Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82612ca1-cd90-4772-9e6c-3237a9225105.roa
File: 82612ca1-cd90-4772-9e6c-3237a9225105.roa (raw, json)
Hash identifier: oz4qTDiPitPAaVcEri6rai3YN2/lWbvObB1fuZXcFfo=
Subject key identifier: AA:6D:8A:81:FD:B4:67:3A:80:E3:B2:CE:EE:FA:48:5F:73:7E:85:F1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B2CFB4BF56173CD74E19F546358D68A0741FDB7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82612ca1-cd90-4772-9e6c-3237a9225105.roa
Signing time: Mon 21 Jul 2025 16:51:40 +0000
ROA not before: Mon 21 Jul 2025 16:51:40 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:2c:fb:4b:f5:61:73:cd:74:e1:9f:54:63:58:d6:8a:07:41:fd:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:51:40 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=6abc13f5853a10fd3b448f2bc5598ff87fe76969378e27b64f29f04b5e879f31, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:dc:80:40:e8:c6:f2:3a:20:1c:ec:06:cd:eb:
17:ae:a2:fb:67:dd:88:35:8c:b2:75:37:67:f4:85:
57:36:87:73:bf:52:6b:64:38:bd:93:fd:ca:09:49:
5d:3c:4a:38:d8:35:66:71:d4:cc:4a:32:da:60:65:
ee:59:2b:4f:a1:93:63:04:e9:ab:d6:9d:e0:7b:b4:
fa:42:87:fb:74:41:2d:50:ce:6a:ba:65:91:64:66:
ec:09:b7:15:b7:5d:a4:1d:ed:9f:09:2e:a9:cf:59:
c6:30:51:20:71:14:34:47:1c:1c:7b:94:29:3f:85:
53:79:25:c8:69:d5:bd:6a:6d:36:ea:47:4b:80:b2:
cd:20:bc:47:34:7a:70:81:dc:d6:5e:ab:0c:b4:58:
52:a7:ea:2a:6a:d9:82:c1:c2:81:4c:b0:06:0a:9f:
aa:99:97:94:06:4e:67:d0:02:fe:e0:37:75:72:a4:
96:c5:af:2c:4b:27:aa:56:f6:f5:a3:cb:1d:cc:e8:
6a:fd:36:18:12:c4:69:a4:dc:be:44:99:c7:c5:e6:
a0:2f:25:2b:ed:71:65:36:2d:7b:d5:31:b7:ac:7f:
57:42:43:b3:7c:a8:e1:f0:68:6f:85:0a:5f:96:7a:
19:72:f2:5d:6a:e0:b6:51:df:9c:d0:0e:ef:5a:f5:
48:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:6D:8A:81:FD:B4:67:3A:80:E3:B2:CE:EE:FA:48:5F:73:7E:85:F1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82612ca1-cd90-4772-9e6c-3237a9225105.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:4000::/40
Signature Algorithm: sha256WithRSAEncryption
31:00:76:92:05:f3:df:ce:46:39:c3:56:c0:a7:e1:89:59:4b:
d4:42:c2:26:66:9f:cd:41:2d:29:74:61:72:f7:e9:65:01:f9:
fb:0a:83:a5:06:a2:bc:7f:31:29:b0:15:10:6a:9f:0b:c8:46:
0b:0c:1c:e3:3c:f9:85:b7:71:10:0b:62:03:29:86:26:f8:27:
f7:47:15:39:7c:99:ec:01:50:61:d0:8f:51:8e:cf:71:9c:94:
6c:14:18:3c:33:f7:53:51:18:ba:dc:23:61:cd:a8:b3:25:ec:
24:4f:9c:3c:15:0d:78:24:bc:1c:f0:8c:ca:2c:e8:4d:b3:c6:
08:f4:03:d0:02:1a:6a:af:af:27:ce:16:ea:bd:8e:c2:f8:18:
74:14:63:d5:c4:f1:cf:08:17:2c:1e:16:b3:4f:eb:5f:5f:40:
03:4a:c1:8e:a0:23:d5:9f:60:07:af:05:ba:23:fd:28:88:af:
f9:c0:0b:2a:41:2b:7a:28:0b:e3:82:74:03:77:d7:d2:a7:ef:
83:02:40:40:0d:1b:7e:d5:e4:a5:25:65:2b:df:ef:ff:a1:c2:
98:01:1b:8c:8b:9d:bb:fa:56:d0:a7:81:12:e0:dc:c3:fe:b4:
2f:7e:78:73:4e:06:7c:17:06:48:6e:92:a1:53:16:3f:57:ab:
ed:f3:04:7f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeyz7S/Vhc8104Z9UY1jWigdB/bcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjUxNDBaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhYmMxM2Y1ODUzYTEwZmQzYjQ0OGYyYmM1NTk4ZmY4N2ZlNzY5NjkzNzhl
MjdiNjRmMjlmMDRiNWU4NzlmMzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/cgEDoxvI6IBzsBs3rF66i+2fdiDWMsnU3Z/SFVzaHc79Sa2Q4vZP9yglJ
XTxKONg1ZnHUzEoy2mBl7lkrT6GTYwTpq9ad4Hu0+kKH+3RBLVDOarplkWRm7Am3
FbddpB3tnwkuqc9ZxjBRIHEUNEccHHuUKT+FU3klyGnVvWptNupHS4CyzSC8RzR6
cIHc1l6rDLRYUqfqKmrZgsHCgUywBgqfqpmXlAZOZ9AC/uA3dXKklsWvLEsnqlb2
9aPLHczoav02GBLEaaTcvkSZx8XmoC8lK+1xZTYte9Uxt6x/V0JDs3yo4fBob4UK
X5Z6GXLyXWrgtlHfnNAO71r1SAECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSqbYqB
/bRnOoDjss7u+khfc36F8TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODI2MTJjYTEtY2Q5MC00NzcyLTllNmMtMzIzN2E5MjI1MTA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVA
MA0GCSqGSIb3DQEBCwUAA4IBAQAxAHaSBfPfzkY5w1bAp+GJWUvUQsImZp/NQS0p
dGFy9+llAfn7CoOlBqK8fzEpsBUQap8LyEYLDBzjPPmFt3EQC2IDKYYm+Cf3RxU5
fJnsAVBh0I9Rjs9xnJRsFBg8M/dTURi63CNhzaizJewkT5w8FQ14JLwc8IzKLOhN
s8YI9APQAhpqr68nzhbqvY7C+Bh0FGPVxPHPCBcsHhazT+tfX0ADSsGOoCPVn2AH
rwW6I/0oiK/5wAsqQSt6KAvjgnQDd9fSp++DAkBADRt+1eSlJWUr3+//ocKYARuM
i527+lbQp4ES4NzD/rQvfnhzTgZ8FwZIbpKhUxY/V6vt8wR/
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:44:10 2025 by rpki-client