Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
File: 7665346b-5715-4d4a-9ee7-32affc669e92.roa (raw, json)
Hash identifier: mgGgbwwn8GFha/0S84ajvcoxY7VSFk+6Pvm8WwkzeBw=
Subject key identifier: 72:B0:4D:C8:36:B7:B2:22:9A:72:51:90:1D:EE:48:F5:7C:B4:34:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 597C222F19D1E2B7E046A618215D6EA4E0F068A9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
Signing time: Fri 11 Jul 2025 18:40:42 +0000
ROA not before: Fri 11 Jul 2025 18:40:42 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:7c:22:2f:19:d1:e2:b7:e0:46:a6:18:21:5d:6e:a4:e0:f0:68:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:40:42 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=7471931992b6b1c18299f8f862a498ad446d1bf1ff4ade6d8c04aff83bedcc2e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6b:9c:ff:86:bb:f6:0d:46:cd:24:d7:54:15:
8e:14:8a:90:ee:5f:85:30:67:51:8e:0c:d7:a2:56:
84:e3:b0:b1:dd:bf:88:59:75:83:c4:27:7b:c5:4d:
22:df:dd:07:b6:16:ac:94:c2:d9:51:30:ec:3f:f6:
1e:08:62:69:12:32:b8:01:e2:26:22:a5:bc:45:43:
ee:8b:36:5e:7e:20:53:b5:65:b8:cb:83:4d:c4:a7:
53:97:91:c3:80:83:35:d1:b6:6c:c2:c0:ed:87:38:
69:15:14:11:a4:b3:5d:b0:e6:22:7f:02:8e:64:d4:
00:9d:da:f5:de:23:b3:de:35:af:d3:4c:2a:c2:bf:
be:bb:50:ac:31:ea:d5:2f:9e:de:89:a1:60:57:aa:
15:06:3c:b2:b5:65:58:74:ef:4f:e3:5a:ae:93:5e:
8c:8f:73:04:7a:bd:51:11:51:23:cc:6e:42:11:52:
64:6d:6e:f3:65:72:e9:e8:be:18:d4:68:ed:a6:76:
c2:c5:d4:2d:6a:db:ff:c3:09:2f:bc:7e:f3:09:95:
d4:2b:bb:f9:e9:7d:4b:ac:b2:e1:5e:70:a8:6f:d6:
05:34:89:99:3e:28:27:e0:1b:7b:43:2a:7b:34:2c:
ca:36:85:13:07:d5:09:eb:46:3e:79:eb:37:72:99:
ee:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:B0:4D:C8:36:B7:B2:22:9A:72:51:90:1D:EE:48:F5:7C:B4:34:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2040::/48
Signature Algorithm: sha256WithRSAEncryption
24:7d:17:e1:84:f9:9d:e8:92:4e:68:94:c0:aa:b8:7c:54:1f:
cd:62:11:74:71:c8:13:64:22:78:13:55:80:9a:54:54:67:04:
a7:76:76:bf:42:d1:c3:0d:32:40:dc:d2:42:c3:ef:40:09:a6:
94:b1:ce:8b:ee:b9:93:8c:a8:b7:46:65:9b:e3:38:b4:85:2c:
8a:c2:1e:b6:7c:8a:09:bc:15:1a:42:be:2f:51:05:f8:f9:be:
f4:cb:37:75:00:1c:7d:76:17:7e:94:af:ee:e9:cc:64:0c:a5:
75:4c:6b:63:dc:4f:cc:b6:6b:77:11:53:05:51:ce:a8:a3:94:
69:9c:57:c0:59:c6:8e:7f:a0:46:3a:6f:e2:14:51:06:a9:ef:
da:98:01:c2:92:9c:cd:11:30:9b:71:a8:2f:37:60:d8:4f:48:
14:7d:59:47:95:72:10:ed:be:83:ad:bd:c0:e8:fd:62:58:38:
a0:95:d0:8c:ef:14:d7:57:71:a5:05:c3:18:53:b3:66:54:9c:
a4:c2:cf:b8:aa:3e:b4:5b:f1:40:10:72:2c:0c:8f:09:24:2d:
db:cf:d3:23:76:02:f3:c9:58:cc:90:2d:f6:94:69:60:a3:c6:
8b:e6:24:12:5d:42:f4:9b:be:6b:23:06:32:a0:d2:11:30:5d:
a7:32:61:21
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWXwiLxnR4rfgRqYYIV1upODwaKkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQwNDJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0NzE5MzE5OTJiNmIxYzE4Mjk5ZjhmODYyYTQ5OGFkNDQ2ZDFiZjFmZjRh
ZGU2ZDhjMDRhZmY4M2JlZGNjMmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANhrnP+Gu/YNRs0k11QVjhSKkO5fhTBnUY4M16JWhOOwsd2/iFl1g8Qne8VN
It/dB7YWrJTC2VEw7D/2HghiaRIyuAHiJiKlvEVD7os2Xn4gU7VluMuDTcSnU5eR
w4CDNdG2bMLA7Yc4aRUUEaSzXbDmIn8CjmTUAJ3a9d4js941r9NMKsK/vrtQrDHq
1S+e3omhYFeqFQY8srVlWHTvT+NarpNejI9zBHq9URFRI8xuQhFSZG1u82Vy6ei+
GNRo7aZ2wsXULWrb/8MJL7x+8wmV1Cu7+el9S6yy4V5wqG/WBTSJmT4oJ+Abe0Mq
ezQsyjaFEwfVCetGPnnrN3KZ7q0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRysE3I
NreyIppyUZAd7kj1fLQ0eDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzY2NTM0NmItNTcxNS00ZDRhLTllZTctMzJhZmZjNjY5ZTkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
QDANBgkqhkiG9w0BAQsFAAOCAQEAJH0X4YT5neiSTmiUwKq4fFQfzWIRdHHIE2Qi
eBNVgJpUVGcEp3Z2v0LRww0yQNzSQsPvQAmmlLHOi+65k4yot0Zlm+M4tIUsisIe
tnyKCbwVGkK+L1EF+Pm+9Ms3dQAcfXYXfpSv7unMZAyldUxrY9xPzLZrdxFTBVHO
qKOUaZxXwFnGjn+gRjpv4hRRBqnv2pgBwpKczREwm3GoLzdg2E9IFH1ZR5VyEO2+
g629wOj9Ylg4oJXQjO8U11dxpQXDGFOzZlScpMLPuKo+tFvxQBByLAyPCSQt28/T
I3YC88lYzJAt9pRpYKPGi+YkEl1C9Ju+ayMGMqDSETBdpzJhIQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:37 2025 by rpki-client