Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
File: 8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa (raw, json)
Hash identifier: H8dP7wVKQ8j9ewSJMfIaGHFbdCRpdrtLZCmzWLy6qWI=
Subject key identifier: 60:77:E4:78:84:88:0C:E8:4F:69:5B:DF:B3:26:B5:B8:F4:18:D1:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2BF4AB67D5C77D9D343721A35A361CE11602CD01
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
Signing time: Fri 11 Jul 2025 20:50:55 +0000
ROA not before: Fri 11 Jul 2025 20:50:55 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d028::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:f4:ab:67:d5:c7:7d:9d:34:37:21:a3:5a:36:1c:e1:16:02:cd:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:50:55 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=b9234871d66856ef18ff77d95f37092cd4c0a974f6552ed87a98aea0bad6f9e4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:12:36:57:40:0f:0e:5f:7e:9f:c9:c6:83:41:
85:17:82:32:69:db:d8:63:f7:73:10:6f:b3:2d:73:
4b:5a:00:b4:de:2c:d5:38:0e:b9:06:db:f1:16:0b:
56:ee:ab:86:5e:45:e0:09:9a:0d:3c:78:ac:93:25:
8b:25:3f:60:2e:36:54:92:14:4e:b4:82:cc:5f:a0:
33:2f:76:95:aa:57:fd:06:7a:29:30:21:df:6d:97:
10:de:75:b1:df:d6:a2:14:27:78:da:8f:b8:68:c4:
8e:dd:24:3a:da:8e:28:16:bb:2d:55:83:ba:79:0c:
26:86:2b:dd:2f:1b:08:37:c5:d3:c8:07:4c:5e:bb:
44:83:51:68:4a:7e:80:a2:c7:d1:6e:4d:57:9e:61:
cb:a2:88:7e:1e:c1:2f:63:18:c7:10:54:cb:b6:87:
34:17:fc:58:58:d4:d1:31:72:a5:c8:00:91:ff:8f:
de:c2:7d:72:08:d7:18:de:13:61:37:f8:cf:14:16:
80:03:e1:eb:5f:7b:d4:fb:71:ea:ff:8f:bf:02:2b:
ff:34:bd:cc:96:66:ca:81:34:96:ef:5c:3a:ee:dc:
7f:e8:b6:13:8f:3c:0e:d9:b0:cf:f6:fa:b0:c5:51:
b2:b4:1e:12:27:31:f7:67:f6:4c:46:9c:ee:e2:5b:
c9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:77:E4:78:84:88:0C:E8:4F:69:5B:DF:B3:26:B5:B8:F4:18:D1:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d028::/36
Signature Algorithm: sha256WithRSAEncryption
15:6c:e6:c0:78:a4:a9:2a:98:60:a6:e4:fe:78:dd:81:f7:59:
9a:d1:81:97:a7:da:bd:28:f4:e4:31:cf:0f:2f:b9:60:09:57:
d5:f5:2f:94:44:0b:1f:dc:17:f1:ef:99:0e:1d:b9:5b:a9:1c:
92:54:da:b5:f1:7b:b4:58:6a:3b:a2:c6:bc:a5:c2:1b:1d:72:
5a:41:bf:f0:59:49:01:b7:9f:c5:d8:7f:ad:fe:f1:f8:91:1b:
e7:c5:41:99:24:76:11:2c:06:21:2a:40:d2:87:a2:1d:8e:55:
61:51:c4:2a:d0:0a:87:85:15:12:3f:fa:41:46:50:24:e8:25:
ec:c8:11:d5:f8:5c:7b:33:8b:83:b0:e4:ce:1f:67:aa:7b:3b:
8d:96:32:0b:0e:c6:a2:9f:e2:01:c3:1d:8e:f6:e2:56:b9:37:
79:91:9c:bd:b0:07:50:b8:45:02:9e:a2:d0:02:6d:78:15:a5:
f6:aa:14:5e:e0:b8:b2:c1:4d:f6:35:d5:31:1b:d7:1e:df:a1:
42:8b:6a:e7:97:e3:a7:c6:35:36:14:75:ad:76:af:2f:42:7c:
9d:0a:25:17:e5:d9:18:46:96:e2:ff:ad:8d:9f:9a:db:fb:b4:
c3:2f:61:6c:f3:ff:53:f2:c0:1c:be:29:e0:c5:6b:f8:10:53:
69:de:c9:9d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUK/SrZ9XHfZ00NyGjWjYc4RYCzQEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDUwNTVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5MjM0ODcxZDY2ODU2ZWYxOGZmNzdkOTVmMzcwOTJjZDRjMGE5NzRmNjU1
MmVkODdhOThhZWEwYmFkNmY5ZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8SNldADw5ffp/JxoNBhReCMmnb2GP3cxBvsy1zS1oAtN4s1TgOuQbb8RYL
Vu6rhl5F4AmaDTx4rJMliyU/YC42VJIUTrSCzF+gMy92lapX/QZ6KTAh322XEN51
sd/WohQneNqPuGjEjt0kOtqOKBa7LVWDunkMJoYr3S8bCDfF08gHTF67RINRaEp+
gKLH0W5NV55hy6KIfh7BL2MYxxBUy7aHNBf8WFjU0TFypcgAkf+P3sJ9cgjXGN4T
YTf4zxQWgAPh61971Ptx6v+PvwIr/zS9zJZmyoE0lu9cOu7cf+i2E488Dtmwz/b6
sMVRsrQeEicx92f2TEac7uJbyVkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRgd+R4
hIgM6E9pW9+zJrW49BjRuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODAxNWZkYzQtZTc5ZC00NDAwLWE3ODYtYzcwYWIzZjEwZDJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CgA
MA0GCSqGSIb3DQEBCwUAA4IBAQAVbObAeKSpKphgpuT+eN2B91ma0YGXp9q9KPTk
Mc8PL7lgCVfV9S+URAsf3Bfx75kOHblbqRySVNq18Xu0WGo7osa8pcIbHXJaQb/w
WUkBt5/F2H+t/vH4kRvnxUGZJHYRLAYhKkDSh6IdjlVhUcQq0AqHhRUSP/pBRlAk
6CXsyBHV+Fx7M4uDsOTOH2eqezuNljILDsain+IBwx2O9uJWuTd5kZy9sAdQuEUC
nqLQAm14FaX2qhRe4LiywU32NdUxG9ce36FCi2rnl+OnxjU2FHWtdq8vQnydCiUX
5dkYRpbi/62Nn5rb+7TDL2Fs8/9T8sAcvingxWv4EFNp3smd
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:16 2025 by rpki-client