Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8bc6184b-4b16-4844-96e2-71541ff10974.roa
File: 8bc6184b-4b16-4844-96e2-71541ff10974.roa (raw, json)
Hash identifier: XbP2z0qVcQd4qJZYZRBg2n3UOCLxOuT9jPxybyKd78I=
Subject key identifier: 3C:05:85:39:6B:ED:4A:FE:EC:4F:20:C2:79:F8:80:5A:E6:FB:3B:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 178F026D8913D99BAE64B176D4278311A366B5C1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8bc6184b-4b16-4844-96e2-71541ff10974.roa
Signing time: Mon 14 Jul 2025 16:54:20 +0000
ROA not before: Mon 14 Jul 2025 16:54:20 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:8f:02:6d:89:13:d9:9b:ae:64:b1:76:d4:27:83:11:a3:66:b5:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 14 16:54:20 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=63b02af854c5296ae056e247a7c0b125bb7cf9abe0de187fcadd9625217933b9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bc:ab:17:8f:3b:e3:c9:2e:75:45:41:f0:1a:
ac:89:5b:89:38:ff:fe:2b:5a:63:c9:5d:7f:e6:76:
31:43:99:b6:65:a2:f8:56:05:67:60:99:eb:21:ba:
2d:0c:55:9f:af:d4:9a:8d:4a:0c:fc:ab:af:82:3c:
68:05:7a:dd:75:45:ab:b0:99:71:17:11:fd:59:39:
62:db:71:12:e8:75:0d:a9:82:c0:eb:24:10:61:6e:
bf:fd:5a:92:fc:1c:51:38:22:b2:d8:82:28:2c:f0:
bd:ac:44:04:57:62:d4:71:91:07:e0:51:97:62:79:
cb:8e:a0:58:1a:c3:96:e1:6e:3c:f2:f4:a6:73:5b:
0b:7c:e5:7f:bb:be:f6:a9:37:51:1f:8d:3d:a4:d0:
c3:a4:d4:35:50:c3:a1:67:4d:7f:af:c1:a9:fa:3b:
48:5b:c5:d4:63:53:10:15:0a:27:24:d5:12:08:12:
03:09:d2:d0:bb:09:c0:66:14:71:6f:a6:2e:a6:8d:
9c:af:20:10:52:34:38:af:79:d1:12:3c:3c:a8:1a:
54:74:ab:a2:ac:32:0f:86:d1:f5:bb:93:59:a8:1c:
1c:ff:89:de:b1:24:f0:df:3f:85:c6:2a:ff:54:fe:
de:a1:48:8c:50:b5:c8:1e:20:65:d4:48:76:1c:19:
e5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:05:85:39:6B:ED:4A:FE:EC:4F:20:C2:79:F8:80:5A:E6:FB:3B:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8bc6184b-4b16-4844-96e2-71541ff10974.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c000::/40
Signature Algorithm: sha256WithRSAEncryption
65:4f:f6:6f:60:b0:91:20:a8:44:26:aa:7b:1c:21:26:02:28:
5f:e4:d1:29:47:1b:4a:73:c9:5b:3a:f2:1f:e5:87:33:2d:fd:
56:50:21:e7:4b:6d:cb:23:87:45:50:a3:aa:36:be:3d:ab:70:
ac:87:ab:fd:6c:f8:94:6a:3f:5b:0a:2b:1c:80:23:d6:72:7f:
8d:26:18:6f:d3:cd:6b:8d:e2:78:7c:cf:d2:9e:0f:8a:a6:da:
e5:ed:30:69:28:ee:92:3f:ac:05:66:5e:35:c7:b9:64:ca:17:
c0:d6:3f:54:66:d6:c1:01:65:88:95:85:6a:42:bf:07:4b:9d:
bb:31:b1:75:5b:9a:a2:74:a4:e4:5d:50:28:25:8b:2e:e7:5b:
b5:d9:70:67:b6:fc:d0:06:e1:69:68:4c:58:8a:e5:72:13:4a:
57:58:9e:78:4a:33:a0:7b:21:f9:40:83:73:fb:f9:34:d2:61:
cc:6e:b8:2b:2f:15:e1:03:ae:d6:54:f7:73:9d:0f:56:09:9f:
18:7a:3b:de:11:c8:b6:b7:35:ba:39:de:37:23:d5:99:b6:f4:
7f:45:f7:7e:f8:de:39:aa:45:24:7c:fb:70:c4:6e:f9:f5:06:
98:1d:de:11:44:32:88:a7:da:97:8e:0d:34:8a:3c:82:1e:1f:
a2:e7:2e:47
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF48CbYkT2ZuuZLF21CeDEaNmtcEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTQxNjU0MjBaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzYjAyYWY4NTRjNTI5NmFlMDU2ZTI0N2E3YzBiMTI1YmI3Y2Y5YWJlMGRl
MTg3ZmNhZGQ5NjI1MjE3OTMzYjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKS8qxePO+PJLnVFQfAarIlbiTj//itaY8ldf+Z2MUOZtmWi+FYFZ2CZ6yG6
LQxVn6/Umo1KDPyrr4I8aAV63XVFq7CZcRcR/Vk5YttxEuh1DamCwOskEGFuv/1a
kvwcUTgistiCKCzwvaxEBFdi1HGRB+BRl2J5y46gWBrDluFuPPL0pnNbC3zlf7u+
9qk3UR+NPaTQw6TUNVDDoWdNf6/Bqfo7SFvF1GNTEBUKJyTVEggSAwnS0LsJwGYU
cW+mLqaNnK8gEFI0OK950RI8PKgaVHSroqwyD4bR9buTWagcHP+J3rEk8N8/hcYq
/1T+3qFIjFC1yB4gZdRIdhwZ5Z0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ8BYU5
a+1K/uxPIMJ5+IBa5vs74DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGJjNjE4NGItNGIxNi00ODQ0LTk2ZTItNzE1NDFmZjEwOTc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTA
MA0GCSqGSIb3DQEBCwUAA4IBAQBlT/ZvYLCRIKhEJqp7HCEmAihf5NEpRxtKc8lb
OvIf5YczLf1WUCHnS23LI4dFUKOqNr49q3Csh6v9bPiUaj9bCiscgCPWcn+NJhhv
081rjeJ4fM/Sng+Kptrl7TBpKO6SP6wFZl41x7lkyhfA1j9UZtbBAWWIlYVqQr8H
S527MbF1W5qidKTkXVAoJYsu51u12XBntvzQBuFpaExYiuVyE0pXWJ54SjOgeyH5
QINz+/k00mHMbrgrLxXhA67WVPdznQ9WCZ8YejveEci2tzW6Od43I9WZtvR/Rfd+
+N45qkUkfPtwxG759QaYHd4RRDKIp9qXjg00ijyCHh+i5y5H
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:38 2025 by rpki-client