Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa
File: 7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa (raw, json)
Hash identifier: Z57xVbengvS0wyEorZv0Uh8ojhDdm3IAlMwUKueiVcg=
Subject key identifier: FA:5C:9E:2C:7F:25:3D:D7:39:E8:EA:C2:B4:8E:51:6C:9A:E9:22:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 389DC78AFD370A094D900C6CFC7D491236C0BABF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa
Signing time: Fri 11 Jul 2025 20:50:18 +0000
ROA not before: Fri 11 Jul 2025 20:50:18 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d027::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:9d:c7:8a:fd:37:0a:09:4d:90:0c:6c:fc:7d:49:12:36:c0:ba:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:50:18 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=f1fba718e65c174487f429762e6095de1439d085a6701c15c8379f609940527f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:47:24:70:04:71:40:4e:e1:0c:d4:6b:bf:68:
6c:10:26:fa:00:f0:2d:5f:04:8c:ac:62:d1:85:f7:
5c:57:59:41:d3:58:93:7b:8b:c7:ae:95:78:2c:79:
b6:d2:5b:7c:01:64:11:a4:28:80:3a:cd:e7:ab:68:
fe:d9:dc:65:e4:e5:e8:39:6b:3d:a3:02:68:b7:38:
25:a4:1a:d5:07:ce:e2:f8:06:f1:93:41:32:48:51:
b3:25:e0:08:d9:c2:72:bf:b7:b2:dc:87:42:38:9a:
c7:f5:fb:ea:13:af:eb:18:79:86:44:dc:98:22:3a:
4a:c2:1a:49:1f:d4:a8:f8:62:c3:43:c9:e5:51:19:
ee:16:a9:8a:02:80:25:e3:a5:15:d4:32:e1:23:ba:
79:5e:fa:ae:dc:b7:32:33:b2:39:61:2d:de:67:d4:
36:58:e6:9e:da:85:e0:d3:e3:a9:0d:82:32:d7:b7:
bd:89:69:56:34:5a:c9:4a:f6:a2:dd:00:35:0f:32:
0c:1d:0a:25:43:7a:ab:58:b1:bb:69:89:0f:6a:a8:
a9:63:a9:17:2d:25:0e:6e:64:c2:2b:a1:de:b6:b8:
16:93:40:d6:60:c7:db:82:99:19:30:f7:c3:00:a8:
36:39:5d:fb:5b:1f:e1:df:04:99:b3:3a:ce:5f:c5:
52:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5C:9E:2C:7F:25:3D:D7:39:E8:EA:C2:B4:8E:51:6C:9A:E9:22:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d027::/36
Signature Algorithm: sha256WithRSAEncryption
72:13:85:f9:dd:f0:3c:66:45:8c:b6:b6:56:4a:db:7a:03:e2:
20:b6:43:e2:4e:79:cf:23:6f:14:05:f0:67:6f:b8:e6:7e:65:
af:2b:d1:40:48:1b:28:2d:5d:37:25:a9:cc:c9:5c:ca:7d:1c:
8c:90:c6:f2:24:a4:32:85:3c:02:0f:11:8e:c0:d1:31:b4:a2:
c6:19:c4:c7:63:93:06:20:96:b5:be:37:4f:b0:84:e4:37:1d:
d4:d3:c4:99:71:b3:d9:bb:e0:27:42:a2:12:62:61:8c:11:53:
59:9c:75:93:5a:ef:2f:45:a1:6d:31:3b:0a:d9:39:17:d0:40:
63:e9:53:1d:c4:1b:d8:dc:06:cc:a6:9e:ee:31:1d:87:b5:84:
9a:20:55:8f:30:b1:55:35:cc:63:3c:53:72:68:5c:8e:ed:b7:
a1:55:f6:57:b3:14:e3:2a:f1:f2:e3:77:73:8e:c1:5e:dc:f5:
52:ad:cf:77:ea:f3:15:85:9f:c5:70:6f:5b:3f:6e:9d:96:76:
0e:37:ae:cb:13:28:21:ca:dc:17:7b:2f:7e:e0:0f:13:89:61:
09:bc:8c:96:94:13:ed:25:c1:3b:b9:3b:24:6f:af:c1:f9:2e:
d4:56:e4:96:08:93:1e:ea:84:f5:5e:01:2d:7d:02:e3:b1:ca:
9e:b3:54:a3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOJ3Hiv03CglNkAxs/H1JEjbAur8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDUwMThaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxZmJhNzE4ZTY1YzE3NDQ4N2Y0Mjk3NjJlNjA5NWRlMTQzOWQwODVhNjcw
MWMxNWM4Mzc5ZjYwOTk0MDUyN2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIZHJHAEcUBO4QzUa79obBAm+gDwLV8EjKxi0YX3XFdZQdNYk3uLx66VeCx5
ttJbfAFkEaQogDrN56to/tncZeTl6DlrPaMCaLc4JaQa1QfO4vgG8ZNBMkhRsyXg
CNnCcr+3styHQjiax/X76hOv6xh5hkTcmCI6SsIaSR/UqPhiw0PJ5VEZ7hapigKA
JeOlFdQy4SO6eV76rty3MjOyOWEt3mfUNljmntqF4NPjqQ2CMte3vYlpVjRayUr2
ot0ANQ8yDB0KJUN6q1ixu2mJD2qoqWOpFy0lDm5kwiuh3ra4FpNA1mDH24KZGTD3
wwCoNjld+1sf4d8EmbM6zl/FUrMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT6XJ4s
fyU91zno6sK0jlFsmukiwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2JjYmY5ZjMtN2E2My00MmEyLTliNTgtNGMwYzEwZmMzNGRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CcA
MA0GCSqGSIb3DQEBCwUAA4IBAQByE4X53fA8ZkWMtrZWStt6A+IgtkPiTnnPI28U
BfBnb7jmfmWvK9FASBsoLV03JanMyVzKfRyMkMbyJKQyhTwCDxGOwNExtKLGGcTH
Y5MGIJa1vjdPsITkNx3U08SZcbPZu+AnQqISYmGMEVNZnHWTWu8vRaFtMTsK2TkX
0EBj6VMdxBvY3AbMpp7uMR2HtYSaIFWPMLFVNcxjPFNyaFyO7behVfZXsxTjKvHy
43dzjsFe3PVSrc936vMVhZ/FcG9bP26dlnYON67LEyghytwXey9+4A8TiWEJvIyW
lBPtJcE7uTskb6/B+S7UVuSWCJMe6oT1XgEtfQLjscqes1Sj
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:17 2025 by rpki-client