Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
File: 8cfa3133-8fd4-4816-ad14-c49146075f82.roa (raw, json)
Hash identifier: QPTygr56IiZ/RK6jC6aIPVbi7IhiYqpDTm4d6u+jrCU=
Subject key identifier: 18:7F:43:70:81:51:51:DA:16:C5:E1:32:04:9E:3C:60:43:B5:19:7E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45C68C18829994CCAD9CA0310D3A9F66A2973D7C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
Signing time: Fri 11 Jul 2025 19:21:26 +0000
ROA not before: Fri 11 Jul 2025 19:21:26 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:c6:8c:18:82:99:94:cc:ad:9c:a0:31:0d:3a:9f:66:a2:97:3d:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:21:26 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=484c113a2be8828398e516e7a9befca4ca605dfddf5d7bca2dc6afe75dc88a1d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1b:42:e1:5d:09:13:a8:0d:8f:0d:69:d1:73:
e3:a4:e6:10:a6:78:89:6c:76:11:ec:60:75:13:a3:
f8:04:69:38:30:6f:89:d5:f9:11:39:af:23:c0:89:
f0:1a:a1:17:92:14:be:06:86:06:40:d0:0a:18:6f:
20:7f:50:82:75:09:c3:a8:98:5d:44:f6:4e:bb:4b:
f9:04:ec:c3:26:c5:23:0f:df:58:4a:5b:52:ec:0f:
10:c5:04:f6:a1:0f:87:58:6d:02:01:f2:1c:08:d8:
19:47:a5:14:6d:bd:c9:ca:d4:3f:d4:4c:0d:c1:d2:
58:33:a5:19:db:59:2a:e4:fe:f3:66:3d:b3:c3:a7:
cb:00:fc:85:d4:c9:bd:b0:25:bf:76:f3:4f:65:3b:
8a:c5:1c:0a:f1:f1:57:2b:cb:9d:67:0c:01:3c:23:
c4:ea:be:d5:bd:29:b1:ad:83:a1:31:17:70:f6:f3:
8d:63:3f:af:9c:ab:4c:c8:01:78:7a:e3:93:94:da:
f2:3f:d0:f4:ac:c0:3b:90:ee:cf:c0:1e:5e:b2:ef:
bc:44:6e:90:66:96:68:36:83:b7:58:8b:b9:ab:06:
80:ae:4d:8e:7c:62:80:f1:6b:32:2a:36:43:9f:84:
1a:19:4b:02:eb:0e:e2:ce:47:b2:55:5f:af:a9:50:
0e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:7F:43:70:81:51:51:DA:16:C5:E1:32:04:9E:3C:60:43:B5:19:7E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6000::/40
Signature Algorithm: sha256WithRSAEncryption
8f:82:6b:36:56:a3:de:09:cc:40:3e:ef:30:52:b6:78:77:ef:
15:93:01:4a:71:2b:b4:18:23:ab:04:b2:6c:ab:29:56:fc:ef:
4b:e7:6b:25:e4:2f:c4:0a:7e:ea:0a:1a:b9:cb:1a:11:c9:cc:
ee:71:ab:20:4b:8d:68:bd:2a:24:a8:f6:ee:0d:f7:88:4e:d2:
25:50:07:ff:1a:ed:04:26:36:4c:a3:ff:7b:a0:7e:cc:cb:3a:
0b:bb:34:9b:f9:74:bb:bc:98:39:26:c3:dc:18:1d:de:09:65:
ff:e7:8c:4e:e9:37:18:ae:69:c7:b6:eb:ca:85:31:31:56:a3:
e9:f4:bf:74:1a:dd:82:ef:e7:0a:24:e3:04:7c:a3:e5:1b:78:
d8:5c:bd:e8:a1:db:b4:2c:3a:e1:d3:92:67:ec:b8:ba:1b:ae:
e6:38:05:60:40:e3:69:57:25:be:cd:1a:fc:6d:bb:e7:9f:45:
30:d4:d1:02:d1:aa:cf:23:66:f5:64:b2:ab:5a:5e:60:8c:b9:
31:b9:34:6c:6c:71:53:67:35:05:ea:3e:3d:93:c6:a2:56:73:
55:aa:a1:b9:97:97:8a:e4:50:a7:52:a4:d1:09:ca:c5:e4:f3:
5f:5a:f6:ff:c0:53:07:a9:41:f5:00:ad:a8:f0:61:76:63:df:
c9:59:26:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURcaMGIKZlMytnKAxDTqfZqKXPXwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIxMjZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4NGMxMTNhMmJlODgyODM5OGU1MTZlN2E5YmVmY2E0Y2E2MDVkZmRkZjVk
N2JjYTJkYzZhZmU3NWRjODhhMWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYbQuFdCROoDY8NadFz46TmEKZ4iWx2EexgdROj+ARpODBvidX5ETmvI8CJ
8BqhF5IUvgaGBkDQChhvIH9QgnUJw6iYXUT2TrtL+QTswybFIw/fWEpbUuwPEMUE
9qEPh1htAgHyHAjYGUelFG29ycrUP9RMDcHSWDOlGdtZKuT+82Y9s8OnywD8hdTJ
vbAlv3bzT2U7isUcCvHxVyvLnWcMATwjxOq+1b0psa2DoTEXcPbzjWM/r5yrTMgB
eHrjk5Ta8j/Q9KzAO5Duz8AeXrLvvERukGaWaDaDt1iLuasGgK5NjnxigPFrMio2
Q5+EGhlLAusO4s5HslVfr6lQDnUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQYf0Nw
gVFR2hbF4TIEnjxgQ7UZfjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNmYTMxMzMtOGZkNC00ODE2LWFkMTQtYzQ5MTQ2MDc1ZjgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJg
MA0GCSqGSIb3DQEBCwUAA4IBAQCPgms2VqPeCcxAPu8wUrZ4d+8VkwFKcSu0GCOr
BLJsqylW/O9L52sl5C/ECn7qChq5yxoRyczucasgS41ovSokqPbuDfeITtIlUAf/
Gu0EJjZMo/97oH7MyzoLuzSb+XS7vJg5JsPcGB3eCWX/54xO6TcYrmnHtuvKhTEx
VqPp9L90Gt2C7+cKJOMEfKPlG3jYXL3oodu0LDrh05Jn7Li6G67mOAVgQONpVyW+
zRr8bbvnn0Uw1NEC0arPI2b1ZLKrWl5gjLkxuTRsbHFTZzUF6j49k8aiVnNVqqG5
l5eK5FCnUqTRCcrF5PNfWvb/wFMHqUH1AK2o8GF2Y9/JWSaR
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:50:49 2025 by rpki-client