba:aa:31:
c8:16:57:ad:c7:0c:80:4a:d8:a7:ee:6f:15:dd:ba:69:91:1d:
8e:c8:aa:c7:d5:3d:3b:a2:ec:22:4f:3a:c4:b6:ee:c6:cf:6e:
cb:21:25:9e:13:91:77:27:6e:ee:f8:fd:ac:e1:dc:9e:12:ad:
d6:c0:39:98:55:2b:23:d1:ca:35:a9:aa:c4:6a:53:4e:0d:bc:
c1:ca:90:d4:cd:cd:b8:41:6e:21:53:98:7e:a5:ef:99:4b:ee:
37:1f:d6:ce
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbLRnvK6nFwBchktzNthx3CWlmeowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQwNThaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiMDgwZDljNTJhZWQ5OTI5YzUyYTA4NjNkYzk4OWQ1NzYyMTIxYjljNzc0
MzNkZGFlM2Y3NzI4ODA5MWRhYjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6178FpMZZuqjZtHUADg02EQKdkuWeNxbW36kIBU7xY81YSFrbAtID0TM0D
Hzta+T7aazgh3T5D2PCLc3xbz2EG05UgDlRGrsqeBvFy+ZGpbSh5pSQjHUmcWomP
HNmLprf3mUhFI5zXOmtdjYOUPKBQrYO+yci3tGMklgfvJvAttjt8rrqzh0pxb573
97hVV3HaCselA2U0ruiNIsc7rIB/zjzIMeueugC53rnCUfluPddeCEZJL0TLN09i
2qT5pNkstpiFgKuRvTObM2nxrMBMSIngV8ZyZFzR3uhoFO/Dmmk9gEKeh5z+Dqpl
FwPYhk7VuqQv78QK8oq0uYpw+9UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSTcKKB
NwbuMGPQu04V6tm/uRKLBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzU3MDg3YWYtNWJhZi00YTJmLWE5ZWMtZGJhZGI0NzMxM2UyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q
wDANBgkqhkiG9w0BAQsFAAOCAQEAZte8aRZztjj3pX/g7r7dVZaHYIpX0S1QT2PQ
o3P94VGIh3Cmi0PmShE5QQqxartJFjYSWvKZbaNyDY4qtP5ng4LtMQpWECrsgabA
2BsGv3e26FqFancGrtSF8BTP+UJWs0gAyxexhLV3cAXDvA/1iFAIyYIfWO2Po7Pg
Mg+b6DgNVpTx1dN+KbSGhI/59LzGV365HoGHC26DYRT4sR6UuqoxyBZXrccMgErY
p+5vFd26aZEdjsiqx9U9O6LsIk86xLbuxs9uyyElnhORdydu7vj9rOHcnhKt1sA5
mFUrI9HKNamqxGpTTg28wcqQ1M3NuEFuIVOYfqXvmUvuNx/Wzg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:35:36 2025 by rpki-client