Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
File: 84822380-4084-4c46-8745-4e82faaddd84.roa (raw, json)
Hash identifier: VfMyFOCwqhkw4DFZZjr2Uv0TPVbPUJIJXCnZWObY6fA=
Subject key identifier: 81:67:D0:17:FE:FD:75:39:53:08:BA:76:31:88:77:D5:65:7D:37:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 66F067BD2C2DEAC1A0C04F8871B98787AD88BBF3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
Signing time: Fri 11 Jul 2025 20:41:27 +0000
ROA not before: Fri 11 Jul 2025 20:41:27 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:f0:67:bd:2c:2d:ea:c1:a0:c0:4f:88:71:b9:87:87:ad:88:bb:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:41:27 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=8376fb9b640f1e0173a8482d56fa9a19df7530ae91350e44f729506cfb3b0421, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:05:d5:84:ae:da:79:18:3c:0b:70:26:8c:57:
28:7d:8a:0f:f0:70:f4:54:f5:ac:14:45:d7:08:23:
d9:72:1d:24:91:66:59:5c:a2:86:25:64:76:17:5c:
f9:9f:5a:4a:7a:e8:5f:7b:ef:fc:f6:be:5b:1b:4a:
ce:f9:28:50:a0:42:5d:b8:08:96:8a:a7:85:56:7f:
91:f1:12:29:11:f8:8c:e3:09:fd:b8:14:4d:6d:fc:
87:ec:98:33:b4:be:b6:b7:5b:e1:00:de:1c:7e:91:
4a:1a:8f:70:b8:3d:0e:29:71:14:0c:a5:69:78:e7:
4b:46:eb:9f:41:8c:69:06:2a:1b:b7:a9:aa:33:94:
de:b1:9c:96:c5:14:33:c9:19:b3:0b:11:f4:2e:78:
35:fe:43:81:d8:65:2b:a1:28:1a:e0:99:41:fd:45:
71:f3:57:c8:c4:1f:88:b1:80:de:42:19:2e:69:6c:
39:ac:ee:ed:f4:c7:72:67:f8:a5:4a:49:76:3d:d4:
e3:99:f7:9e:5c:30:b8:37:34:a8:b5:45:57:ec:fc:
ad:38:d8:aa:3e:76:5a:11:c2:44:68:36:52:63:c4:
69:51:2a:cb:d0:dc:c9:3c:1f:f7:5b:35:8b:d3:65:
ea:f3:3c:f4:c8:0a:33:13:76:e0:ca:2c:d9:08:fb:
f1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:67:D0:17:FE:FD:75:39:53:08:BA:76:31:88:77:D5:65:7D:37:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:800::/38
Signature Algorithm: sha256WithRSAEncryption
81:7a:32:8e:1e:d6:63:37:93:a9:43:24:b5:97:41:1c:e8:5b:
dc:f3:cb:fc:97:f3:bc:5f:46:d6:76:1e:39:34:df:6a:03:eb:
be:f8:ac:22:26:17:a3:6b:2b:92:bb:e5:4d:86:d5:bb:72:02:
11:6e:29:56:d2:92:5a:e2:76:e9:6c:37:eb:07:99:64:c6:28:
cd:30:94:ce:85:73:a5:ec:c4:67:6b:b8:9e:3d:d2:09:3f:fc:
11:73:17:40:6e:af:ef:71:df:fb:7a:dd:d9:06:63:43:ef:aa:
c7:66:72:95:84:7a:59:37:7a:29:ba:ae:03:aa:4c:8b:21:8c:
f8:ce:4f:fd:b6:19:80:ac:19:7d:a2:2b:3e:d6:bd:9c:e3:0c:
c9:6f:9c:72:e6:36:c8:81:a5:a4:cc:49:6b:db:b7:da:96:7e:
d5:9a:67:01:74:98:e2:2a:59:78:cb:c9:9f:dd:6a:81:a8:a6:
8c:30:6c:c9:66:d0:f6:8b:63:fc:e1:cb:8b:03:13:d7:ed:35:
70:2a:a3:7e:1a:65:10:d2:5d:42:d6:e3:74:58:1e:fb:b5:36:
37:02:27:85:1a:62:d6:3d:c6:a7:59:a5:47:5a:08:7b:e7:2f:
27:07:eb:9a:d3:63:19:01:d7:bc:b7:13:ec:4e:f2:d6:e6:b3:
57:07:33:cd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZvBnvSwt6sGgwE+IcbmHh62Iu/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQxMjdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzNzZmYjliNjQwZjFlMDE3M2E4NDgyZDU2ZmE5YTE5ZGY3NTMwYWU5MTM1
MGU0NGY3Mjk1MDZjZmIzYjA0MjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgF1YSu2nkYPAtwJoxXKH2KD/Bw9FT1rBRF1wgj2XIdJJFmWVyihiVkdhdc
+Z9aSnroX3vv/Pa+WxtKzvkoUKBCXbgIloqnhVZ/kfESKRH4jOMJ/bgUTW38h+yY
M7S+trdb4QDeHH6RShqPcLg9DilxFAylaXjnS0brn0GMaQYqG7epqjOU3rGclsUU
M8kZswsR9C54Nf5DgdhlK6EoGuCZQf1FcfNXyMQfiLGA3kIZLmlsOazu7fTHcmf4
pUpJdj3U45n3nlwwuDc0qLVFV+z8rTjYqj52WhHCRGg2UmPEaVEqy9DcyTwf91s1
i9Nl6vM89MgKMxN24Mos2Qj78Y0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSBZ9AX
/v11OVMIunYxiHfVZX03UDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODQ4MjIzODAtNDA4NC00YzQ2LTg3NDUtNGU4MmZhYWRkZDg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQI
MA0GCSqGSIb3DQEBCwUAA4IBAQCBejKOHtZjN5OpQyS1l0Ec6Fvc88v8l/O8X0bW
dh45NN9qA+u++KwiJhejayuSu+VNhtW7cgIRbilW0pJa4nbpbDfrB5lkxijNMJTO
hXOl7MRna7iePdIJP/wRcxdAbq/vcd/7et3ZBmND76rHZnKVhHpZN3opuq4DqkyL
IYz4zk/9thmArBl9ois+1r2c4wzJb5xy5jbIgaWkzElr27faln7VmmcBdJjiKll4
y8mf3WqBqKaMMGzJZtD2i2P84cuLAxPX7TVwKqN+GmUQ0l1C1uN0WB77tTY3AieF
GmLWPcanWaVHWgh75y8nB+ua02MZAde8txPsTvLW5rNXBzPN
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:33 2025 by rpki-client