Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7b0ce42c-74e9-48e1-9efc-180e262c3bc8.roa
File: 7b0ce42c-74e9-48e1-9efc-180e262c3bc8.roa (raw, json)
Hash identifier: 0gOcqd4D+hoBgnXq3dVGzhVb8Y8tcfdSHO/I+3MomdU=
Subject key identifier: 5A:44:FA:27:5B:46:27:07:83:2F:9E:C9:6D:CF:FD:B5:06:D7:FE:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25A0C816DCC39D251130F58B6D662FB40B9FCCBC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7b0ce42c-74e9-48e1-9efc-180e262c3bc8.roa
Signing time: Mon 07 Jul 2025 18:20:08 +0000
ROA not before: Mon 07 Jul 2025 18:20:08 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:880::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:a0:c8:16:dc:c3:9d:25:11:30:f5:8b:6d:66:2f:b4:0b:9f:cc:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:20:08 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=774f50ae85221bbfc32d1a8c8323015c12d4f84c30c2e14a9ddf9ce08f50d6f2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:13:55:f0:ef:ba:c2:e2:fb:3f:3a:df:77:35:
12:15:db:4c:32:0d:75:55:bb:d6:89:75:70:f3:25:
6b:8d:b1:79:7f:39:fe:7c:8f:f5:57:92:e5:4a:90:
78:10:84:57:cb:48:61:4c:ed:07:0d:4d:f5:8a:c1:
78:1d:64:ba:e4:a5:ea:2b:0d:ad:b5:85:38:d0:bd:
e0:59:f3:aa:06:97:52:45:7c:01:75:16:11:13:dd:
82:9d:e3:74:6e:e4:90:86:2f:06:67:08:5a:5d:3b:
e1:9f:13:30:5d:8e:13:9d:3d:a6:5d:15:ed:cb:3f:
f4:28:12:de:df:9f:ac:48:d9:46:35:8b:bc:fa:5a:
b9:d2:33:0d:c3:cf:2a:5a:48:1b:a8:27:0b:7f:1e:
c0:ee:8a:78:66:16:3f:26:a2:d5:f2:27:8f:ed:93:
f7:ab:a2:32:5f:a0:93:33:31:f7:81:7a:3a:17:27:
1f:18:d3:42:2e:81:52:ca:0e:a3:7d:3e:41:88:1d:
cc:99:54:23:4b:03:9c:7c:4b:30:7c:df:91:9d:5b:
ed:c0:26:f6:2c:90:ef:a0:18:5e:5c:12:0f:74:c2:
7d:34:28:85:40:09:03:e3:fa:b0:e4:aa:9f:6a:3d:
19:e9:67:06:bc:bc:7d:eb:a5:90:59:4e:bd:aa:78:
fa:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:44:FA:27:5B:46:27:07:83:2F:9E:C9:6D:CF:FD:B5:06:D7:FE:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7b0ce42c-74e9-48e1-9efc-180e262c3bc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:880::/46
Signature Algorithm: sha256WithRSAEncryption
2e:d9:48:46:63:5f:7a:3e:f9:ca:b0:a3:55:ff:1d:d8:7f:f0:
80:6a:07:55:de:2d:9b:69:cd:7b:36:ae:97:5f:2f:02:13:61:
e5:5b:68:10:d8:ae:4b:99:f6:30:6e:79:49:ee:2c:2b:1c:b1:
d8:02:36:5e:77:3a:95:4a:f1:c0:48:bf:d6:24:d5:9c:6f:b3:
e5:30:12:e1:a3:8a:b7:f0:de:4e:c9:2f:49:9b:c7:98:b8:0b:
8f:8c:ed:42:4e:d5:3a:f1:37:b7:5e:49:8d:6f:bb:66:7c:ee:
c0:c9:36:26:b6:dd:8d:1e:62:1c:77:27:f2:23:8d:7c:02:4b:
e4:46:48:e7:b2:02:81:d7:fc:8f:d7:89:f5:60:d6:d1:09:f6:
1e:dc:9b:20:7e:c3:85:9a:06:b2:de:46:6a:d9:38:a4:71:4b:
ca:e0:8d:11:d4:b1:19:e2:91:7e:33:e1:0f:32:11:3f:dc:b7:
80:ca:1b:cc:06:39:a0:31:a8:ce:fb:f7:1a:17:b4:f8:95:3b:
34:b9:4f:19:39:4c:eb:db:79:b1:b0:9c:97:fe:43:99:44:2a:
69:76:6f:84:41:91:ea:48:46:44:06:dc:63:a9:1a:1a:af:02:
f7:3e:29:a7:b9:6c:ca:ad:96:3b:4f:90:dc:71:3a:db:cb:bf:
7e:09:d5:17
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJaDIFtzDnSURMPWLbWYvtAufzLwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIwMDhaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3NGY1MGFlODUyMjFiYmZjMzJkMWE4YzgzMjMwMTVjMTJkNGY4NGMzMGMy
ZTE0YTlkZGY5Y2UwOGY1MGQ2ZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOwTVfDvusLi+z8633c1EhXbTDINdVW71ol1cPMla42xeX85/nyP9VeS5UqQ
eBCEV8tIYUztBw1N9YrBeB1kuuSl6isNrbWFONC94FnzqgaXUkV8AXUWERPdgp3j
dG7kkIYvBmcIWl074Z8TMF2OE509pl0V7cs/9CgS3t+frEjZRjWLvPpaudIzDcPP
KlpIG6gnC38ewO6KeGYWPyai1fInj+2T96uiMl+gkzMx94F6OhcnHxjTQi6BUsoO
o30+QYgdzJlUI0sDnHxLMHzfkZ1b7cAm9iyQ76AYXlwSD3TCfTQohUAJA+P6sOSq
n2o9GelnBry8feulkFlOvap4+kUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRaRPon
W0YnB4Mvnsltz/21Btf+xDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2IwY2U0MmMtNzRlOS00OGUxLTllZmMtMTgwZTI2MmMzYmM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HcI
gDANBgkqhkiG9w0BAQsFAAOCAQEALtlIRmNfej75yrCjVf8d2H/wgGoHVd4tm2nN
ezaul18vAhNh5VtoENiuS5n2MG55Se4sKxyx2AI2Xnc6lUrxwEi/1iTVnG+z5TAS
4aOKt/DeTskvSZvHmLgLj4ztQk7VOvE3t15JjW+7ZnzuwMk2JrbdjR5iHHcn8iON
fAJL5EZI57ICgdf8j9eJ9WDW0Qn2HtybIH7DhZoGst5Gatk4pHFLyuCNEdSxGeKR
fjPhDzIRP9y3gMobzAY5oDGozvv3Ghe0+JU7NLlPGTlM69t5sbCcl/5DmUQqaXZv
hEGR6khGRAbcY6kaGq8C9z4pp7lsyq2WO0+Q3HE628u/fgnVFw==
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:20:09 2025 by rpki-client