Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ab64f0c-c76e-4d78-bdcc-28b3e3d8a5cc.roa
File: 7ab64f0c-c76e-4d78-bdcc-28b3e3d8a5cc.roa (raw, json)
Hash identifier: VxHg1tRp/0Nq2nYDttcrqxmAXrvjP6/tBIKisdbNwgw=
Subject key identifier: 6E:91:79:E7:40:1A:35:FE:4B:98:9C:63:30:15:70:03:05:3A:CA:2D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 66939D091157226A254C2943A5B50A575DF5322E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ab64f0c-c76e-4d78-bdcc-28b3e3d8a5cc.roa
Signing time: Fri 11 Jul 2025 20:00:16 +0000
ROA not before: Fri 11 Jul 2025 20:00:16 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:93:9d:09:11:57:22:6a:25:4c:29:43:a5:b5:0a:57:5d:f5:32:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:00:16 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=2e47b03bb074ee41cd70daa0fe75fb72f8c8f56ba70ec7bc82e5c104328a8fed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a4:27:fb:db:0b:6b:90:73:07:48:12:75:c3:
0c:d3:44:56:41:bb:dd:e7:4b:f9:65:38:e3:77:5c:
3f:c3:6b:13:08:f3:9c:59:30:55:cb:ca:cb:6a:4d:
6f:e8:a9:4b:d5:80:7d:b5:15:2f:fb:64:35:b9:7c:
a9:d5:7a:95:c3:97:7f:cb:00:34:ae:19:5b:9c:b3:
4b:f6:af:e1:fb:8e:6b:23:d1:cd:47:11:af:dd:a9:
0a:6c:a7:92:80:e8:b4:18:df:bc:29:b5:59:9b:b2:
0e:13:aa:c6:f3:f7:c2:a8:27:c4:9e:c5:94:a5:c5:
51:5e:20:4e:89:6a:a6:4a:1a:f2:23:ae:c5:d5:0e:
f3:82:7e:63:27:96:81:02:7c:7e:04:ba:8d:de:41:
45:c9:29:be:18:87:48:5c:0e:6a:0a:ee:10:b7:ff:
c7:65:03:b7:f2:92:48:63:43:3c:20:3e:a3:f7:19:
9d:09:7a:9b:e8:4e:db:35:6f:c2:04:7d:52:d4:2d:
47:e0:ab:66:15:79:96:8e:a2:4b:93:50:85:41:4a:
b2:66:2d:60:9b:1a:65:6f:47:08:4e:f6:b4:b3:6b:
50:39:08:0c:f2:0c:e6:fc:ff:69:26:5d:29:0e:ed:
14:96:9b:8d:83:83:75:c0:2a:04:27:ee:35:64:e5:
61:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:91:79:E7:40:1A:35:FE:4B:98:9C:63:30:15:70:03:05:3A:CA:2D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ab64f0c-c76e-4d78-bdcc-28b3e3d8a5cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:b000::/40
Signature Algorithm: sha256WithRSAEncryption
57:ce:23:ce:66:0a:00:47:d0:09:af:8d:34:e4:99:1d:6a:6f:
e1:8d:3c:81:85:14:28:1d:12:01:c5:d2:ca:f8:3b:80:f1:89:
71:6f:b5:69:87:3c:1b:81:2e:38:07:68:b7:89:90:8d:f5:4d:
74:83:d1:3c:ec:75:a4:fa:30:f3:d7:2f:d9:1b:38:89:6c:4f:
37:90:7d:49:5d:74:ef:79:9c:9f:aa:88:2c:79:30:33:d6:27:
fa:39:4d:81:2d:c5:9a:2c:6e:2b:7c:96:b8:f1:6a:01:96:20:
00:1c:b8:ad:35:88:92:ee:21:c8:fb:df:28:ec:3b:f0:ec:4a:
24:7a:f6:91:42:73:6b:38:85:03:ae:09:d7:2e:f2:0e:33:aa:
21:fb:eb:bc:4e:c9:77:ff:49:3f:85:3a:5c:fa:2d:ae:df:b9:
80:f4:74:f3:01:89:a6:32:10:22:4b:3f:db:98:68:13:9e:a5:
6b:20:78:72:55:61:d7:8d:e7:4f:ba:e8:93:a8:a2:57:c7:c0:
6e:ae:8e:57:5e:7a:47:d3:6c:59:a1:e2:16:ca:15:d1:91:c1:
77:6d:52:03:05:90:49:18:ba:aa:c8:55:ef:b8:cc:38:14:2e:
8b:b8:04:ff:fc:e6:27:b2:b2:51:b5:1a:a2:fa:9d:cf:02:08:
c0:35:47:aa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZpOdCRFXImolTClDpbUKV131Mi4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAwMTZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlNDdiMDNiYjA3NGVlNDFjZDcwZGFhMGZlNzVmYjcyZjhjOGY1NmJhNzBl
YzdiYzgyZTVjMTA0MzI4YThmZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6kJ/vbC2uQcwdIEnXDDNNEVkG73edL+WU443dcP8NrEwjznFkwVcvKy2pN
b+ipS9WAfbUVL/tkNbl8qdV6lcOXf8sANK4ZW5yzS/av4fuOayPRzUcRr92pCmyn
koDotBjfvCm1WZuyDhOqxvP3wqgnxJ7FlKXFUV4gTolqpkoa8iOuxdUO84J+YyeW
gQJ8fgS6jd5BRckpvhiHSFwOagruELf/x2UDt/KSSGNDPCA+o/cZnQl6m+hO2zVv
wgR9UtQtR+CrZhV5lo6iS5NQhUFKsmYtYJsaZW9HCE72tLNrUDkIDPIM5vz/aSZd
KQ7tFJabjYODdcAqBCfuNWTlYeECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRukXnn
QBo1/kuYnGMwFXADBTrKLTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2FiNjRmMGMtYzc2ZS00ZDc4LWJkY2MtMjhiM2UzZDhhNWNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Huw
MA0GCSqGSIb3DQEBCwUAA4IBAQBXziPOZgoAR9AJr4005Jkdam/hjTyBhRQoHRIB
xdLK+DuA8Ylxb7VphzwbgS44B2i3iZCN9U10g9E87HWk+jDz1y/ZGziJbE83kH1J
XXTveZyfqogseTAz1if6OU2BLcWaLG4rfJa48WoBliAAHLitNYiS7iHI+98o7Dvw
7EokevaRQnNrOIUDrgnXLvIOM6oh++u8Tsl3/0k/hTpc+i2u37mA9HTzAYmmMhAi
Sz/bmGgTnqVrIHhyVWHXjedPuuiTqKJXx8Buro5XXnpH02xZoeIWyhXRkcF3bVID
BZBJGLqqyFXvuMw4FC6LuAT//OYnsrJRtRqi+p3PAgjANUeq
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:32:26 2025 by rpki-client