Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
File: 88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa (raw, json)
Hash identifier: BNVpoQAY11lks//4eAWKf7xLbO2+jU9s/Fndj29D3/A=
Subject key identifier: 63:B5:E8:88:F0:7D:D5:71:21:D5:83:46:2F:8D:A3:B0:D7:05:32:4D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A921D46E8194CD9DE8C911EC8769A10DC64F321
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
Signing time: Fri 11 Jul 2025 20:41:23 +0000
ROA not before: Fri 11 Jul 2025 20:41:23 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:92:1d:46:e8:19:4c:d9:de:8c:91:1e:c8:76:9a:10:dc:64:f3:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:41:23 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=b3adfbf1f5d415df56255e86cb1b1a463fc8fbc9388dcc01f2c8061416b9c6f5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:05:ad:85:17:f1:a4:a8:6c:1e:8c:9d:16:ec:
2f:dd:5f:f2:a2:fd:fd:35:16:a7:96:ba:54:49:58:
fe:62:ba:74:a8:97:33:a1:3e:bd:c2:23:6e:f2:19:
3f:11:62:f2:08:1a:8f:d1:66:fa:bc:fd:f9:07:73:
f0:6f:0a:ff:45:1b:36:74:03:66:e9:6d:c1:35:be:
12:55:59:86:a0:a2:62:b3:f9:87:e8:b8:b6:9c:c8:
5a:34:3f:49:08:05:21:f1:b9:b5:bc:16:f6:29:8a:
1a:3c:ba:ac:76:5a:81:2c:27:74:92:bc:e9:51:5e:
2a:eb:7a:31:45:cb:36:12:b6:d9:8a:3a:ca:0b:76:
70:65:92:18:9a:ff:8b:3b:1e:95:ce:25:56:03:3a:
e8:dc:27:27:42:33:3d:4a:75:8e:2d:eb:a0:40:a1:
15:73:02:4f:1e:db:36:4d:c1:00:00:fb:b7:12:0e:
06:51:c6:9a:05:8e:31:ec:84:7a:8d:69:62:33:79:
57:f2:b4:cd:70:e9:7a:ba:4a:3e:17:3c:80:06:21:
ce:7f:ef:e4:66:1c:99:a2:d3:0f:1a:31:55:ff:71:
b9:d2:d2:bf:5a:3a:c4:dd:fe:b4:7b:c5:2c:dd:4e:
e5:3f:17:6e:a5:e9:1e:0b:80:5f:95:98:48:2f:b4:
fa:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:B5:E8:88:F0:7D:D5:71:21:D5:83:46:2F:8D:A3:B0:D7:05:32:4D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:c00::/38
Signature Algorithm: sha256WithRSAEncryption
43:ee:9f:e8:26:f2:e6:75:82:8e:d9:f8:6d:11:89:01:e2:73:
d7:2b:a3:50:55:ac:89:d7:96:ba:f1:9c:f0:02:98:57:ed:b1:
b2:b0:7d:07:c5:45:91:cd:5c:69:73:87:40:b0:36:a3:b2:34:
c4:69:31:d4:04:28:01:91:ea:dc:d3:0a:19:06:ce:aa:dd:c1:
1a:a9:f4:d8:91:53:28:2e:47:15:fa:90:52:98:0b:8a:96:bd:
2f:6e:76:6c:f3:02:87:3f:be:49:0b:8d:f6:82:3f:9c:55:6d:
fd:c3:67:93:67:ad:a5:11:6c:7a:e3:a6:6b:e8:60:84:50:55:
95:1c:d1:56:be:e6:1d:c3:58:b6:09:b8:72:a7:6e:26:7e:a5:
96:7e:1a:b4:40:37:12:93:24:a5:6f:80:e1:86:82:f3:e5:c2:
af:a5:c6:76:f0:cb:ec:59:e3:4f:a8:05:6b:9e:75:e1:73:a0:
1c:2a:b0:d2:42:95:75:87:14:a8:a6:ff:64:1a:b2:3a:db:50:
48:c1:ba:a1:25:a6:27:1d:95:8a:11:d4:c4:b1:59:07:c7:74:
66:03:8b:f7:3a:05:cc:b3:3c:1f:10:2a:32:d7:ad:99:0e:c3:
b9:ce:f7:5c:43:8e:73:af:e2:52:7b:23:a0:a4:a0:ea:c4:0a:
3c:6f:bb:45
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUepIdRugZTNnejJEeyHaaENxk8yEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQxMjNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzYWRmYmYxZjVkNDE1ZGY1NjI1NWU4NmNiMWIxYTQ2M2ZjOGZiYzkzODhk
Y2MwMWYyYzgwNjE0MTZiOWM2ZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoFrYUX8aSobB6MnRbsL91f8qL9/TUWp5a6VElY/mK6dKiXM6E+vcIjbvIZ
PxFi8ggaj9Fm+rz9+Qdz8G8K/0UbNnQDZultwTW+ElVZhqCiYrP5h+i4tpzIWjQ/
SQgFIfG5tbwW9imKGjy6rHZagSwndJK86VFeKut6MUXLNhK22Yo6ygt2cGWSGJr/
izselc4lVgM66NwnJ0IzPUp1ji3roEChFXMCTx7bNk3BAAD7txIOBlHGmgWOMeyE
eo1pYjN5V/K0zXDperpKPhc8gAYhzn/v5GYcmaLTDxoxVf9xudLSv1o6xN3+tHvF
LN1O5T8XbqXpHguAX5WYSC+0+nkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRjteiI
8H3VcSHVg0YvjaOw1wUyTTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg4MDBmOWYtNDhmZC00NDQyLWE2ZjYtN2E1MDRlMWNiM2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIM
MA0GCSqGSIb3DQEBCwUAA4IBAQBD7p/oJvLmdYKO2fhtEYkB4nPXK6NQVayJ15a6
8ZzwAphX7bGysH0HxUWRzVxpc4dAsDajsjTEaTHUBCgBkerc0woZBs6q3cEaqfTY
kVMoLkcV+pBSmAuKlr0vbnZs8wKHP75JC432gj+cVW39w2eTZ62lEWx646Zr6GCE
UFWVHNFWvuYdw1i2Cbhyp24mfqWWfhq0QDcSkySlb4DhhoLz5cKvpcZ28MvsWeNP
qAVrnnXhc6AcKrDSQpV1hxSopv9kGrI621BIwbqhJaYnHZWKEdTEsVkHx3RmA4v3
OgXMszwfECoy162ZDsO5zvdcQ45zr+JSeyOgpKDqxAo8b7tF
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:46:29 2025 by rpki-client