Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
File: 7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa (raw, json)
Hash identifier: uWnYV9bE0H4fWTv7w/ZLVSbLOVWWSEGHMF5Wm671Omg=
Subject key identifier: 9B:0B:58:03:A5:4A:F2:B8:D6:9C:9C:E7:65:D9:3E:98:90:AC:9F:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7360C45579C77F3DFF861D0D6AE8B4307192ACD4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
Signing time: Sat 12 Jul 2025 00:51:15 +0000
ROA not before: Sat 12 Jul 2025 00:51:15 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:60:c4:55:79:c7:7f:3d:ff:86:1d:0d:6a:e8:b4:30:71:92:ac:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:51:15 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=56d9052a2f72910f06ffbe5cec5a07fd29a9c3421ae74c78123e6d3ea92b658e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:3e:d1:93:7c:e5:04:ca:4f:8d:03:fd:cf:db:
7f:f4:4d:8a:98:d4:58:0e:91:5c:f0:c1:8f:25:5f:
25:e3:67:56:ba:a0:97:e7:fb:f4:fa:db:9f:72:be:
41:d6:13:37:05:e8:69:bd:49:74:50:c6:71:cf:27:
91:e9:31:d8:09:27:ab:14:a2:ab:92:c1:42:f1:10:
5e:ab:f6:70:92:28:97:3a:4d:75:02:cd:c7:94:ee:
be:eb:fb:5a:c6:0d:cd:e6:f0:ee:87:2e:b5:f4:79:
d0:3c:29:f5:2c:59:8d:aa:df:2d:aa:39:c9:9b:c8:
e6:7c:e0:d7:ba:d5:9a:af:06:f7:44:f4:04:35:c7:
e8:e2:ab:c4:c4:d4:5a:f4:0f:d2:a4:da:62:06:93:
17:86:aa:96:ca:77:99:47:b8:db:83:24:b3:06:3a:
69:ef:ab:51:0e:f0:a4:b0:75:fe:83:3b:95:8e:cf:
ca:2a:05:a7:ca:e5:89:ec:91:bb:a3:af:5b:53:8a:
51:98:d8:7c:57:31:31:33:a5:2c:81:2e:ee:c2:8e:
2c:36:9f:47:ee:b5:4f:79:06:f7:e0:8d:f5:1c:f6:
0d:b7:f0:b7:fe:a1:cc:94:12:5d:b9:ce:f1:fb:df:
63:6d:5f:87:27:91:14:19:93:d3:9f:bb:1b:a0:92:
08:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:0B:58:03:A5:4A:F2:B8:D6:9C:9C:E7:65:D9:3E:98:90:AC:9F:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:e000::/40
Signature Algorithm: sha256WithRSAEncryption
58:9f:19:69:d1:eb:b0:5c:f2:e7:df:20:d6:ed:83:08:85:31:
55:82:e1:02:b3:43:9a:1c:96:e7:15:ff:b4:42:a5:a1:bc:69:
6d:01:31:5e:b4:8f:ff:9e:ed:8d:83:10:a3:37:13:e7:fb:30:
e2:5e:85:64:e2:28:5e:d2:26:7b:28:07:6e:b1:de:c7:f4:78:
78:74:a4:81:67:58:39:d1:b0:3e:00:ae:a5:09:f3:cc:4e:af:
b8:99:24:7c:b4:c3:b2:f7:31:da:41:ea:dd:9f:d0:56:56:47:
1e:1b:b5:ad:87:5f:1c:c8:1b:9b:56:19:70:9f:e6:ad:8e:a4:
a8:78:06:d9:81:4c:3a:8d:ed:98:95:d1:ec:36:f4:7d:4c:53:
ea:82:0d:df:29:1f:37:99:af:78:b3:ba:88:de:a3:b4:fd:e9:
f8:59:5c:7f:73:c4:15:65:4d:04:99:ab:b7:e6:ea:dd:d1:17:
6a:3f:79:e9:6b:07:5f:6a:e5:af:c3:0d:5b:30:99:3a:78:92:
25:43:dc:10:d3:4d:f6:fb:3b:31:3d:be:d0:ef:dd:ff:4b:4a:
92:2c:7b:68:31:e9:66:9c:c3:29:99:6f:b0:79:1a:b9:ed:27:
3d:50:75:8d:17:e3:a0:58:0a:f1:9a:fe:62:7b:a6:b0:b3:57:
8c:c3:7a:37
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc2DEVXnHfz3/hh0Naui0MHGSrNQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUxMTVaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2ZDkwNTJhMmY3MjkxMGYwNmZmYmU1Y2VjNWEwN2ZkMjlhOWMzNDIxYWU3
NGM3ODEyM2U2ZDNlYTkyYjY1OGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN0+0ZN85QTKT40D/c/bf/RNipjUWA6RXPDBjyVfJeNnVrqgl+f79Prbn3K+
QdYTNwXoab1JdFDGcc8nkekx2AknqxSiq5LBQvEQXqv2cJIolzpNdQLNx5Tuvuv7
WsYNzebw7ocutfR50Dwp9SxZjarfLao5yZvI5nzg17rVmq8G90T0BDXH6OKrxMTU
WvQP0qTaYgaTF4aqlsp3mUe424MkswY6ae+rUQ7wpLB1/oM7lY7PyioFp8rlieyR
u6OvW1OKUZjYfFcxMTOlLIEu7sKOLDafR+61T3kG9+CN9Rz2Dbfwt/6hzJQSXbnO
8fvfY21fhyeRFBmT05+7G6CSCIcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSbC1gD
pUryuNacnOdl2T6YkKyfADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2EyMjE1ZTctNWVlMi00MjBiLThmOTgtNWUwZmFlZjRjYmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Djg
MA0GCSqGSIb3DQEBCwUAA4IBAQBYnxlp0euwXPLn3yDW7YMIhTFVguECs0OaHJbn
Ff+0QqWhvGltATFetI//nu2NgxCjNxPn+zDiXoVk4ihe0iZ7KAdusd7H9Hh4dKSB
Z1g50bA+AK6lCfPMTq+4mSR8tMOy9zHaQerdn9BWVkceG7Wth18cyBubVhlwn+at
jqSoeAbZgUw6je2YldHsNvR9TFPqgg3fKR83ma94s7qI3qO0/en4WVx/c8QVZU0E
mau35urd0RdqP3npawdfauWvww1bMJk6eJIlQ9wQ0032+zsxPb7Q793/S0qSLHto
MelmnMMpmW+weRq57Sc9UHWNF+OgWArxmv5ie6aws1eMw3o3
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:26 2025 by rpki-client