Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75d0b5d9-2477-4d38-ab7a-0c60a33d8246.roa
File: 75d0b5d9-2477-4d38-ab7a-0c60a33d8246.roa (raw, json)
Hash identifier: RFQ3SiQBFBfaUGj29/mRsb8pcnolA3ZnIPCfY8zOiXE=
Subject key identifier: D3:94:70:6E:8D:01:C9:C4:AB:99:D4:18:7C:B2:05:9A:A8:29:26:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 485B0982618CFCBA355828B402E49CD4066878A6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75d0b5d9-2477-4d38-ab7a-0c60a33d8246.roa
Signing time: Fri 11 Jul 2025 18:41:02 +0000
ROA not before: Fri 11 Jul 2025 18:41:02 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:5b:09:82:61:8c:fc:ba:35:58:28:b4:02:e4:9c:d4:06:68:78:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:41:02 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=becf4f02bcdef88d76b5dd2e708c3f3d4ff10c45f5144a1e7e9c6f211b617e0e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c8:99:01:cc:6b:50:e9:9d:0a:d7:08:a1:16:
1e:ce:c1:ae:96:e0:7f:22:3e:ea:12:19:3b:c5:96:
55:56:43:ad:51:30:c1:91:f4:32:9e:32:60:10:a0:
0d:10:28:5a:c2:cf:a2:eb:9e:6a:d0:fa:b1:47:f4:
d0:08:dd:45:46:aa:c0:08:db:7e:ce:41:b4:6c:47:
6e:88:cd:d3:de:4e:d9:b9:06:04:e0:1e:56:5b:02:
33:ff:49:ac:6f:b5:d2:ed:f3:9e:d5:de:45:e8:d0:
57:c5:8c:84:da:ab:01:d8:42:14:b4:56:5b:bb:2d:
da:fe:2d:04:26:d2:b8:20:21:ca:ec:9b:3b:d8:07:
65:4e:ff:33:51:27:5d:af:43:63:11:d0:e7:2f:eb:
fe:2a:82:2f:f2:70:f1:02:cb:11:ae:c2:1d:84:1f:
89:89:94:51:5c:be:d2:a6:a3:1a:17:8f:54:f4:c9:
b6:33:9f:7a:2f:ed:ba:50:d4:d4:36:e8:32:c7:a5:
69:f5:80:0b:98:dd:17:97:6f:29:98:c5:8a:45:6d:
b5:66:3f:6a:d8:a3:19:4a:74:05:1b:72:68:dd:dc:
64:e0:03:c0:79:a3:6a:69:95:b6:3e:c8:23:50:76:
08:f0:72:60:94:46:78:08:9a:75:71:90:bc:9b:61:
06:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:94:70:6E:8D:01:C9:C4:AB:99:D4:18:7C:B2:05:9A:A8:29:26:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75d0b5d9-2477-4d38-ab7a-0c60a33d8246.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6040::/48
Signature Algorithm: sha256WithRSAEncryption
c6:4e:da:3d:2e:dc:c7:7c:54:42:b8:28:41:14:62:9d:58:27:
3e:c1:3c:4a:e7:a8:33:97:57:e1:64:91:aa:f1:23:81:56:32:
64:2f:ef:27:27:a3:64:6c:52:58:44:03:d0:e4:db:19:a4:94:
15:f4:0e:61:a0:20:38:de:f3:c0:01:18:32:e0:e8:08:60:f2:
5f:35:e6:34:d6:71:6b:3a:2a:ce:51:54:1b:07:ac:dc:bb:d9:
7b:14:89:18:9b:29:92:75:1e:69:6c:3c:1e:32:e4:c2:b6:45:
c5:61:89:d7:99:06:b7:8d:b7:e2:23:07:b5:ed:ca:bd:1e:36:
f7:96:09:16:f6:09:58:6e:2e:42:5c:e4:37:9c:a3:b1:31:57:
96:1a:4f:88:bc:70:35:60:67:7f:56:d3:ab:fe:82:5d:3a:03:
85:4e:5b:ec:f6:ed:25:db:d6:ce:45:51:4d:b8:a1:2b:71:ac:
3d:22:d0:ae:33:4d:38:50:ae:75:77:8d:cf:13:d9:f3:75:7e:
06:07:99:50:91:1c:15:9a:43:1e:ca:5f:2c:0b:26:9c:f6:bb:
34:32:d3:0f:b2:c1:5e:f1:d0:e1:92:30:97:c5:2e:6d:70:03:
54:49:b1:9e:60:ac:7f:ab:15:85:e7:0d:6e:2e:c9:4b:12:c9:
1b:b7:06:8b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSFsJgmGM/Lo1WCi0AuSc1AZoeKYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQxMDJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlY2Y0ZjAyYmNkZWY4OGQ3NmI1ZGQyZTcwOGMzZjNkNGZmMTBjNDVmNTE0
NGExZTdlOWM2ZjIxMWI2MTdlMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjImQHMa1DpnQrXCKEWHs7BrpbgfyI+6hIZO8WWVVZDrVEwwZH0Mp4yYBCg
DRAoWsLPouueatD6sUf00AjdRUaqwAjbfs5BtGxHbojN095O2bkGBOAeVlsCM/9J
rG+10u3zntXeRejQV8WMhNqrAdhCFLRWW7st2v4tBCbSuCAhyuybO9gHZU7/M1En
Xa9DYxHQ5y/r/iqCL/Jw8QLLEa7CHYQfiYmUUVy+0qajGhePVPTJtjOfei/tulDU
1DboMselafWAC5jdF5dvKZjFikVttWY/atijGUp0BRtyaN3cZOADwHmjammVtj7I
I1B2CPByYJRGeAiadXGQvJthBgkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTTlHBu
jQHJxKuZ1Bh8sgWaqCkmgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzVkMGI1ZDktMjQ3Ny00ZDM4LWFiN2EtMGM2MGEzM2Q4MjQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFg
QDANBgkqhkiG9w0BAQsFAAOCAQEAxk7aPS7cx3xUQrgoQRRinVgnPsE8SueoM5dX
4WSRqvEjgVYyZC/vJyejZGxSWEQD0OTbGaSUFfQOYaAgON7zwAEYMuDoCGDyXzXm
NNZxazoqzlFUGwes3LvZexSJGJspknUeaWw8HjLkwrZFxWGJ15kGt4234iMHte3K
vR4295YJFvYJWG4uQlzkN5yjsTFXlhpPiLxwNWBnf1bTq/6CXToDhU5b7PbtJdvW
zkVRTbihK3GsPSLQrjNNOFCudXeNzxPZ83V+BgeZUJEcFZpDHspfLAsmnPa7NDLT
D7LBXvHQ4ZIwl8UubXADVEmxnmCsf6sVhecNbi7JSxLJG7cGiw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:35:59 2025 by rpki-client