Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
File: 86433272-8233-4231-82ff-92246d0a41a5.roa (raw, json)
Hash identifier: fjXvJOLEkX9fwXxIHyRy6iJtjhIaqXv0YG2XjtXdxyQ=
Subject key identifier: DD:ED:51:C3:C2:C8:7B:D7:1B:38:6F:E2:1C:5A:70:E4:3F:2A:F6:61
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50248CB817CB4BCD85CEBD9966B82A437BFCB6CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
Signing time: Fri 11 Jul 2025 19:10:21 +0000
ROA not before: Fri 11 Jul 2025 19:10:21 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:24:8c:b8:17:cb:4b:cd:85:ce:bd:99:66:b8:2a:43:7b:fc:b6:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:10:21 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=ed99a71c640ddea29c72fe1612c7006820bb3ef10c8ec93bad094d7e4bb0be60, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b5:0c:22:98:7c:12:26:9d:10:a0:78:73:b5:
ac:33:b3:1e:99:15:c2:58:5a:d3:5d:9f:3f:d4:af:
a6:34:5c:09:8b:0d:94:4e:85:5a:59:e4:2f:bd:53:
f3:73:07:54:cd:64:6c:a5:f9:6e:cf:85:ba:7e:53:
d0:f4:24:ce:6f:e3:6d:d1:71:a3:42:a8:60:70:0f:
f5:dc:68:89:1b:16:15:1c:b5:1f:bb:5c:f2:8d:50:
97:6e:dc:95:30:6e:85:d0:40:8f:e6:01:37:83:74:
e6:f9:85:d0:a2:f9:49:1a:83:28:03:f3:ef:61:a4:
0a:26:df:b4:13:50:a0:0d:0f:2a:8c:85:83:11:bb:
55:b1:0c:c2:df:89:28:8e:c9:f2:eb:74:c0:bf:87:
3f:66:3e:e5:70:1a:00:2f:d1:ed:d5:d1:a2:67:62:
48:f3:3d:96:9b:02:a2:db:95:fd:76:ac:6b:93:0b:
53:49:c5:11:05:42:08:38:0f:08:68:3e:b2:25:ef:
77:2b:38:2f:20:88:a4:87:eb:7d:84:f9:94:95:70:
d8:f0:5a:19:a1:9b:dd:65:ea:42:74:fa:f6:fb:de:
31:f9:41:e0:11:2b:d4:0c:5b:0a:8f:ad:95:fe:3b:
0d:18:63:51:c2:c6:2f:43:9f:76:39:65:2f:02:bc:
cf:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:ED:51:C3:C2:C8:7B:D7:1B:38:6F:E2:1C:5A:70:E4:3F:2A:F6:61
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
19:7c:72:5b:75:36:a8:c6:6d:03:47:8a:b9:5d:dd:3c:48:db:
1c:e5:21:01:a9:91:5b:04:52:64:2b:64:e9:85:a3:62:7e:e8:
53:c9:2d:26:85:5c:11:4f:b2:b2:12:c0:3f:b0:b0:02:10:51:
14:fb:a8:da:9e:a9:86:de:b0:04:08:dd:48:6f:6e:66:56:bb:
34:1c:cd:4b:39:87:96:9e:76:58:77:ae:f5:b1:a1:26:ad:3d:
88:42:95:7b:6c:ce:ce:f4:a7:34:4e:9c:61:25:63:59:04:e5:
17:7c:30:dd:17:42:9f:dc:3a:59:82:54:e4:fe:e4:a0:44:d0:
66:3f:1a:6f:4c:a3:f8:b1:11:d0:be:86:91:46:2e:5b:39:c4:
e6:4d:6e:a1:14:c9:71:12:b6:84:6e:6a:fa:12:08:92:8a:0a:
ca:2b:ea:4a:06:f3:91:a8:71:19:cd:09:4e:91:99:fa:93:ec:
99:ab:fb:b0:26:de:22:3c:86:da:3a:df:cf:84:5e:2c:e1:77:
a4:3c:f2:60:ca:32:9a:7b:d1:d6:2f:aa:83:32:0c:e8:f1:7e:
8a:9a:c7:57:fc:a9:51:b4:d2:04:2d:40:64:d0:c9:04:c6:ca:
5d:7c:67:2d:82:93:09:7c:d5:95:86:27:d9:cd:9e:61:04:1f:
a8:18:85:55
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUCSMuBfLS82Fzr2ZZrgqQ3v8tsswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTEwMjFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkOTlhNzFjNjQwZGRlYTI5YzcyZmUxNjEyYzcwMDY4MjBiYjNlZjEwYzhl
YzkzYmFkMDk0ZDdlNGJiMGJlNjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKi1DCKYfBImnRCgeHO1rDOzHpkVwlha012fP9SvpjRcCYsNlE6FWlnkL71T
83MHVM1kbKX5bs+Fun5T0PQkzm/jbdFxo0KoYHAP9dxoiRsWFRy1H7tc8o1Ql27c
lTBuhdBAj+YBN4N05vmF0KL5SRqDKAPz72GkCibftBNQoA0PKoyFgxG7VbEMwt+J
KI7J8ut0wL+HP2Y+5XAaAC/R7dXRomdiSPM9lpsCotuV/Xasa5MLU0nFEQVCCDgP
CGg+siXvdys4LyCIpIfrfYT5lJVw2PBaGaGb3WXqQnT69vveMflB4BEr1AxbCo+t
lf47DRhjUcLGL0OfdjllLwK8z4ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTd7VHD
wsh71xs4b+IcWnDkPyr2YTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODY0MzMyNzItODIzMy00MjMxLTgyZmYtOTIyNDZkMGE0MWE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
wDANBgkqhkiG9w0BAQsFAAOCAQEAGXxyW3U2qMZtA0eKuV3dPEjbHOUhAamRWwRS
ZCtk6YWjYn7oU8ktJoVcEU+yshLAP7CwAhBRFPuo2p6pht6wBAjdSG9uZla7NBzN
SzmHlp52WHeu9bGhJq09iEKVe2zOzvSnNE6cYSVjWQTlF3ww3RdCn9w6WYJU5P7k
oETQZj8ab0yj+LER0L6GkUYuWznE5k1uoRTJcRK2hG5q+hIIkooKyivqSgbzkahx
Gc0JTpGZ+pPsmav7sCbeIjyG2jrfz4ReLOF3pDzyYMoymnvR1i+qgzIM6PF+iprH
V/ypUbTSBC1AZNDJBMbKXXxnLYKTCXzVlYYn2c2eYQQfqBiFVQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:39 2025 by rpki-client