Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa
File: 7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa (raw, json)
Hash identifier: ebgMlKayvapJC8KZebm8xPEA5jCxDlEYu+QuxiwO7jU=
Subject key identifier: 17:8A:26:A1:EB:31:B4:9D:65:5E:49:BB:D1:63:0C:0E:7B:F2:45:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04F83F450A675279D61AE7A3FCAD8198D757D427
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa
Signing time: Fri 11 Jul 2025 19:30:10 +0000
ROA not before: Fri 11 Jul 2025 19:30:10 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:6040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:f8:3f:45:0a:67:52:79:d6:1a:e7:a3:fc:ad:81:98:d7:57:d4:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:30:10 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=7dedab5d4d3db47c3dda9afce84c2eb668c7aa13c50e91d075c0f8f27cc6aa46, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0d:31:ce:d6:ec:f7:e6:3b:b6:75:38:0a:06:
c0:de:1b:4b:11:f5:34:d2:29:91:b1:1c:98:34:35:
3b:03:3d:ec:35:d2:f8:1b:66:f0:b2:66:ab:bf:18:
15:68:5c:c9:d9:d3:cd:ca:57:56:d7:af:4f:42:98:
03:61:47:10:28:2b:56:1c:6c:5a:8b:4a:10:6f:96:
d6:91:57:eb:7e:74:8a:a4:4d:6c:ef:df:8f:7c:e6:
e1:70:c0:c6:cf:db:98:b1:0f:f3:55:5b:59:d4:55:
de:5d:fd:d1:b7:27:94:94:c3:ff:20:26:aa:3a:a1:
21:ca:a3:cd:0c:d8:38:f6:90:3d:13:3b:99:2b:c9:
95:55:99:b7:dc:cf:1a:26:8c:f3:a7:1e:b4:5b:e0:
0b:c6:6c:c6:6d:29:e7:8e:c2:c2:06:03:6c:d7:68:
c8:ed:bb:46:c8:4e:bb:1c:2c:93:1e:af:ce:e6:b2:
0a:0b:83:0e:57:6b:b6:38:9a:96:42:e1:63:9e:60:
1c:46:b2:de:cb:10:bb:7c:a6:fe:c1:e5:d1:e2:4e:
8a:4a:09:9e:1b:8c:d0:78:ed:a9:c7:57:a2:cc:77:
31:8c:06:31:3b:c8:cd:38:33:be:a7:c6:d6:c2:77:
7c:4d:db:c0:01:b0:94:bd:ae:dc:4d:ca:5e:46:27:
cf:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:8A:26:A1:EB:31:B4:9D:65:5E:49:BB:D1:63:0C:0E:7B:F2:45:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df740c3-cb67-4a1f-b391-fc0bd754a49d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:6040::/46
Signature Algorithm: sha256WithRSAEncryption
25:6f:4d:59:d3:b1:59:46:23:81:ba:84:9c:fa:47:4f:7d:af:
b6:77:1d:9c:c8:06:82:18:fe:ab:26:9d:8d:a6:62:73:1e:4b:
c7:4c:b1:ae:f7:91:ec:ac:93:15:95:49:57:95:12:9a:b2:4f:
cb:01:ea:15:af:00:9a:87:fd:65:41:00:54:95:68:8f:0d:a9:
de:73:20:57:4b:64:d5:c1:89:d2:12:ac:4a:8a:f6:46:e5:2f:
ff:d7:6e:d6:34:1f:6b:47:f6:40:71:4c:1b:4c:be:3f:93:26:
38:78:ad:8a:3c:47:61:e9:97:59:d4:38:3a:ed:b9:19:d7:2b:
3c:40:9f:3c:9f:f8:05:d5:be:2c:64:5b:39:74:15:65:b5:bf:
76:56:cf:5a:89:cf:59:21:b4:dc:de:c8:eb:07:27:33:93:22:
a7:29:d2:25:5d:8e:5a:b2:f7:68:43:1b:d2:10:2a:d8:ec:c7:
9d:11:04:fa:0d:fe:cb:82:d4:9a:95:b6:cc:ac:ac:78:0c:02:
47:d5:5c:cd:c2:f3:97:e7:c3:b5:de:99:db:84:07:ae:b2:fb:
96:3b:d0:19:33:49:06:a9:d1:62:34:07:5f:72:63:f6:22:14:
5f:fc:d2:9e:df:2e:90:c4:94:87:41:9e:15:f5:df:12:ba:69:
69:52:80:c0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBPg/RQpnUnnWGuej/K2BmNdX1CcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMwMTBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkZWRhYjVkNGQzZGI0N2MzZGRhOWFmY2U4NGMyZWI2NjhjN2FhMTNjNTBl
OTFkMDc1YzBmOGYyN2NjNmFhNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOUNMc7W7PfmO7Z1OAoGwN4bSxH1NNIpkbEcmDQ1OwM97DXS+Btm8LJmq78Y
FWhcydnTzcpXVtevT0KYA2FHECgrVhxsWotKEG+W1pFX6350iqRNbO/fj3zm4XDA
xs/bmLEP81VbWdRV3l390bcnlJTD/yAmqjqhIcqjzQzYOPaQPRM7mSvJlVWZt9zP
GiaM86cetFvgC8Zsxm0p547CwgYDbNdoyO27RshOuxwskx6vzuayCguDDldrtjia
lkLhY55gHEay3ssQu3ym/sHl0eJOikoJnhuM0HjtqcdXosx3MYwGMTvIzTgzvqfG
1sJ3fE3bwAGwlL2u3E3KXkYnz1cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQXiiah
6zG0nWVeSbvRYwwOe/JFGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RmNzQwYzMtY2I2Ny00YTFmLWIzOTEtZmMwYmQ3NTRhNDlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Htg
QDANBgkqhkiG9w0BAQsFAAOCAQEAJW9NWdOxWUYjgbqEnPpHT32vtncdnMgGghj+
qyadjaZicx5Lx0yxrveR7KyTFZVJV5USmrJPywHqFa8Amof9ZUEAVJVojw2p3nMg
V0tk1cGJ0hKsSor2RuUv/9du1jQfa0f2QHFMG0y+P5MmOHitijxHYemXWdQ4Ou25
GdcrPECfPJ/4BdW+LGRbOXQVZbW/dlbPWonPWSG03N7I6wcnM5MipynSJV2OWrL3
aEMb0hAq2OzHnREE+g3+y4LUmpW2zKyseAwCR9VczcLzl+fDtd6Z24QHrrL7ljvQ
GTNJBqnRYjQHX3Jj9iIUX/zSnt8ukMSUh0GeFfXfErppaVKAwA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:42:31 2025 by rpki-client