Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
File: 7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa (raw, json)
Hash identifier: ocVMLg5Z8hmOeiT0PchW11KSFMXGKUQR4XUpTXRakTY=
Subject key identifier: 45:1D:84:F8:33:AB:31:69:4D:0B:E2:14:55:40:E1:0F:4A:31:3B:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43A8248CEF852607DDE971226AA89FCC29D4F0F6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
Signing time: Sat 12 Jul 2025 00:51:18 +0000
ROA not before: Sat 12 Jul 2025 00:51:18 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:a8:24:8c:ef:85:26:07:dd:e9:71:22:6a:a8:9f:cc:29:d4:f0:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:51:18 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=6d42c441850130af8e9d6a5ee84e40cf8dfab1152c7bbbe43839200fc8fd27f6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0d:ee:fa:0d:78:48:10:53:7a:ff:bc:91:67:
f2:d7:6f:b4:93:d2:62:24:80:88:f6:2d:e0:97:7d:
fc:bc:2e:a4:5c:11:60:5c:5a:87:95:18:12:6b:bc:
3b:98:de:fb:91:8b:7b:1c:4a:03:fe:30:9d:0b:ca:
e2:fe:6a:0a:c4:e8:4f:4f:4a:0e:d3:41:2a:14:2d:
9f:91:71:90:da:53:e0:5d:b0:6d:df:ac:ac:ef:89:
c8:d2:9f:2f:ea:07:e1:81:9f:02:99:e0:dc:ce:81:
8c:b9:e1:a8:e8:b2:8f:c6:62:4d:67:99:da:87:5b:
12:34:ae:98:fb:c2:df:56:14:b2:c8:5f:f6:38:87:
06:d3:b6:8e:eb:36:56:21:d3:3d:fa:2b:21:34:ad:
b4:bf:b7:3a:2a:61:dc:15:e8:58:88:0b:9d:06:4b:
89:79:b1:39:5d:b8:49:0d:36:5b:2a:6f:e5:d0:96:
bc:36:bd:93:cc:b2:6e:b8:65:f1:dd:8a:fd:30:72:
25:cf:18:04:9d:28:42:62:b1:f1:b9:df:7b:c6:01:
42:b4:ab:31:c9:98:3b:a0:6b:9b:a4:f2:86:66:58:
2d:14:b4:00:2e:a8:02:2e:94:f2:2c:f1:c0:0b:86:
6d:34:82:ca:28:98:1d:14:e4:da:c7:f4:ed:ef:23:
1a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:1D:84:F8:33:AB:31:69:4D:0B:E2:14:55:40:E1:0F:4A:31:3B:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038::/32
Signature Algorithm: sha256WithRSAEncryption
1a:21:f8:f0:78:54:9f:02:1f:a9:8d:39:85:93:05:4b:fe:84:
3b:8d:38:83:9f:22:f2:86:04:59:8e:5e:ac:8f:3b:74:61:c8:
e4:21:f4:b3:52:04:d5:92:12:ec:5c:36:be:69:f3:94:3e:7e:
2d:0b:1d:bb:f8:b6:39:c8:b1:b7:4a:c3:ca:1c:6d:ca:b2:e8:
55:03:82:66:16:cf:71:18:64:6d:c4:f3:92:ac:83:0d:ce:8f:
ca:82:a7:a3:14:59:a9:d1:c6:96:c5:e3:8a:fc:08:49:57:36:
35:20:b5:3b:7d:0f:96:9a:f9:85:58:f1:19:d9:d3:0f:3d:b0:
dd:bf:cc:9f:59:5e:f1:db:0b:0f:38:04:a9:f6:16:5e:99:ee:
9c:73:3b:45:47:d9:50:5d:60:46:05:d6:5f:d7:16:92:6e:5c:
61:2a:14:e9:f0:0d:c9:e7:23:89:70:34:57:67:89:e6:13:00:
df:8a:8c:c9:ae:c6:ed:45:f6:44:4c:ba:84:3d:3d:8e:5d:d4:
36:a5:cc:42:70:d0:c3:44:5f:02:9e:6c:eb:8f:15:64:8b:b6:
2c:8c:02:e1:07:0f:b9:17:89:30:f1:dc:65:35:c3:12:0b:5a:
13:39:fa:b9:b7:bc:14:2e:1b:c6:ca:52:be:48:a6:9b:3d:84:
fb:a6:53:00
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUQ6gkjO+FJgfd6XEiaqifzCnU8PYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUxMThaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkNDJjNDQxODUwMTMwYWY4ZTlkNmE1ZWU4NGU0MGNmOGRmYWIxMTUyYzdi
YmJlNDM4MzkyMDBmYzhmZDI3ZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsN7voNeEgQU3r/vJFn8tdvtJPSYiSAiPYt4Jd9/LwupFwRYFxah5UYEmu8
O5je+5GLexxKA/4wnQvK4v5qCsToT09KDtNBKhQtn5FxkNpT4F2wbd+srO+JyNKf
L+oH4YGfApng3M6BjLnhqOiyj8ZiTWeZ2odbEjSumPvC31YUsshf9jiHBtO2jus2
ViHTPforITSttL+3Oiph3BXoWIgLnQZLiXmxOV24SQ02Wypv5dCWvDa9k8yybrhl
8d2K/TByJc8YBJ0oQmKx8bnfe8YBQrSrMcmYO6Brm6TyhmZYLRS0AC6oAi6U8izx
wAuGbTSCyiiYHRTk2sf07e8jGvsCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRFHYT4
M6sxaU0L4hRVQOEPSjE75DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RjZjAxNGYtYWY4OC00YWI5LTk5NzYtNzQ2ZWQ4ZGVjMWE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Dgw
DQYJKoZIhvcNAQELBQADggEBABoh+PB4VJ8CH6mNOYWTBUv+hDuNOIOfIvKGBFmO
XqyPO3RhyOQh9LNSBNWSEuxcNr5p85Q+fi0LHbv4tjnIsbdKw8ocbcqy6FUDgmYW
z3EYZG3E85Ksgw3Oj8qCp6MUWanRxpbF44r8CElXNjUgtTt9D5aa+YVY8RnZ0w89
sN2/zJ9ZXvHbCw84BKn2Fl6Z7pxzO0VH2VBdYEYF1l/XFpJuXGEqFOnwDcnnI4lw
NFdnieYTAN+KjMmuxu1F9kRMuoQ9PY5d1DalzEJw0MNEXwKebOuPFWSLtiyMAuEH
D7kXiTDx3GU1wxILWhM5+rm3vBQuG8bKUr5Ipps9hPumUwA=
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:38 2025 by rpki-client