Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
File: 77bc679b-5199-43c2-8199-be5c04a6c0d9.roa (raw, json)
Hash identifier: dDReoD2HVKVdy/hg92QISlY4gf25bPm8fcYMTPXBCC0=
Subject key identifier: 40:25:76:1A:1D:7E:14:69:4F:EA:CE:DB:6E:59:FB:9E:40:32:72:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 40F200D822E89025854D4E5A1568D6AA71CBBC8B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
Signing time: Fri 11 Jul 2025 19:20:44 +0000
ROA not before: Fri 11 Jul 2025 19:20:44 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:f2:00:d8:22:e8:90:25:85:4d:4e:5a:15:68:d6:aa:71:cb:bc:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:20:44 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=6afd8e3be06dd9f52a4ea8371151a609fc806707d963ee33b11e883f7ae0bd91, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:27:39:dd:ca:ef:42:40:b7:0e:a1:a2:2c:f2:
b2:e6:cc:00:18:11:55:9d:c8:f4:2c:41:bd:f3:c0:
5a:5d:0e:0f:cb:f6:e5:0a:de:87:6d:0f:12:7e:17:
a8:a9:90:d6:ec:2d:c9:d9:88:cb:91:89:a3:0c:7e:
f7:64:81:51:4a:50:ce:25:3e:c6:c1:54:7b:79:94:
77:2b:15:65:6f:ff:9d:b2:50:bf:07:b8:36:cb:cb:
8a:07:7d:18:27:3a:89:0d:57:c0:de:e6:3b:0e:33:
46:b6:a5:5f:a5:18:6f:a8:f2:4b:e2:4e:04:b1:4e:
d6:76:ae:bb:bb:f8:24:97:5c:85:6f:a4:d5:e8:16:
61:b7:30:9d:4b:3e:28:ca:1c:c5:14:5a:b5:95:6f:
f9:25:db:45:a3:73:c9:83:70:55:46:58:f9:c9:2c:
46:4d:02:91:4b:75:f9:c2:98:d1:ab:85:89:c3:c4:
97:f9:c3:91:05:11:af:59:57:6f:7e:1a:80:3d:a1:
93:84:cf:2e:55:42:a0:2f:58:d6:e7:25:ff:d3:fb:
b7:dc:47:64:11:85:16:ca:45:b6:11:94:74:7f:ca:
9a:05:cd:e9:07:df:ef:f6:ce:72:e1:5d:8f:59:d0:
06:59:a3:60:1d:35:48:32:7a:0f:1e:fc:1f:12:19:
ae:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:25:76:1A:1D:7E:14:69:4F:EA:CE:DB:6E:59:FB:9E:40:32:72:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c040::/48
Signature Algorithm: sha256WithRSAEncryption
4d:92:25:ac:10:ab:2c:dd:68:25:02:e7:c1:52:b8:32:4d:ad:
6a:c3:a8:bc:e9:da:bc:13:9b:82:80:2b:18:76:ce:6e:cb:81:
1d:ea:22:c5:e5:f8:44:c3:5c:bb:b3:56:51:88:08:90:51:d0:
e1:e5:32:96:8c:dd:74:11:f5:e2:34:cd:2a:d7:ee:18:5e:88:
79:8e:89:98:cc:6f:1d:79:6c:43:de:e9:1d:23:cf:bc:2c:9a:
d4:b4:8a:0d:e9:2a:d4:fb:4d:cf:5a:92:ff:75:d5:37:47:84:
a1:a9:b0:ca:7a:40:da:54:ca:64:d2:25:f4:37:d1:24:69:35:
6f:ab:6d:db:95:61:98:70:37:8b:8b:03:f0:71:31:80:f7:c5:
1a:96:5d:24:f8:26:8f:ef:22:84:dc:ea:45:0c:7c:b8:a8:76:
2b:d7:06:c1:3a:9b:9d:30:8e:61:00:ea:e3:80:20:25:2e:c0:
ed:1e:85:5a:c6:29:a0:81:67:14:27:03:e4:e5:52:a3:b0:0c:
2a:52:d4:e1:a5:2b:a2:b0:e3:33:3d:b2:21:5c:02:e2:13:bb:
43:df:96:9b:13:ad:d4:7f:64:19:36:cc:38:73:9b:9a:f1:f2:
67:76:43:29:23:f5:85:21:0b:1b:af:7a:e9:fe:76:a9:7b:31:
b0:d3:ba:3c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQPIA2CLokCWFTU5aFWjWqnHLvIswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIwNDRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhZmQ4ZTNiZTA2ZGQ5ZjUyYTRlYTgzNzExNTFhNjA5ZmM4MDY3MDdkOTYz
ZWUzM2IxMWU4ODNmN2FlMGJkOTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPknOd3K70JAtw6hoizysubMABgRVZ3I9CxBvfPAWl0OD8v25Qreh20PEn4X
qKmQ1uwtydmIy5GJowx+92SBUUpQziU+xsFUe3mUdysVZW//nbJQvwe4NsvLigd9
GCc6iQ1XwN7mOw4zRralX6UYb6jyS+JOBLFO1nauu7v4JJdchW+k1egWYbcwnUs+
KMocxRRatZVv+SXbRaNzyYNwVUZY+cksRk0CkUt1+cKY0auFicPEl/nDkQURr1lX
b34agD2hk4TPLlVCoC9Y1ucl/9P7t9xHZBGFFspFthGUdH/KmgXN6Qff7/bOcuFd
j1nQBlmjYB01SDJ6Dx78HxIZrscCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRAJXYa
HX4UaU/qzttuWfueQDJyKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzdiYzY3OWItNTE5OS00M2MyLTgxOTktYmU1YzA0YTZjMGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/A
QDANBgkqhkiG9w0BAQsFAAOCAQEATZIlrBCrLN1oJQLnwVK4Mk2tasOovOnavBOb
goArGHbObsuBHeoixeX4RMNcu7NWUYgIkFHQ4eUylozddBH14jTNKtfuGF6IeY6J
mMxvHXlsQ97pHSPPvCya1LSKDekq1PtNz1qS/3XVN0eEoamwynpA2lTKZNIl9DfR
JGk1b6tt25VhmHA3i4sD8HExgPfFGpZdJPgmj+8ihNzqRQx8uKh2K9cGwTqbnTCO
YQDq44AgJS7A7R6FWsYpoIFnFCcD5OVSo7AMKlLU4aUrorDjMz2yIVwC4hO7Q9+W
mxOt1H9kGTbMOHObmvHyZ3ZDKSP1hSELG6966f52qXsxsNO6PA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:11 2025 by rpki-client