Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
File: 8615f258-46a8-450c-972c-84b27581bb43.roa (raw, json)
Hash identifier: vC4C/Nw5IMX7iNaPwERkVwurs/6YsRm7u7nF+FoE1fM=
Subject key identifier: 16:5A:94:52:4E:D7:BC:94:BE:80:65:BE:0B:21:5E:85:C8:C6:EB:EB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 42BFAAD22BF2075B8A13FE4F8AB059CD6DB2E573
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
Signing time: Fri 11 Jul 2025 20:40:40 +0000
ROA not before: Fri 11 Jul 2025 20:40:40 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:bf:aa:d2:2b:f2:07:5b:8a:13:fe:4f:8a:b0:59:cd:6d:b2:e5:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:40:40 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=7b48be9ac5dbe8cccbf6728e9f44b9d070a5d862ccd5333425bda6d97ce214dd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:37:f0:ea:ab:f9:07:5f:ed:82:87:f4:9e:a2:
37:c2:89:3c:dd:35:4d:4c:c0:65:10:2b:f3:62:be:
7b:0a:11:a8:f2:66:0b:21:89:20:41:6d:2f:39:b0:
95:22:27:90:00:b1:c7:77:98:17:83:07:44:3e:70:
9b:5f:fa:f2:a9:6d:e0:47:23:1e:0c:49:ee:94:45:
c3:22:1c:56:35:44:b4:8a:98:28:57:6e:e9:3f:8e:
69:1f:e8:bb:43:59:09:94:f0:39:97:46:ae:c6:e5:
84:85:93:c6:c3:7e:62:fa:d2:e0:cf:95:69:46:4d:
f5:ac:77:64:d1:c8:94:61:89:c6:a6:66:79:95:58:
f3:0a:dd:ce:4b:2f:a1:8a:90:44:9b:6f:a9:38:8e:
25:57:ab:cf:bc:bc:c2:1a:74:f2:b3:b0:35:2d:e1:
23:c9:38:dc:c5:e8:e9:6c:ac:a1:47:31:3d:86:af:
da:bb:59:fc:94:8a:e1:3f:1d:fa:08:77:ef:c8:c2:
f8:e5:66:be:6f:57:e2:65:a2:f5:90:15:8d:f9:92:
ec:7f:e4:80:c4:f1:b1:bc:95:84:f6:46:09:56:29:
a0:00:0a:7d:a6:7e:af:79:cf:21:32:7f:21:e0:3d:
cd:4f:b5:1f:a8:ea:84:5a:35:1d:a4:e4:e2:aa:ae:
8b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:5A:94:52:4E:D7:BC:94:BE:80:65:BE:0B:21:5E:85:C8:C6:EB:EB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018::/36
Signature Algorithm: sha256WithRSAEncryption
9c:51:39:08:70:d8:93:49:3a:51:a6:b0:44:13:77:5a:56:03:
e2:d8:c2:25:a3:0c:3d:a2:b8:74:36:6a:51:06:7e:40:85:6c:
a1:38:33:92:9e:e1:b6:9f:ef:3a:10:eb:67:1c:4a:9a:0b:5b:
97:8a:d6:2c:58:84:d0:73:f5:92:9b:e2:81:18:71:9e:a5:3a:
98:f0:67:a9:6e:09:e7:38:34:70:1f:9c:0e:79:10:43:92:b2:
50:54:78:c2:c4:f2:49:b5:b7:34:5c:f2:fc:ce:08:38:61:53:
0f:72:20:96:a0:f6:ec:04:5b:3b:90:41:38:1c:4c:4e:d1:ea:
1f:9c:a4:9f:c5:dc:30:80:63:0d:b2:10:7a:04:b3:ee:72:b0:
ca:6a:af:ab:56:b7:6f:da:ca:40:45:06:65:2c:28:23:d4:ab:
b7:cf:a0:0a:77:f0:82:b0:6a:b9:01:53:bf:5c:c5:bb:69:fc:
99:23:31:d3:c0:81:35:eb:a9:c7:25:cd:77:68:dd:a5:c8:57:
da:d1:a0:ef:42:1e:c0:0e:a0:af:d3:b5:40:6d:2e:ae:5c:3a:
8d:99:d9:10:81:7e:63:fc:76:a8:eb:ef:3d:39:e0:32:a3:70:
f2:23:f8:c7:1e:ba:aa:a8:9c:4a:0e:39:87:df:32:eb:f1:63:
1c:66:2c:fe
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQr+q0ivyB1uKE/5PirBZzW2y5XMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQwNDBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiNDhiZTlhYzVkYmU4Y2NjYmY2NzI4ZTlmNDRiOWQwNzBhNWQ4NjJjY2Q1
MzMzNDI1YmRhNmQ5N2NlMjE0ZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKI38Oqr+Qdf7YKH9J6iN8KJPN01TUzAZRAr82K+ewoRqPJmCyGJIEFtLzmw
lSInkACxx3eYF4MHRD5wm1/68qlt4EcjHgxJ7pRFwyIcVjVEtIqYKFdu6T+OaR/o
u0NZCZTwOZdGrsblhIWTxsN+YvrS4M+VaUZN9ax3ZNHIlGGJxqZmeZVY8wrdzksv
oYqQRJtvqTiOJVerz7y8whp08rOwNS3hI8k43MXo6WysoUcxPYav2rtZ/JSK4T8d
+gh378jC+OVmvm9X4mWi9ZAVjfmS7H/kgMTxsbyVhPZGCVYpoAAKfaZ+r3nPITJ/
IeA9zU+1H6jqhFo1HaTk4qqui+kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWWpRS
Tte8lL6AZb4LIV6FyMbr6zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODYxNWYyNTgtNDZhOC00NTBjLTk3MmMtODRiMjc1ODFiYjQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BgA
MA0GCSqGSIb3DQEBCwUAA4IBAQCcUTkIcNiTSTpRprBEE3daVgPi2MIloww9orh0
NmpRBn5AhWyhODOSnuG2n+86EOtnHEqaC1uXitYsWITQc/WSm+KBGHGepTqY8Gep
bgnnODRwH5wOeRBDkrJQVHjCxPJJtbc0XPL8zgg4YVMPciCWoPbsBFs7kEE4HExO
0eofnKSfxdwwgGMNshB6BLPucrDKaq+rVrdv2spARQZlLCgj1Ku3z6AKd/CCsGq5
AVO/XMW7afyZIzHTwIE166nHJc13aN2lyFfa0aDvQh7ADqCv07VAbS6uXDqNmdkQ
gX5j/Hao6+89OeAyo3DyI/jHHrqqqJxKDjmH3zLr8WMcZiz+
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:23 2025 by rpki-client