Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa
File: 7cde858d-62b0-4607-8c80-6907e7e92d59.roa (raw, json)
Hash identifier: qXe7JYVJ38cevfzK+kfJQ14hqa7VTedLdpsmJYxNy/4=
Subject key identifier: 10:E7:19:19:B9:AC:96:52:6D:2E:A2:06:70:E3:A9:6B:D8:F7:F6:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4FB0CCFA184870E9B4828A2D8461AB7B1EE3A01D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa
Signing time: Mon 14 Jul 2025 16:54:10 +0000
ROA not before: Mon 14 Jul 2025 16:54:10 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:b0:cc:fa:18:48:70:e9:b4:82:8a:2d:84:61:ab:7b:1e:e3:a0:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 14 16:54:10 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=f564a8cab1e9f73e2b8557fe93f1c896366685236f11fb2e7843d355f93542d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:18:95:43:8a:27:fc:17:1d:db:84:92:d5:dc:
28:5d:62:a4:83:91:b8:1f:a7:9d:61:1c:fa:1e:bd:
a7:f2:59:bf:22:e7:cb:3a:b2:80:a7:e5:3e:af:f8:
9c:9e:6a:c9:2e:83:b6:e9:69:1e:51:62:05:d4:59:
30:e7:5a:15:4a:b7:4f:eb:75:0f:54:ed:dd:28:e9:
37:7d:87:a3:ed:3c:20:42:99:36:f4:4e:16:01:3e:
6d:48:8b:12:4c:83:3c:cf:8a:38:c5:68:33:80:28:
e6:fc:c3:f3:4e:a2:e5:35:c9:48:eb:76:e2:0f:ba:
e0:e8:94:e3:f0:d1:99:fc:32:9b:3b:29:28:11:4b:
3e:df:7d:3a:4a:a8:a6:54:c5:4e:07:6f:73:05:2b:
17:b8:d0:6c:54:33:4d:1f:f0:63:c3:88:88:6d:11:
a1:cd:01:74:87:c3:43:ab:83:84:3b:db:f4:89:0c:
79:2f:e8:f6:ed:72:74:4f:df:59:3a:da:d7:be:4f:
55:58:21:a9:8c:28:ed:4c:df:77:30:05:e9:75:86:
1f:ee:52:a2:81:7f:b8:91:4c:fb:d1:ba:b0:52:91:
48:a0:fc:87:02:17:dc:0e:31:01:3a:75:2c:de:5f:
43:0b:e6:dc:7c:d4:aa:9b:3b:73:f5:32:65:b1:f0:
a1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:E7:19:19:B9:AC:96:52:6D:2E:A2:06:70:E3:A9:6B:D8:F7:F6:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:800::/40
Signature Algorithm: sha256WithRSAEncryption
51:5c:36:da:4d:0f:10:27:ce:8e:1b:15:ff:ce:ac:23:14:05:
e1:68:2c:f1:a3:dd:b5:13:45:a5:07:e1:7f:8a:33:89:63:8b:
12:6e:0d:4f:d7:8a:a9:86:9d:10:db:2b:25:77:d0:3d:3e:ec:
65:cd:53:25:d5:39:0c:5e:76:58:da:1f:62:1f:3b:a0:55:cd:
09:d2:01:8e:5b:df:12:d4:d0:cc:63:28:95:42:b4:d6:b2:f6:
eb:d7:d8:ee:cb:85:e8:bb:eb:42:e6:ed:4d:33:ae:4e:bd:9b:
61:3d:12:6d:2c:65:8c:52:46:e6:38:5c:c1:a8:bb:9d:22:92:
38:2d:43:4a:fd:9e:9d:6f:a9:f1:6d:67:5d:14:3d:d1:7b:cc:
c8:38:79:ad:80:b6:27:f2:fe:ff:ee:84:84:0c:32:49:a6:2b:
4e:e9:3a:0b:d5:2c:48:ba:73:e9:98:f6:2d:13:49:e9:e7:5d:
1c:11:4f:fc:21:ba:51:c5:72:7a:ca:77:87:72:82:76:b8:f0:
b1:1f:51:66:df:8e:24:1c:aa:63:03:c4:4c:77:e7:16:34:e7:
7f:ad:dd:29:ae:a8:d0:95:22:95:b1:50:7d:17:1f:44:15:95:
ce:55:df:c8:63:43:f1:60:97:d4:0c:7f:12:13:37:2b:72:e9:
7e:ae:95:ad
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT7DM+hhIcOm0goothGGrex7joB0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTQxNjU0MTBaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1NjRhOGNhYjFlOWY3M2UyYjg1NTdmZTkzZjFjODk2MzY2Njg1MjM2ZjEx
ZmIyZTc4NDNkMzU1ZjkzNTQyZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANEYlUOKJ/wXHduEktXcKF1ipIORuB+nnWEc+h69p/JZvyLnyzqygKflPq/4
nJ5qyS6DtulpHlFiBdRZMOdaFUq3T+t1D1Tt3SjpN32Ho+08IEKZNvROFgE+bUiL
EkyDPM+KOMVoM4Ao5vzD806i5TXJSOt24g+64OiU4/DRmfwymzspKBFLPt99Okqo
plTFTgdvcwUrF7jQbFQzTR/wY8OIiG0Roc0BdIfDQ6uDhDvb9IkMeS/o9u1ydE/f
WTra175PVVghqYwo7UzfdzAF6XWGH+5SooF/uJFM+9G6sFKRSKD8hwIX3A4xATp1
LN5fQwvm3HzUqps7c/UyZbHwodMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQQ5xkZ
uayWUm0uogZw46lr2Pf2yzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2NkZTg1OGQtNjJiMC00NjA3LThjODAtNjkwN2U3ZTkyZDU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkI
MA0GCSqGSIb3DQEBCwUAA4IBAQBRXDbaTQ8QJ86OGxX/zqwjFAXhaCzxo921E0Wl
B+F/ijOJY4sSbg1P14qphp0Q2ysld9A9PuxlzVMl1TkMXnZY2h9iHzugVc0J0gGO
W98S1NDMYyiVQrTWsvbr19juy4Xou+tC5u1NM65OvZthPRJtLGWMUkbmOFzBqLud
IpI4LUNK/Z6db6nxbWddFD3Re8zIOHmtgLYn8v7/7oSEDDJJpitO6ToL1SxIunPp
mPYtE0np510cEU/8IbpRxXJ6yneHcoJ2uPCxH1Fm344kHKpjA8RMd+cWNOd/rd0p
rqjQlSKVsVB9Fx9EFZXOVd/IY0PxYJfUDH8SEzcrcul+rpWt
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:44:48 2025 by rpki-client