Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cfb4167-bb34-4b3d-8c92-bcd5cab97a46.roa
File: 7cfb4167-bb34-4b3d-8c92-bcd5cab97a46.roa (raw, json)
Hash identifier: Ep1zj6aDp8biYUZhGXaBCsbTIByVF9esTD3rO8/2utM=
Subject key identifier: C4:4F:11:E1:46:E8:01:21:36:B1:56:5C:31:0B:C6:65:A8:BC:6A:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 586D3C5DEE55E6CA3DF9C535A4C4BE281F946AF5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cfb4167-bb34-4b3d-8c92-bcd5cab97a46.roa
Signing time: Fri 11 Jul 2025 19:50:01 +0000
ROA not before: Fri 11 Jul 2025 19:50:01 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:1040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:6d:3c:5d:ee:55:e6:ca:3d:f9:c5:35:a4:c4:be:28:1f:94:6a:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:50:01 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=af3bc20046fd104a1a4c3de953f6a43caf7c2fc86e8b980d5012a52b81ee1f50, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:93:3a:d9:67:ea:3a:05:d4:d0:e5:36:e6:6e:
12:5c:f8:fd:b6:da:db:e0:30:bb:06:e7:c2:f2:6d:
8a:f0:a2:a6:98:98:2b:af:2f:38:44:18:a8:9a:73:
aa:37:34:76:38:df:35:6e:0a:fb:dc:da:7d:a9:47:
c4:98:b8:eb:9d:2f:cf:63:73:92:a3:2e:15:73:12:
8c:dd:8f:1b:a5:2a:1a:cd:bf:6c:04:6c:d3:bd:c6:
36:8a:16:44:f5:fe:e3:df:3f:3d:e9:5c:8c:ee:13:
ba:66:7c:8d:10:11:10:cd:ae:9b:9c:15:5c:0f:5e:
13:0d:be:18:1b:a1:fd:a5:09:58:fe:0f:d4:98:2d:
ec:fa:31:54:e6:2c:8e:d8:cf:ae:e3:dd:13:70:b8:
17:75:e0:95:d1:af:27:b9:03:e0:90:66:97:63:36:
7c:01:60:15:09:2a:fa:22:8e:a2:93:94:70:15:ef:
37:ea:01:28:0e:9c:a9:9b:d0:66:7f:16:61:a5:17:
8c:09:39:ba:48:53:c3:7f:ab:78:2d:11:6a:29:72:
03:9e:5a:3d:b5:d4:bf:1e:18:35:c4:2d:86:16:1e:
c4:f8:ea:1a:dc:ee:b1:55:97:55:39:d5:15:f3:38:
86:f5:25:e2:f6:f2:ec:3c:7d:e8:82:a7:7c:cd:e1:
dc:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:4F:11:E1:46:E8:01:21:36:B1:56:5C:31:0B:C6:65:A8:BC:6A:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cfb4167-bb34-4b3d-8c92-bcd5cab97a46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:1040::/46
Signature Algorithm: sha256WithRSAEncryption
20:2e:59:01:aa:77:6d:39:e5:54:6f:4f:81:90:15:07:85:50:
3a:3e:b1:f0:2a:30:82:25:29:99:5c:38:9f:bc:b7:9a:51:50:
94:d8:e1:b7:82:ca:f7:6c:b8:42:7e:19:53:cc:29:42:10:cb:
56:a3:c5:94:88:89:be:f3:66:6a:e9:f2:72:c1:a7:a6:f8:66:
73:3e:07:3c:d4:5a:e0:74:b3:11:06:4f:76:2f:7f:4f:2d:d8:
91:86:d4:27:36:cf:50:d5:de:41:f5:51:ff:b8:b3:04:6b:76:
b1:a8:d3:9d:57:44:08:e8:f4:2c:96:59:de:1e:a6:2a:d2:94:
58:08:fc:a8:84:c8:e7:7d:ea:94:24:b4:b4:e8:bd:62:4e:79:
57:f3:43:fa:9c:97:ff:45:1f:67:1a:9e:31:c7:2f:d6:6a:f9:
cb:45:45:1e:75:a2:40:b9:29:31:65:94:0e:ac:1a:5e:b3:75:
c5:58:ca:9e:47:e0:00:03:91:de:a4:f8:d9:16:4d:47:a1:e9:
98:9b:55:ad:46:9f:01:f6:ee:51:7d:83:18:49:d1:b9:d0:b3:
7e:ca:c5:4e:5b:27:6e:6c:0d:74:08:17:20:b1:e7:b0:f0:16:
41:ad:aa:0d:5f:2b:d0:07:da:51:9c:36:fc:c7:a0:43:d6:38:
13:df:15:25
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWG08Xe5V5so9+cU1pMS+KB+UavUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUwMDFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmM2JjMjAwNDZmZDEwNGExYTRjM2RlOTUzZjZhNDNjYWY3YzJmYzg2ZThi
OTgwZDUwMTJhNTJiODFlZTFmNTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+TOtln6joF1NDlNuZuElz4/bba2+AwuwbnwvJtivCippiYK68vOEQYqJpz
qjc0djjfNW4K+9zafalHxJi4650vz2NzkqMuFXMSjN2PG6UqGs2/bARs073GNooW
RPX+498/PelcjO4TumZ8jRAREM2um5wVXA9eEw2+GBuh/aUJWP4P1Jgt7PoxVOYs
jtjPruPdE3C4F3XgldGvJ7kD4JBml2M2fAFgFQkq+iKOopOUcBXvN+oBKA6cqZvQ
Zn8WYaUXjAk5ukhTw3+reC0RailyA55aPbXUvx4YNcQthhYexPjqGtzusVWXVTnV
FfM4hvUl4vby7Dx96IKnfM3h3OECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTETxHh
RugBITaxVlwxC8ZlqLxqFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2NmYjQxNjctYmIzNC00YjNkLThjOTItYmNkNWNhYjk3YTQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HcQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAIC5ZAap3bTnlVG9PgZAVB4VQOj6x8CowgiUp
mVw4n7y3mlFQlNjht4LK92y4Qn4ZU8wpQhDLVqPFlIiJvvNmaunycsGnpvhmcz4H
PNRa4HSzEQZPdi9/Ty3YkYbUJzbPUNXeQfVR/7izBGt2sajTnVdECOj0LJZZ3h6m
KtKUWAj8qITI533qlCS0tOi9Yk55V/ND+pyX/0UfZxqeMccv1mr5y0VFHnWiQLkp
MWWUDqwaXrN1xVjKnkfgAAOR3qT42RZNR6HpmJtVrUafAfbuUX2DGEnRudCzfsrF
TlsnbmwNdAgXILHnsPAWQa2qDV8r0AfaUZw2/MegQ9Y4E98VJQ==
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:53:27 2025 by rpki-client