Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/791beea0-a041-4e83-a3bb-074f4f65225c.roa
File: 791beea0-a041-4e83-a3bb-074f4f65225c.roa (raw, json)
Hash identifier: LJ5Tx6TBkKhrgH8ARfdlWc3vKfmLZmQRGSCa8pldLz8=
Subject key identifier: 3B:16:AE:BD:D6:4D:D7:F1:E6:02:9B:AF:D5:2E:42:E2:07:BF:EE:09
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76952B5B4479C2444B785A9DED5D2C142B670E86
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/791beea0-a041-4e83-a3bb-074f4f65225c.roa
Signing time: Fri 11 Jul 2025 19:50:17 +0000
ROA not before: Fri 11 Jul 2025 19:50:17 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:50c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:95:2b:5b:44:79:c2:44:4b:78:5a:9d:ed:5d:2c:14:2b:67:0e:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:50:17 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=cb3db317452533ea9cb4c929c5ba4407af82c4d8cc774112d3cba98b0349b3e3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e0:9b:fc:35:22:2c:80:ac:13:33:e0:8f:35:
68:e5:e6:49:07:ee:82:28:e6:63:7b:71:60:86:a0:
26:4f:ac:2b:38:18:7d:4a:67:dc:79:6d:ad:32:4c:
68:84:84:21:25:73:d5:ed:0e:4c:10:2a:d7:d9:8d:
5c:f5:c0:7f:79:38:a7:83:1b:94:b7:54:94:78:a8:
ea:55:40:c8:19:0d:ee:f4:e0:d2:c3:fc:5a:7a:b2:
bf:f4:10:99:25:63:87:9c:e3:f9:08:c6:86:c4:6e:
d4:00:e3:df:c6:c6:d1:d8:5c:41:e8:40:af:ec:d9:
c1:a7:08:f1:ea:bd:1a:43:f1:c1:28:3c:df:1c:99:
32:2e:a9:63:70:f4:59:9e:c4:ad:e3:0a:5b:a9:c8:
74:39:02:59:e2:ae:9a:73:7d:d7:79:97:f7:d4:f2:
8b:84:c5:a0:79:d2:65:7e:a4:43:40:41:c3:4d:da:
f8:5f:01:28:e2:f8:a7:ce:c4:21:b5:91:ba:2c:d1:
49:ca:14:a3:d6:4e:5e:c9:57:17:6e:9c:81:25:ba:
f3:50:f3:24:e6:26:80:71:a7:70:9c:0a:cd:55:da:
1f:da:d8:c5:4e:14:e3:10:4f:ab:7b:a1:4b:3c:24:
52:ff:97:20:b8:f0:6d:f0:b7:c7:bf:4a:20:ed:dd:
6f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:16:AE:BD:D6:4D:D7:F1:E6:02:9B:AF:D5:2E:42:E2:07:BF:EE:09
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/791beea0-a041-4e83-a3bb-074f4f65225c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:50c0::/46
Signature Algorithm: sha256WithRSAEncryption
10:9f:84:da:8c:a6:ad:ba:35:25:2c:8f:fe:05:49:a5:10:69:
b1:0c:8d:0a:3e:65:20:4b:12:f8:fe:05:24:d1:ce:02:3a:75:
9b:56:62:9e:c4:4d:75:26:7d:8b:71:4b:eb:05:61:66:6d:68:
b2:c8:3c:dc:38:de:de:e2:ba:7a:3b:b6:58:c8:c2:23:9c:98:
3b:c1:fd:50:23:7c:1e:03:a1:8d:2f:d1:19:04:96:d1:ce:1e:
ff:d4:4e:0b:a4:bd:e4:db:fd:f0:62:bb:96:e5:35:78:3c:e5:
66:21:23:16:65:15:8b:81:04:9e:6f:f0:62:c2:f9:dd:20:d3:
36:35:8d:99:09:21:bf:11:2e:ff:09:bf:6b:8c:b7:17:c7:60:
fa:f1:9f:95:f7:66:95:6b:52:48:0a:2b:20:6f:80:8a:3b:b8:
6c:77:6b:86:db:83:5d:6d:ef:28:c8:47:a7:8d:de:15:04:f7:
e1:cb:57:51:93:27:1c:c9:d9:03:b4:aa:23:e3:c8:3f:ce:71:
f1:e1:36:db:0e:b2:1d:50:26:39:94:ab:93:3a:76:82:b6:ec:
77:12:0a:62:0d:82:ce:a9:d3:d6:79:6d:3e:40:5d:bb:1f:77:
40:4e:27:18:c0:ae:54:66:86:82:2e:52:0f:64:c2:61:f0:b5:
29:95:19:23
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdpUrW0R5wkRLeFqd7V0sFCtnDoYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUwMTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiM2RiMzE3NDUyNTMzZWE5Y2I0YzkyOWM1YmE0NDA3YWY4MmM0ZDhjYzc3
NDExMmQzY2JhOThiMDM0OWIzZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKDgm/w1IiyArBMz4I81aOXmSQfugijmY3txYIagJk+sKzgYfUpn3HltrTJM
aISEISVz1e0OTBAq19mNXPXAf3k4p4MblLdUlHio6lVAyBkN7vTg0sP8Wnqyv/QQ
mSVjh5zj+QjGhsRu1ADj38bG0dhcQehAr+zZwacI8eq9GkPxwSg83xyZMi6pY3D0
WZ7EreMKW6nIdDkCWeKumnN913mX99Tyi4TFoHnSZX6kQ0BBw03a+F8BKOL4p87E
IbWRuizRScoUo9ZOXslXF26cgSW681DzJOYmgHGncJwKzVXaH9rYxU4U4xBPq3uh
SzwkUv+XILjwbfC3x79KIO3db48CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ7Fq69
1k3X8eYCm6/VLkLiB7/uCTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzkxYmVlYTAtYTA0MS00ZTgzLWEzYmItMDc0ZjRmNjUyMjVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HdQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAEJ+E2oymrbo1JSyP/gVJpRBpsQyNCj5lIEsS
+P4FJNHOAjp1m1ZinsRNdSZ9i3FL6wVhZm1ossg83Dje3uK6eju2WMjCI5yYO8H9
UCN8HgOhjS/RGQSW0c4e/9ROC6S95Nv98GK7luU1eDzlZiEjFmUVi4EEnm/wYsL5
3SDTNjWNmQkhvxEu/wm/a4y3F8dg+vGflfdmlWtSSAorIG+Aiju4bHdrhtuDXW3v
KMhHp43eFQT34ctXUZMnHMnZA7SqI+PIP85x8eE22w6yHVAmOZSrkzp2grbsdxIK
Yg2CzqnT1nltPkBdux93QE4nGMCuVGaGgi5SD2TCYfC1KZUZIw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:17 2025 by rpki-client