Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/80a87408-515b-45b1-aa62-7e6516358bb6.roa
File: 80a87408-515b-45b1-aa62-7e6516358bb6.roa (raw, json)
Hash identifier: y6QaNC+x7mAG/AhxavH34Fs82mogrz4wBOBWnxa1YNg=
Subject key identifier: 1B:56:C9:E7:A2:03:20:D5:6E:03:BF:E6:34:2F:C5:58:C6:AF:74:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4629251DB3B26520EA48176D1DA436D67CA7BD41
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/80a87408-515b-45b1-aa62-7e6516358bb6.roa
Signing time: Fri 11 Jul 2025 19:41:05 +0000
ROA not before: Fri 11 Jul 2025 19:41:05 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:10c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:29:25:1d:b3:b2:65:20:ea:48:17:6d:1d:a4:36:d6:7c:a7:bd:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:41:05 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=2f2ac6a31628cb44122926265669fbeecc322f393228da8fccf02e576f43c5ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:33:9b:e7:e7:13:c5:ef:57:3f:b2:09:bf:19:
5d:03:99:a8:d3:c9:0a:5d:6e:0d:2e:7d:30:ee:91:
df:8c:47:ff:ab:3f:bb:31:b2:be:80:61:4e:da:e1:
de:d6:ad:28:9a:14:22:e7:7e:bc:6c:c4:c8:f1:24:
0b:0f:fa:64:90:d9:01:d2:e0:ac:ea:5b:e0:37:e4:
43:63:f9:82:dc:a4:fd:c9:49:87:c9:b3:78:bf:67:
ee:00:86:a8:11:83:7d:41:9b:dd:87:a4:f0:d5:9d:
35:ed:05:00:bb:04:1c:e9:fe:57:5a:7e:58:81:e1:
69:20:16:4b:b2:33:a8:b2:0f:8f:d9:eb:a9:26:4a:
ba:ec:59:13:21:4c:eb:53:e8:a9:da:6d:cb:88:a2:
95:a8:fb:08:9b:b8:f3:75:7f:25:9f:e8:c4:98:b0:
b2:97:4d:d6:95:1b:27:b6:12:a2:b4:41:23:53:47:
6d:6f:1b:f7:87:a1:b1:b2:97:5d:83:21:98:49:d1:
63:51:21:16:f4:c0:21:35:6e:c9:a8:b6:a5:05:99:
10:47:5d:1c:a8:fe:b5:59:72:5a:8c:94:95:53:a1:
7d:e4:0a:95:a1:be:66:8d:e1:86:86:c4:96:25:92:
7c:ea:79:09:1d:52:cd:54:25:fa:85:a1:29:37:cb:
6f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:56:C9:E7:A2:03:20:D5:6E:03:BF:E6:34:2F:C5:58:C6:AF:74:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/80a87408-515b-45b1-aa62-7e6516358bb6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:10c0::/46
Signature Algorithm: sha256WithRSAEncryption
95:43:0e:57:cb:72:8f:2e:d9:ed:59:4a:7e:63:69:59:0a:14:
a1:5f:31:0b:46:37:d0:e5:21:a5:c0:f6:9b:53:32:82:0c:fb:
76:de:8a:46:b7:b7:e7:14:50:fa:9a:ff:43:5d:d4:44:b5:4f:
72:1a:4e:65:7e:15:d2:90:32:3e:6d:68:37:96:30:f1:ca:f0:
27:d6:c1:de:a8:93:91:cc:62:cc:5f:93:b9:50:47:9c:b1:b5:
87:60:ac:9c:3a:0e:2b:e9:cc:96:9f:5b:ad:c9:1d:db:46:a3:
f9:15:38:32:51:22:0c:0d:09:d4:2c:6a:e5:0f:a5:37:4b:34:
7b:49:df:a0:76:7b:09:7d:20:de:26:78:6a:6e:c0:42:28:ba:
3f:d9:f1:28:99:64:2f:17:e5:e8:9a:cd:98:89:26:d0:af:fb:
74:c2:1e:35:64:b1:fa:31:98:71:07:99:a4:79:6a:84:c8:40:
e0:3f:34:a7:79:4f:5e:36:37:f2:4d:d2:a9:00:ca:41:9c:73:
ae:fb:b3:bc:c0:13:7e:59:c4:05:be:aa:68:12:d1:82:50:c1:
4b:a5:ae:5c:c9:70:2e:c2:6e:07:6e:c0:60:a8:f8:ed:7c:67:
33:89:0e:c4:f7:8d:aa:48:3b:38:31:e0:d2:a9:54:3a:7a:32:
fb:b1:5f:d3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURiklHbOyZSDqSBdtHaQ21nynvUEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTQxMDVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmMmFjNmEzMTYyOGNiNDQxMjI5MjYyNjU2NjlmYmVlY2MzMjJmMzkzMjI4
ZGE4ZmNjZjAyZTU3NmY0M2M1ZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIzm+fnE8XvVz+yCb8ZXQOZqNPJCl1uDS59MO6R34xH/6s/uzGyvoBhTtrh
3tatKJoUIud+vGzEyPEkCw/6ZJDZAdLgrOpb4DfkQ2P5gtyk/clJh8mzeL9n7gCG
qBGDfUGb3Yek8NWdNe0FALsEHOn+V1p+WIHhaSAWS7IzqLIPj9nrqSZKuuxZEyFM
61Poqdpty4iilaj7CJu483V/JZ/oxJiwspdN1pUbJ7YSorRBI1NHbW8b94ehsbKX
XYMhmEnRY1EhFvTAITVuyai2pQWZEEddHKj+tVlyWoyUlVOhfeQKlaG+Zo3hhobE
liWSfOp5CR1SzVQl+oWhKTfLbykCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQbVsnn
ogMg1W4Dv+Y0L8VYxq90BzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODBhODc0MDgtNTE1Yi00NWIxLWFhNjItN2U2NTE2MzU4YmI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HsQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAlUMOV8tyjy7Z7VlKfmNpWQoUoV8xC0Y30OUh
pcD2m1Myggz7dt6KRre35xRQ+pr/Q13URLVPchpOZX4V0pAyPm1oN5Yw8crwJ9bB
3qiTkcxizF+TuVBHnLG1h2CsnDoOK+nMlp9brckd20aj+RU4MlEiDA0J1Cxq5Q+l
N0s0e0nfoHZ7CX0g3iZ4am7AQii6P9nxKJlkLxfl6JrNmIkm0K/7dMIeNWSx+jGY
cQeZpHlqhMhA4D80p3lPXjY38k3SqQDKQZxzrvuzvMATflnEBb6qaBLRglDBS6Wu
XMlwLsJuB27AYKj47XxnM4kOxPeNqkg7ODHg0qlUOnoy+7Ff0w==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:41 2025 by rpki-client