Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/780dce66-c0fd-40f4-9a09-0015d6bf272c.roa
File: 780dce66-c0fd-40f4-9a09-0015d6bf272c.roa (raw, json)
Hash identifier: Z2Uv9yp9Ss0r3gWZVJoS6eV3rICcxHZei1PqpJPPqBA=
Subject key identifier: 1E:FB:8E:75:3C:63:C1:61:89:23:4E:01:D4:22:FF:90:01:9A:39:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 793CEE8022A315A27158A74FF72374FFCB883F29
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/780dce66-c0fd-40f4-9a09-0015d6bf272c.roa
Signing time: Fri 11 Jul 2025 20:00:05 +0000
ROA not before: Fri 11 Jul 2025 20:00:05 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:90c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:3c:ee:80:22:a3:15:a2:71:58:a7:4f:f7:23:74:ff:cb:88:3f:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:00:05 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=ddd8020d72100e0e0455e1d9e760f92def3bfa6fcc3f6d79624b8e6bc3e70cd8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fd:03:46:b5:ce:e9:b3:f7:12:26:29:ab:97:
ab:a9:d9:f5:b7:1f:99:4a:80:97:5b:09:e5:ec:96:
c7:bc:b6:58:54:55:36:e0:6e:90:78:61:e6:74:28:
55:a6:ae:e5:89:6e:bf:4e:79:91:0a:32:0a:6f:0f:
f3:7d:f2:75:15:d3:fd:15:a6:10:f3:c7:62:4b:f0:
12:33:84:d5:c3:70:c3:6f:f3:39:eb:34:d3:5b:8b:
e2:5a:9b:c8:ce:28:f1:0e:98:ae:cf:65:a0:08:c9:
ea:ed:8d:fb:d2:a4:c3:a0:b9:ab:56:a0:ad:3d:11:
c0:8e:6d:79:fb:09:ee:45:20:ff:4f:20:83:4f:2c:
c0:29:b3:da:b6:bb:67:7f:13:69:b6:ef:84:ca:7d:
40:57:55:1b:21:c0:9e:63:e4:f9:15:56:f9:61:f4:
ed:32:89:84:60:d2:65:58:31:d0:7b:6f:48:df:1c:
dc:0b:c3:70:66:4d:e1:69:b4:67:00:c6:43:71:eb:
e6:6d:50:08:01:45:87:9e:3d:ad:48:1b:89:ad:dd:
43:f1:85:09:11:0f:35:73:0f:30:f5:4b:a6:06:8b:
e5:ac:50:2a:9c:67:e4:89:5a:b0:90:02:5d:97:45:
a1:31:36:b9:31:93:60:44:71:2e:b3:4a:e3:a4:97:
41:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:FB:8E:75:3C:63:C1:61:89:23:4E:01:D4:22:FF:90:01:9A:39:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/780dce66-c0fd-40f4-9a09-0015d6bf272c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:90c0::/46
Signature Algorithm: sha256WithRSAEncryption
24:ce:20:1d:2a:b8:7b:ec:09:fe:25:02:02:a5:1c:ed:19:36:
0c:e8:eb:5c:c7:d4:b7:ee:6d:d8:a3:09:8a:20:1a:b1:95:3e:
d8:51:49:63:10:5d:e0:b5:b9:66:5e:a8:20:87:34:02:94:d8:
08:68:d7:c6:04:1e:96:dc:3e:36:c5:03:f4:8e:b6:96:aa:ca:
99:59:dd:08:51:9a:a7:28:37:f2:8a:0a:ca:03:09:80:26:03:
97:b3:d5:2e:73:68:e2:69:20:2a:75:7f:77:5c:04:e6:7c:31:
3f:5d:f1:12:46:c0:55:9b:e4:06:eb:ec:e8:9f:8c:e6:f2:fe:
3c:ee:ac:19:03:be:67:a4:f0:09:a2:c6:c6:d8:02:15:b5:4e:
36:bf:cc:3d:0d:20:1a:35:d2:cf:12:39:98:58:45:1f:61:a2:
5b:0c:70:4f:50:cc:b2:b9:26:a3:9f:9b:db:3c:22:db:03:0b:
f1:88:05:95:71:4c:39:bb:37:88:89:fa:38:c3:b8:75:a1:df:
3a:7a:b5:ff:a0:dd:d3:d0:5d:70:a4:4e:a4:36:ce:33:84:a2:
cb:29:f8:fc:d3:8b:e9:fd:45:73:77:ac:43:fb:06:b5:6a:4e:
01:ee:bf:7d:90:5f:69:ee:d0:c8:dd:44:6f:1a:27:47:f8:d5:
54:58:f7:2c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeTzugCKjFaJxWKdP9yN0/8uIPykwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAwMDVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkZDgwMjBkNzIxMDBlMGUwNDU1ZTFkOWU3NjBmOTJkZWYzYmZhNmZjYzNm
NmQ3OTYyNGI4ZTZiYzNlNzBjZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALT9A0a1zumz9xImKauXq6nZ9bcfmUqAl1sJ5eyWx7y2WFRVNuBukHhh5nQo
Vaau5Yluv055kQoyCm8P833ydRXT/RWmEPPHYkvwEjOE1cNww2/zOes001uL4lqb
yM4o8Q6Yrs9loAjJ6u2N+9Kkw6C5q1agrT0RwI5tefsJ7kUg/08gg08swCmz2ra7
Z38TabbvhMp9QFdVGyHAnmPk+RVW+WH07TKJhGDSZVgx0HtvSN8c3AvDcGZN4Wm0
ZwDGQ3Hr5m1QCAFFh549rUgbia3dQ/GFCREPNXMPMPVLpgaL5axQKpxn5IlasJAC
XZdFoTE2uTGTYERxLrNK46SXQTcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQe+451
PGPBYYkjTgHUIv+QAZo5ZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzgwZGNlNjYtYzBmZC00MGY0LTlhMDktMDAxNWQ2YmYyNzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAJM4gHSq4e+wJ/iUCAqUc7Rk2DOjrXMfUt+5t
2KMJiiAasZU+2FFJYxBd4LW5Zl6oIIc0ApTYCGjXxgQeltw+NsUD9I62lqrKmVnd
CFGapyg38ooKygMJgCYDl7PVLnNo4mkgKnV/d1wE5nwxP13xEkbAVZvkBuvs6J+M
5vL+PO6sGQO+Z6TwCaLGxtgCFbVONr/MPQ0gGjXSzxI5mFhFH2GiWwxwT1DMsrkm
o5+b2zwi2wML8YgFlXFMObs3iIn6OMO4daHfOnq1/6Dd09BdcKROpDbOM4Siyyn4
/NOL6f1Fc3esQ/sGtWpOAe6/fZBfae7QyN1EbxonR/jVVFj3LA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:35:14 2025 by rpki-client