Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
File: 8eb63ceb-3350-490c-9a1a-85b2563a8947.roa (raw, json)
Hash identifier: XTRik1m8785dQPIF2txv4+Ji8MW4eiuebHDxyxiY8o0=
Subject key identifier: 5A:D0:EF:25:92:CE:99:28:9A:86:C6:57:1F:58:60:C9:4A:A8:3A:D9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F6DB68DEA52112B82DB017C0BBDBB46E183A817
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
Signing time: Fri 11 Jul 2025 20:30:17 +0000
ROA not before: Fri 11 Jul 2025 20:30:17 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:6d:b6:8d:ea:52:11:2b:82:db:01:7c:0b:bd:bb:46:e1:83:a8:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:30:17 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=ba6822d207804f72cc4f8b43a28bfe7f03538cbf34ebf8af9d21f036c347aa84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:de:9c:ca:7e:f6:2b:79:82:29:7c:25:c1:69:
db:41:3f:34:d1:60:5d:36:42:de:64:d8:be:ad:aa:
80:02:ef:0b:4d:49:db:05:eb:2d:6b:41:66:88:cf:
84:cc:ad:b4:6d:28:6f:05:26:f5:7f:14:29:23:47:
0d:97:00:b4:39:15:ba:79:5e:db:94:f8:79:21:93:
8f:2a:33:27:1e:53:ad:ea:58:06:9b:c8:b1:b8:7d:
79:66:7e:62:64:e6:0c:66:21:f1:a4:8d:60:7a:9d:
da:c2:6e:b4:3c:29:7e:0f:a6:7b:80:3a:4b:e4:9a:
59:74:35:6a:4e:b0:d4:77:6b:1a:5c:92:64:ef:f1:
bc:6a:63:1c:13:f3:40:ae:ad:f0:c9:76:5f:df:79:
3c:9d:9a:25:0d:a0:52:91:45:7a:8c:3a:da:56:19:
d5:fb:28:21:ed:48:45:c6:df:bf:1f:10:84:2e:7a:
f7:a6:99:54:57:d3:95:96:49:c4:59:71:f1:87:79:
01:13:25:5c:b2:e2:39:2e:ac:37:ef:b4:f7:c2:af:
8a:75:e8:83:2c:62:4e:5d:7d:92:be:53:8b:be:ce:
6a:f0:8d:94:c3:b4:a7:9e:33:75:03:72:4f:31:f3:
ce:bd:7e:9c:f6:52:88:89:42:fd:09:e2:ad:b8:de:
13:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D0:EF:25:92:CE:99:28:9A:86:C6:57:1F:58:60:C9:4A:A8:3A:D9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:4000::/40
Signature Algorithm: sha256WithRSAEncryption
2c:b5:59:0d:23:12:be:3a:06:fc:8c:81:dd:3a:43:b8:d7:65:
af:4d:5e:9d:0b:ea:11:fa:3a:6e:60:11:b3:d7:69:0c:d6:0f:
6a:a8:15:13:c4:6b:26:c5:ae:0d:9f:51:94:95:7c:86:6d:c0:
ab:e9:7e:ee:69:27:42:da:5b:06:c5:9d:ad:4d:54:c7:86:14:
6d:3c:80:89:18:78:26:50:45:11:c6:6b:d7:7a:c0:d0:83:5a:
ff:ef:f1:e6:a0:be:c0:ff:ec:3f:c6:83:fd:81:cd:08:60:f2:
c0:67:22:d1:04:99:d5:c5:4f:5e:d9:4e:eb:a3:d6:1e:18:0e:
b5:c6:cf:d4:9f:95:c6:98:35:89:14:ca:cc:24:9d:00:29:bf:
ba:14:77:52:e5:a6:22:16:d2:04:68:0e:8c:63:f0:d5:cb:f0:
6b:2e:e0:37:fe:88:4a:31:c3:97:1c:4a:76:c6:53:90:11:b2:
0e:1c:09:c2:f9:bd:38:1f:50:59:aa:2e:92:e5:5f:e3:05:60:
6a:04:d4:38:b9:69:68:b5:b2:78:8f:10:d2:2c:7b:0d:52:6d:
39:66:7d:a2:75:17:70:d5:b2:76:a0:68:0b:22:53:0c:5f:18:
47:3f:d1:58:d6:93:0f:f7:38:ac:3a:ae:f3:5c:4d:c0:c7:27:
e6:be:46:a8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf222jepSESuC2wF8C727RuGDqBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMwMTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhNjgyMmQyMDc4MDRmNzJjYzRmOGI0M2EyOGJmZTdmMDM1MzhjYmYzNGVi
ZjhhZjlkMjFmMDM2YzM0N2FhODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjenMp+9it5gil8JcFp20E/NNFgXTZC3mTYvq2qgALvC01J2wXrLWtBZojP
hMyttG0obwUm9X8UKSNHDZcAtDkVunle25T4eSGTjyozJx5TrepYBpvIsbh9eWZ+
YmTmDGYh8aSNYHqd2sJutDwpfg+me4A6S+SaWXQ1ak6w1HdrGlySZO/xvGpjHBPz
QK6t8Ml2X995PJ2aJQ2gUpFFeow62lYZ1fsoIe1IRcbfvx8QhC5696aZVFfTlZZJ
xFlx8Yd5ARMlXLLiOS6sN++098KvinXogyxiTl19kr5Ti77OavCNlMO0p54zdQNy
TzHzzr1+nPZSiIlC/QnirbjeE10CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRa0O8l
ks6ZKJqGxlcfWGDJSqg62TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGViNjNjZWItMzM1MC00OTBjLTlhMWEtODViMjU2M2E4OTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFA
MA0GCSqGSIb3DQEBCwUAA4IBAQAstVkNIxK+Ogb8jIHdOkO412WvTV6dC+oR+jpu
YBGz12kM1g9qqBUTxGsmxa4Nn1GUlXyGbcCr6X7uaSdC2lsGxZ2tTVTHhhRtPICJ
GHgmUEURxmvXesDQg1r/7/HmoL7A/+w/xoP9gc0IYPLAZyLRBJnVxU9e2U7ro9Ye
GA61xs/Un5XGmDWJFMrMJJ0AKb+6FHdS5aYiFtIEaA6MY/DVy/BrLuA3/ohKMcOX
HEp2xlOQEbIOHAnC+b04H1BZqi6S5V/jBWBqBNQ4uWlotbJ4jxDSLHsNUm05Zn2i
dRdw1bJ2oGgLIlMMXxhHP9FY1pMP9zisOq7zXE3Axyfmvkao
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:18 2025 by rpki-client