Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a8386ee-14fb-4089-92bd-6b4b1c9c01a5.roa
File: 7a8386ee-14fb-4089-92bd-6b4b1c9c01a5.roa (raw, json)
Hash identifier: hBSjvvnIKDl8l0/H9gEd/7NxB7Rg3B0qCdCSvAsoP9A=
Subject key identifier: FC:75:56:20:59:BE:2E:90:BA:E6:11:97:02:21:59:3D:CA:10:C9:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06933734E432DB4FA8C243DC66CE53A8F960237B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a8386ee-14fb-4089-92bd-6b4b1c9c01a5.roa
Signing time: Fri 11 Jul 2025 19:40:03 +0000
ROA not before: Fri 11 Jul 2025 19:40:03 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:5080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:93:37:34:e4:32:db:4f:a8:c2:43:dc:66:ce:53:a8:f9:60:23:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:40:03 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=11cb1c19c65c648e026bed3ea3e44674ca80a0a91656815d53fe6beeb5249764, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ec:60:d4:4e:bb:95:a4:32:35:d2:f9:3c:e2:
4b:cd:44:47:8d:da:10:9d:c2:56:8e:6b:62:1d:7a:
ca:d1:2b:cd:fd:8a:1e:64:95:7d:4f:f4:47:a6:e1:
5e:f8:e5:39:20:ba:66:09:ce:28:06:a0:86:4e:7b:
0c:ad:31:49:8e:07:30:c7:13:97:bf:69:0a:b0:10:
d4:1f:a3:a8:c1:e8:48:22:63:88:3b:34:1d:f6:72:
14:db:47:b8:b0:58:3d:79:a7:49:9f:da:fa:a6:b2:
d0:e5:d7:45:18:be:02:8c:be:35:4f:53:a2:66:f6:
1c:4e:58:dc:5f:62:86:c7:79:8a:7e:e9:9c:49:83:
74:83:f3:a9:92:d9:96:7e:23:a7:c8:01:40:b0:33:
3f:4b:cd:ce:b5:60:43:4b:05:28:1d:fe:6e:1d:47:
48:62:20:cf:87:37:5d:b1:9c:54:6e:24:ac:e3:16:
f4:da:62:75:ef:cf:fd:e8:e8:d0:69:a5:73:4f:60:
c3:ee:fc:0c:31:13:2d:b0:62:d3:f7:69:fe:a3:bd:
de:18:d4:91:2b:7c:b8:e3:6b:2d:5d:bd:96:81:1f:
44:0b:d8:3c:c9:bb:d9:0f:c9:9d:ed:1c:20:52:b3:
49:3a:b3:3a:ad:d1:a9:d1:cb:11:d7:c1:bc:1c:5d:
7c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:75:56:20:59:BE:2E:90:BA:E6:11:97:02:21:59:3D:CA:10:C9:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a8386ee-14fb-4089-92bd-6b4b1c9c01a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:5080::/46
Signature Algorithm: sha256WithRSAEncryption
bf:69:c4:57:fd:89:b6:59:0b:34:f5:21:96:f8:14:d8:58:54:
68:b5:53:fc:02:2a:a2:3f:26:83:06:92:94:83:22:cf:91:c3:
c6:7c:a6:52:6d:3d:9d:1b:4a:bc:aa:9f:9a:8a:7b:bd:22:7d:
60:e6:62:fc:29:81:cf:8f:57:71:b8:f7:c3:10:e2:40:ab:68:
d1:68:bc:f3:f7:96:a7:8f:fc:06:3d:64:49:5d:13:6c:cf:dc:
0c:c0:36:fa:90:3e:46:81:11:fc:75:10:22:2d:6c:c8:b9:22:
59:51:f9:fe:a8:26:39:27:99:e7:46:01:28:f4:37:69:d2:83:
55:6c:80:12:72:d5:4c:1d:c6:26:d0:11:0a:ba:77:6e:38:ec:
03:57:6c:54:b9:d1:3a:32:e7:42:28:90:14:af:cf:c2:8e:17:
7e:07:f5:16:99:09:a4:d3:51:35:63:51:35:74:ad:fd:b6:34:
26:39:7f:e0:84:82:b6:99:63:c4:fe:30:d9:f8:32:a4:26:f8:
b4:fa:a5:fc:43:f7:04:46:9a:26:a8:9b:95:49:c9:5f:9c:a2:
2c:d0:32:2c:1c:36:5e:f7:0b:d0:0c:b1:74:46:3c:b0:10:e4:
9d:aa:34:a0:70:29:91:b6:72:aa:34:6b:8f:a3:44:8a:1a:f4:
ca:ba:84:c8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBpM3NOQy20+owkPcZs5TqPlgI3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTQwMDNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDExY2IxYzE5YzY1YzY0OGUwMjZiZWQzZWEzZTQ0Njc0Y2E4MGEwYTkxNjU2
ODE1ZDUzZmU2YmVlYjUyNDk3NjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjsYNROu5WkMjXS+TziS81ER43aEJ3CVo5rYh16ytErzf2KHmSVfU/0R6bh
XvjlOSC6ZgnOKAaghk57DK0xSY4HMMcTl79pCrAQ1B+jqMHoSCJjiDs0HfZyFNtH
uLBYPXmnSZ/a+qay0OXXRRi+Aoy+NU9Tomb2HE5Y3F9ihsd5in7pnEmDdIPzqZLZ
ln4jp8gBQLAzP0vNzrVgQ0sFKB3+bh1HSGIgz4c3XbGcVG4krOMW9Npide/P/ejo
0Gmlc09gw+78DDETLbBi0/dp/qO93hjUkSt8uONrLV29loEfRAvYPMm72Q/Jne0c
IFKzSTqzOq3RqdHLEdfBvBxdfE8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT8dVYg
Wb4ukLrmEZcCIVk9yhDJdDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2E4Mzg2ZWUtMTRmYi00MDg5LTkyYmQtNmI0YjFjOWMwMWE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DVQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAv2nEV/2JtlkLNPUhlvgU2FhUaLVT/AIqoj8m
gwaSlIMiz5HDxnymUm09nRtKvKqfmop7vSJ9YOZi/CmBz49Xcbj3wxDiQKto0Wi8
8/eWp4/8Bj1kSV0TbM/cDMA2+pA+RoER/HUQIi1syLkiWVH5/qgmOSeZ50YBKPQ3
adKDVWyAEnLVTB3GJtARCrp3bjjsA1dsVLnROjLnQiiQFK/Pwo4Xfgf1FpkJpNNR
NWNRNXSt/bY0Jjl/4ISCtpljxP4w2fgypCb4tPql/EP3BEaaJqiblUnJX5yiLNAy
LBw2XvcL0AyxdEY8sBDknao0oHApkbZyqjRrj6NEihr0yrqEyA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:36:25 2025 by rpki-client