Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
File: 8e492412-994d-4c48-a29e-9082ebce3349.roa (raw, json)
Hash identifier: wFodQZXPn9XFJJD50v+o2HgYNuozSRmbMEQAPUUfUlU=
Subject key identifier: 20:7F:CC:92:1F:3D:86:A0:9B:85:2A:5D:BD:08:B7:CE:2E:C8:0E:05
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 657A8B9C0ADE913EFB10A9B9CE9CA78AFE76086A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
Signing time: Fri 11 Jul 2025 20:00:59 +0000
ROA not before: Fri 11 Jul 2025 20:00:59 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:7a:8b:9c:0a:de:91:3e:fb:10:a9:b9:ce:9c:a7:8a:fe:76:08:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:00:59 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=3476f883d47b7e352d7567fea4d373f696d0c5f683dd80dded0776650ae1220e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bd:47:f4:3e:bf:1c:91:a9:9a:26:0d:72:3b:
87:5e:d2:fa:f0:dd:d5:8c:4a:8e:c2:a0:11:23:6e:
25:bc:8f:00:43:c3:53:35:f5:e7:6b:6e:ed:02:7e:
c6:d2:a1:9f:86:8f:f5:62:98:a3:5b:76:e2:9f:14:
af:a2:78:94:08:a7:71:d6:8f:36:24:dd:0a:58:55:
66:6d:4f:dc:bc:3d:e8:c9:ab:75:b7:ca:48:05:34:
83:fa:d6:f8:fd:40:47:8e:81:b0:a0:d2:96:89:26:
e5:ab:2f:1e:aa:7c:6e:0a:e7:52:63:6c:52:2e:6b:
40:bf:c8:6c:34:99:33:48:92:1c:8e:a9:86:ed:36:
d5:b9:a5:f0:42:c2:e0:7f:55:ee:c8:e2:5b:9f:ff:
88:31:a6:c5:65:76:89:5a:5b:7e:b7:f4:1f:30:9a:
53:88:8a:e2:08:f4:c9:5a:75:76:69:77:2e:d7:7a:
6f:32:84:3a:39:5a:c2:38:ca:66:30:c9:71:68:2f:
bd:98:fa:61:fb:51:ba:6d:06:5d:1c:93:e6:b9:8f:
d2:e7:31:8a:0b:a5:00:c2:73:cc:61:22:32:49:84:
c3:c1:1a:f9:d0:f3:65:e0:9a:f2:6f:44:30:e1:43:
e7:fa:d0:f9:36:70:c3:b6:3d:75:3d:c1:96:e2:8d:
25:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:7F:CC:92:1F:3D:86:A0:9B:85:2A:5D:BD:08:B7:CE:2E:C8:0E:05
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
b4:e4:66:07:dd:13:25:8f:e9:fc:90:07:d3:4c:f3:4a:43:51:
63:e5:06:e8:88:18:37:d4:8a:ad:bf:5a:8f:77:5b:ca:a3:6a:
fc:31:b1:36:c9:58:a2:46:6d:d2:b9:2c:d9:de:9c:f0:7a:48:
fb:ba:e9:8f:73:f2:3a:41:19:97:80:7f:51:fe:1b:a9:64:9e:
37:30:61:ef:38:12:62:8d:41:56:55:f9:e5:94:09:24:98:a2:
9a:56:ca:84:54:7e:96:74:33:f7:2b:d5:9a:92:e6:20:ac:5c:
f7:a2:62:a0:eb:99:fe:e3:f4:71:36:32:a7:68:d2:ad:8f:d7:
65:86:81:85:51:22:41:6c:df:ac:96:09:95:41:cf:f3:21:52:
8d:3e:75:a2:4b:18:7c:5f:1d:b4:d3:59:23:e0:2e:78:e4:d5:
75:85:bf:59:18:4c:54:48:77:9e:a3:04:b0:27:b0:7d:6b:4e:
4a:12:73:9d:62:94:88:37:af:e5:d7:e9:ab:14:cc:74:be:76:
0b:29:85:a1:e9:3a:af:f4:37:52:17:ae:de:00:c7:5c:1d:6a:
07:20:0a:c4:2c:a1:2e:ac:09:8f:fb:e4:75:38:d5:57:44:5f:
7f:de:77:c6:0a:19:e5:11:b8:14:ff:2a:c0:24:54:04:76:89:
1f:9e:a9:ea
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZXqLnArekT77EKm5zpyniv52CGowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAwNTlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0NzZmODgzZDQ3YjdlMzUyZDc1NjdmZWE0ZDM3M2Y2OTZkMGM1ZjY4M2Rk
ODBkZGVkMDc3NjY1MGFlMTIyMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALm9R/Q+vxyRqZomDXI7h17S+vDd1YxKjsKgESNuJbyPAEPDUzX152tu7QJ+
xtKhn4aP9WKYo1t24p8Ur6J4lAincdaPNiTdClhVZm1P3Lw96MmrdbfKSAU0g/rW
+P1AR46BsKDSlokm5asvHqp8bgrnUmNsUi5rQL/IbDSZM0iSHI6phu021bml8ELC
4H9V7sjiW5//iDGmxWV2iVpbfrf0HzCaU4iK4gj0yVp1dml3Ltd6bzKEOjlawjjK
ZjDJcWgvvZj6YftRum0GXRyT5rmP0ucxigulAMJzzGEiMkmEw8Ea+dDzZeCa8m9E
MOFD5/rQ+TZww7Y9dT3BluKNJSsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQgf8yS
Hz2GoJuFKl29CLfOLsgOBTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGU0OTI0MTItOTk0ZC00YzQ4LWEyOWUtOTA4MmViY2UzMzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HqA
MA0GCSqGSIb3DQEBCwUAA4IBAQC05GYH3RMlj+n8kAfTTPNKQ1Fj5QboiBg31Iqt
v1qPd1vKo2r8MbE2yViiRm3SuSzZ3pzwekj7uumPc/I6QRmXgH9R/hupZJ43MGHv
OBJijUFWVfnllAkkmKKaVsqEVH6WdDP3K9WakuYgrFz3omKg65n+4/RxNjKnaNKt
j9dlhoGFUSJBbN+slgmVQc/zIVKNPnWiSxh8Xx2001kj4C545NV1hb9ZGExUSHee
owSwJ7B9a05KEnOdYpSIN6/l1+mrFMx0vnYLKYWh6Tqv9DdSF67eAMdcHWoHIArE
LKEurAmP++R1ONVXRF9/3nfGChnlEbgU/yrAJFQEdokfnqnq
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:30 2025 by rpki-client