Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa
File: 788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa (raw, json)
Hash identifier: dnkiwWlyKILBd5TX7ErPHf+BuXZWIjawS8bsiDKliQk=
Subject key identifier: 48:12:11:F0:A0:CC:15:54:FC:CC:FE:97:C3:E0:27:59:A4:7D:8A:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4ABB9BA6BA7A90FF8B316AAF93C2647A3EA457C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa
Signing time: Sat 12 Jul 2025 00:50:42 +0000
ROA not before: Sat 12 Jul 2025 00:50:42 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:bb:9b:a6:ba:7a:90:ff:8b:31:6a:af:93:c2:64:7a:3e:a4:57:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:50:42 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=bbe2b3601047cc039444e9bc44f49f143d591a9e6501c1d141ab4b6db5a9ddd9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:68:46:54:8f:86:c4:b8:7a:da:00:e9:f4:fc:
39:35:49:4a:c0:e1:d0:cf:cc:6d:bd:16:67:fe:83:
0a:c6:8f:d9:9e:b1:94:4e:15:9e:25:22:f8:cc:6a:
86:b7:80:f1:54:4a:23:27:1e:13:95:6b:13:98:60:
e2:91:70:50:cf:c3:37:23:9f:2a:ca:26:cf:5e:94:
ae:1b:8b:ff:03:56:bf:cb:ac:d6:45:1f:05:fb:62:
29:3e:ae:96:82:34:c2:9a:53:6d:9b:b6:18:d6:88:
11:e8:08:7f:39:90:3a:61:15:23:02:25:e1:c3:1b:
5e:62:f6:28:6a:c6:16:24:67:0d:b0:83:7d:40:e1:
64:71:ba:0e:29:73:dc:6a:5f:c2:1c:bb:88:8f:90:
7b:7a:99:59:94:df:71:f1:a1:66:85:ce:96:ee:ad:
cb:b1:33:5f:54:e3:9f:25:54:d2:be:0a:82:b5:83:
00:49:b6:e6:86:91:ad:ef:70:8c:b5:fd:b8:f8:58:
03:78:f8:38:94:0d:78:54:11:39:20:f5:66:74:41:
f2:3e:ff:e1:9c:35:da:07:11:dd:87:64:5e:c1:a0:
22:71:a5:c7:d4:7c:46:ec:0b:66:3f:10:4c:ec:5f:
51:ba:d1:d8:66:e1:67:2a:5b:b1:de:79:11:27:5c:
1d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:12:11:F0:A0:CC:15:54:FC:CC:FE:97:C3:E0:27:59:A4:7D:8A:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:9000::/40
Signature Algorithm: sha256WithRSAEncryption
ae:59:d4:d1:ae:0a:3b:a0:7a:94:76:1d:dc:35:25:be:f5:e1:
e0:ae:4a:95:7d:0e:35:f7:37:c2:4a:4b:31:98:43:0d:c1:3a:
d5:ce:c6:99:1b:5e:97:a4:2d:53:bf:76:1a:64:ec:f8:db:b1:
1a:74:da:b8:00:bc:d7:cf:44:dc:84:62:8a:09:89:34:ec:a8:
a6:70:d1:24:56:3f:0a:21:df:96:54:16:f6:f7:12:8c:c3:16:
de:ca:f6:31:b4:ea:2a:55:67:35:6e:9f:13:f8:a2:07:45:6c:
80:30:ee:89:28:d4:68:90:3b:e3:30:d5:74:2e:ff:47:3e:2a:
c5:fd:0c:86:5a:5c:1c:ee:23:fe:0c:bc:4b:5c:66:56:71:38:
f8:c9:c3:16:8c:58:7f:5b:19:9d:85:a1:24:b1:30:03:35:04:
1b:cf:c3:85:2d:2a:1b:da:43:7d:99:9b:8f:1f:11:58:ea:db:
46:b6:85:22:f5:f4:c4:56:e9:c1:b1:1e:47:ea:4b:59:ee:08:
20:bb:4d:cf:3a:0c:a9:63:f7:e9:3e:3e:36:6c:d5:3f:3d:48:
46:fd:a4:60:6f:25:39:a0:c4:6a:69:f2:26:f9:7e:35:78:d9:
77:92:d3:86:c7:ce:3f:81:42:0c:51:1e:dd:11:d3:1c:d6:34:
0d:d3:cf:83
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSrubprp6kP+LMWqvk8Jkej6kV8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUwNDJaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiZTJiMzYwMTA0N2NjMDM5NDQ0ZTliYzQ0ZjQ5ZjE0M2Q1OTFhOWU2NTAx
YzFkMTQxYWI0YjZkYjVhOWRkZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMloRlSPhsS4etoA6fT8OTVJSsDh0M/Mbb0WZ/6DCsaP2Z6xlE4VniUi+Mxq
hreA8VRKIyceE5VrE5hg4pFwUM/DNyOfKsomz16UrhuL/wNWv8us1kUfBftiKT6u
loI0wppTbZu2GNaIEegIfzmQOmEVIwIl4cMbXmL2KGrGFiRnDbCDfUDhZHG6Dilz
3Gpfwhy7iI+Qe3qZWZTfcfGhZoXOlu6ty7EzX1TjnyVU0r4KgrWDAEm25oaRre9w
jLX9uPhYA3j4OJQNeFQROSD1ZnRB8j7/4Zw12gcR3YdkXsGgInGlx9R8RuwLZj8Q
TOxfUbrR2GbhZypbsd55ESdcHdMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRIEhHw
oMwVVPzM/pfD4CdZpH2KpjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzg4ZDlkMjMtYmEzZi00MmM0LWIxYTMtODBmMjQxNGVmYjQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DiQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCuWdTRrgo7oHqUdh3cNSW+9eHgrkqVfQ419zfC
SksxmEMNwTrVzsaZG16XpC1Tv3YaZOz427EadNq4ALzXz0TchGKKCYk07KimcNEk
Vj8KId+WVBb29xKMwxbeyvYxtOoqVWc1bp8T+KIHRWyAMO6JKNRokDvjMNV0Lv9H
PirF/QyGWlwc7iP+DLxLXGZWcTj4ycMWjFh/WxmdhaEksTADNQQbz8OFLSob2kN9
mZuPHxFY6ttGtoUi9fTEVunBsR5H6ktZ7gggu03POgypY/fpPj42bNU/PUhG/aRg
byU5oMRqafIm+X41eNl3ktOGx84/gUIMUR7dEdMc1jQN08+D
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:50 2025 by rpki-client