Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
File: 7802179a-c80f-42f1-a50b-a0af1df078c2.roa (raw, json)
Hash identifier: E7CEVlUmIrlpsUf9i2zgwjeoNYn/bJvgIPNHiceGlRc=
Subject key identifier: 3A:8F:F2:42:23:A6:B9:BA:9E:F1:93:00:9F:D8:FC:91:57:BA:06:23
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B6743E0CA68032C6B6D6C51A3B0F2BD0814A0F4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
Signing time: Sat 12 Jul 2025 00:51:25 +0000
ROA not before: Sat 12 Jul 2025 00:51:25 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:67:43:e0:ca:68:03:2c:6b:6d:6c:51:a3:b0:f2:bd:08:14:a0:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:51:25 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=cac200bfe6ec37d75a157d348880938ab0415ace8a46c630d494e4cb9acc87f5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:23:5f:93:4d:8e:d8:0d:64:97:fa:36:5f:f6:
79:bd:24:37:c4:e3:c2:60:71:6d:14:38:e4:41:64:
25:0b:57:6f:59:63:db:56:26:8e:73:33:c0:32:12:
25:2e:02:f1:f7:f5:02:52:cc:a7:7f:39:f0:a6:32:
71:c8:eb:98:49:f3:c2:27:31:4e:82:55:6f:ac:5c:
59:50:2c:6a:dc:78:ca:1e:8c:f5:d7:8e:31:2f:72:
f9:9b:48:65:62:61:8e:ac:79:69:95:19:42:3d:82:
7d:36:6c:50:c8:87:d7:0e:84:c0:30:53:7d:bc:98:
ec:d6:62:07:6b:55:fb:6a:9c:eb:61:9e:6e:b7:82:
af:a8:f0:c4:02:df:24:37:8f:66:5e:c8:fd:5a:a5:
d1:14:ba:72:4a:fe:b5:36:2e:91:92:65:22:a4:60:
26:e8:a9:db:bd:22:26:92:dc:10:4f:f0:1b:3f:47:
f3:9f:83:7d:e4:56:79:a8:f3:1f:72:4b:ea:0a:d2:
91:60:6a:33:18:29:51:c8:42:6d:4e:30:ef:f9:95:
08:52:d8:e8:81:c0:d9:a5:39:22:ec:d6:53:cb:57:
1d:d6:ac:2f:bd:9d:bb:f3:90:d0:05:ea:5e:42:e6:
85:fa:da:d7:f3:a0:fc:7f:e3:8d:b9:1d:77:46:84:
47:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:8F:F2:42:23:A6:B9:BA:9E:F1:93:00:9F:D8:FC:91:57:BA:06:23
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:4000::/40
Signature Algorithm: sha256WithRSAEncryption
58:d3:b5:6a:79:51:df:e4:1d:d7:f7:94:7d:e2:a2:8b:8a:f7:
e7:8d:86:d9:c3:f6:0d:9c:f5:04:ec:f5:a1:64:11:4d:59:4e:
38:3c:c0:35:b1:64:b1:65:b1:45:d0:10:83:f8:ae:62:56:d5:
c9:14:22:10:52:41:b9:25:be:55:0d:23:af:8a:f9:eb:9b:40:
bc:d5:4f:57:92:fa:6f:cf:b0:aa:8c:f7:28:2e:6d:bd:79:5b:
ab:18:d2:74:ea:30:4f:dc:6d:2c:73:71:79:7a:8e:e0:a1:2f:
2e:9a:89:8a:5d:b7:fc:c9:5b:b5:85:a4:b5:7a:2f:0b:d5:4e:
0c:01:67:43:40:06:ae:e8:93:d4:d4:01:8e:13:96:3f:25:c7:
0e:fb:ca:fa:05:89:88:b0:b6:13:4f:5a:e5:be:22:88:6f:d4:
eb:6f:a4:c4:15:60:08:e1:da:3a:eb:ef:3c:28:74:45:71:02:
fb:fc:cb:44:8c:45:97:69:a5:2f:ed:4f:3e:05:ed:37:5e:8a:
e1:57:be:d5:27:14:0b:0a:52:74:e0:4e:83:6e:06:5c:0e:39:
03:01:db:be:c0:7a:7a:42:28:da:c3:9c:6e:55:45:a3:13:f0:
1f:05:3d:b1:10:30:13:eb:6f:7d:2e:06:60:b3:cd:1a:d7:cc:
53:b4:e9:19
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG2dD4MpoAyxrbWxRo7DyvQgUoPQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUxMjVaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhYzIwMGJmZTZlYzM3ZDc1YTE1N2QzNDg4ODA5MzhhYjA0MTVhY2U4YTQ2
YzYzMGQ0OTRlNGNiOWFjYzg3ZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANkjX5NNjtgNZJf6Nl/2eb0kN8TjwmBxbRQ45EFkJQtXb1lj21YmjnMzwDIS
JS4C8ff1AlLMp3858KYyccjrmEnzwicxToJVb6xcWVAsatx4yh6M9deOMS9y+ZtI
ZWJhjqx5aZUZQj2CfTZsUMiH1w6EwDBTfbyY7NZiB2tV+2qc62GebreCr6jwxALf
JDePZl7I/Vql0RS6ckr+tTYukZJlIqRgJuip270iJpLcEE/wGz9H85+DfeRWeajz
H3JL6grSkWBqMxgpUchCbU4w7/mVCFLY6IHA2aU5IuzWU8tXHdasL72du/OQ0AXq
XkLmhfra1/Og/H/jjbkdd0aERysCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ6j/JC
I6a5up7xkwCf2PyRV7oGIzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzgwMjE3OWEtYzgwZi00MmYxLWE1MGItYTBhZjFkZjA3OGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FlA
MA0GCSqGSIb3DQEBCwUAA4IBAQBY07VqeVHf5B3X95R94qKLivfnjYbZw/YNnPUE
7PWhZBFNWU44PMA1sWSxZbFF0BCD+K5iVtXJFCIQUkG5Jb5VDSOvivnrm0C81U9X
kvpvz7CqjPcoLm29eVurGNJ06jBP3G0sc3F5eo7goS8umomKXbf8yVu1haS1ei8L
1U4MAWdDQAau6JPU1AGOE5Y/JccO+8r6BYmIsLYTT1rlviKIb9Trb6TEFWAI4do6
6+88KHRFcQL7/MtEjEWXaaUv7U8+Be03XorhV77VJxQLClJ04E6DbgZcDjkDAdu+
wHp6Qijaw5xuVUWjE/AfBT2xEDAT6299LgZgs80a18xTtOkZ
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:32:29 2025 by rpki-client