Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
File: 7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa (raw, json)
Hash identifier: IBEJhcXSKTGIy1OqcDDEQBNiuf5Nh4QFdE+wnG+4qJI=
Subject key identifier: BB:7E:62:49:43:83:DA:0A:91:4F:B5:83:84:54:FB:49:BC:98:62:BE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 48C879FF6B79E3BE7D7D726E448238F34F2C6D15
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
Signing time: Fri 11 Jul 2025 20:41:13 +0000
ROA not before: Fri 11 Jul 2025 20:41:13 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:c8:79:ff:6b:79:e3:be:7d:7d:72:6e:44:82:38:f3:4f:2c:6d:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:41:13 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=1971cea72848b198bdf670ca5add1caed262ee6486933aa34a2c5057eac11033, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:bb:82:75:74:f1:2b:a9:e0:97:ad:d6:d9:df:
f8:2c:dc:0d:23:8f:90:ad:de:46:a8:4e:15:db:fd:
19:e2:77:fc:e2:3c:71:4e:5d:84:d1:78:62:ae:68:
f0:e9:b5:f1:8a:67:cf:fa:25:87:e0:f1:39:a0:3c:
c7:7c:70:6d:43:f0:82:97:3d:59:5b:12:7e:4a:87:
39:82:8c:59:1c:0e:9e:29:98:fb:f2:16:fb:98:86:
16:74:f8:20:c2:73:2f:7c:ea:43:fe:da:97:ad:d6:
68:0f:7d:31:86:cd:6c:61:cd:c6:4e:61:c0:d1:a4:
9a:fe:e1:85:e9:0e:f6:b4:02:1d:24:8c:1e:dc:92:
37:f3:d5:51:6a:f9:98:09:ee:8e:d9:8a:f3:74:02:
51:c2:01:d0:4e:95:d4:cb:24:ed:80:34:07:33:97:
79:41:87:b0:00:1c:9e:e9:9a:42:93:ff:10:f8:15:
ec:31:62:7a:5e:66:a8:a3:5a:ad:b6:e6:3e:c5:53:
aa:53:2c:3f:a8:ed:81:c5:09:15:52:48:f9:a5:ab:
a1:ff:7a:b5:1a:d1:1b:b1:a6:f7:e9:98:d5:58:60:
2b:34:9a:a6:b4:6c:05:c5:bb:b3:c5:a6:2e:ca:dc:
8d:99:51:60:c5:c3:40:4a:60:b0:54:61:26:be:9e:
d7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:7E:62:49:43:83:DA:0A:91:4F:B5:83:84:54:FB:49:BC:98:62:BE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012::/36
Signature Algorithm: sha256WithRSAEncryption
b0:23:3f:35:dd:e7:3e:de:d9:19:fd:24:65:a9:fa:f1:33:85:
c4:83:3c:9b:00:34:75:2d:cd:09:9b:53:dc:20:ab:d1:3b:6d:
74:3e:40:5b:cd:18:ba:78:a2:0e:c9:48:64:68:f5:4c:18:a5:
61:d0:fd:93:4f:48:a4:d8:a3:71:40:64:26:02:96:a2:dd:a9:
e0:e6:1f:40:ce:80:df:27:a5:29:d7:36:61:29:e6:10:10:78:
74:1a:ae:0a:2e:cb:2e:cb:b9:78:dd:da:9a:8d:8f:d7:9e:74:
ec:ae:a2:91:7d:d2:f7:38:4b:96:5e:b1:c9:58:18:8d:a5:23:
db:01:c0:6e:80:98:cd:5c:c3:6d:98:53:bc:44:42:91:e7:83:
b9:7f:ea:b9:b7:d6:f0:96:55:e8:20:ab:62:28:77:38:c3:5a:
5b:98:e9:97:08:18:2d:c1:e1:47:8c:29:be:be:5f:55:e7:c3:
76:b1:53:f2:47:b3:e3:10:0f:d1:eb:f4:6d:73:90:c1:08:68:
35:83:72:77:77:8a:7b:9b:01:c5:5e:36:74:f9:a7:68:67:bb:
0f:f3:f4:e7:ed:62:75:80:90:c7:4e:85:e9:74:e9:d4:3d:18:
a4:0e:bb:b6:1a:f6:40:ed:5b:27:6d:bf:46:ff:1a:ff:77:6d:
a9:0e:d3:a8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSMh5/2t54759fXJuRII4808sbRUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQxMTNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5NzFjZWE3Mjg0OGIxOThiZGY2NzBjYTVhZGQxY2FlZDI2MmVlNjQ4Njkz
M2FhMzRhMmM1MDU3ZWFjMTEwMzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOe7gnV08Sup4Jet1tnf+CzcDSOPkK3eRqhOFdv9GeJ3/OI8cU5dhNF4Yq5o
8Om18Ypnz/olh+DxOaA8x3xwbUPwgpc9WVsSfkqHOYKMWRwOnimY+/IW+5iGFnT4
IMJzL3zqQ/7al63WaA99MYbNbGHNxk5hwNGkmv7hhekO9rQCHSSMHtySN/PVUWr5
mAnujtmK83QCUcIB0E6V1Msk7YA0BzOXeUGHsAAcnumaQpP/EPgV7DFiel5mqKNa
rbbmPsVTqlMsP6jtgcUJFVJI+aWrof96tRrRG7Gm9+mY1VhgKzSaprRsBcW7s8Wm
LsrcjZlRYMXDQEpgsFRhJr6e1+0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS7fmJJ
Q4PaCpFPtYOEVPtJvJhivjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RmNzY2NDktZGNjMC00ZjhjLWJlNmItMTNmY2EyN2VjNGYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BIA
MA0GCSqGSIb3DQEBCwUAA4IBAQCwIz813ec+3tkZ/SRlqfrxM4XEgzybADR1Lc0J
m1PcIKvRO210PkBbzRi6eKIOyUhkaPVMGKVh0P2TT0ik2KNxQGQmApai3ang5h9A
zoDfJ6Up1zZhKeYQEHh0Gq4KLssuy7l43dqajY/XnnTsrqKRfdL3OEuWXrHJWBiN
pSPbAcBugJjNXMNtmFO8REKR54O5f+q5t9bwllXoIKtiKHc4w1pbmOmXCBgtweFH
jCm+vl9V58N2sVPyR7PjEA/R6/Rtc5DBCGg1g3J3d4p7mwHFXjZ0+adoZ7sP8/Tn
7WJ1gJDHToXpdOnUPRikDru2GvZA7Vsnbb9G/xr/d22pDtOo
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:17 2025 by rpki-client