Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91473fe5-f129-48d9-8d23-63d62cec663a.roa
File: 91473fe5-f129-48d9-8d23-63d62cec663a.roa (raw, json)
Hash identifier: KXsnukAdVwp1c7krKeqeUmXWxcxBYLfSjIElLmGCux0=
Subject key identifier: 10:B7:B4:09:E0:5A:51:41:09:9F:4E:E2:A5:DD:DB:65:20:A8:7F:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6545D3589125244B08904EFDD557FEFDB8CC99E8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91473fe5-f129-48d9-8d23-63d62cec663a.roa
Signing time: Mon 07 Jul 2025 18:20:05 +0000
ROA not before: Mon 07 Jul 2025 18:20:05 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:45:d3:58:91:25:24:4b:08:90:4e:fd:d5:57:fe:fd:b8:cc:99:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:20:05 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=6d12de065aac3cf1cb8a6b685c7423aa2b240de90cb3a0c8092afc78f01ba58c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c9:48:f4:70:63:96:69:2c:e4:a3:69:02:10:
8a:f0:d8:eb:31:52:a0:db:63:47:b4:8b:8b:f2:e2:
93:c0:fc:32:e6:a1:75:18:7a:46:b2:ee:37:9d:45:
8f:6f:50:1a:61:44:ee:1d:b8:28:74:6e:07:5a:8e:
f8:23:ab:fa:7f:3c:41:ab:0b:3e:fa:24:03:60:ae:
8e:22:7a:74:81:48:20:f9:27:b6:dc:4d:ee:ea:14:
89:01:cd:4d:84:2b:ad:04:cd:89:80:4c:1f:36:18:
f4:3e:f4:4c:ef:fc:6c:e6:b9:94:b7:6e:fb:ad:34:
07:57:c7:5c:c7:75:9e:02:bf:f3:c7:97:8e:ef:78:
ed:b0:46:5d:df:a0:34:56:4b:0f:c2:96:49:6a:ee:
f5:31:be:a0:c0:fc:45:55:a2:23:b4:3d:81:31:ba:
90:0e:84:3c:a2:3c:5b:09:3a:78:84:06:09:b2:d9:
57:69:38:7d:f0:bd:87:b6:e8:99:14:78:7d:28:91:
32:c2:e5:d4:7c:b8:9b:de:df:8f:89:50:2d:c4:38:
37:ee:74:7b:2f:a5:5c:c1:60:89:c8:2c:d1:ea:82:
5e:63:cc:1e:00:ad:a9:fc:cd:64:10:ae:ab:c3:ba:
8e:a2:fc:5c:a6:eb:31:ee:fd:43:3e:a4:df:e2:3f:
7d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:B7:B4:09:E0:5A:51:41:09:9F:4E:E2:A5:DD:DB:65:20:A8:7F:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91473fe5-f129-48d9-8d23-63d62cec663a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:840::/48
Signature Algorithm: sha256WithRSAEncryption
66:d1:a0:12:3c:04:bd:93:2e:86:35:db:ec:f5:6e:02:8f:52:
06:af:cb:23:00:81:76:f1:57:be:e2:f5:a4:10:f2:fd:20:d3:
a6:dd:bd:f5:74:c3:5e:01:b9:1d:5b:c5:4a:ac:66:da:41:74:
00:38:0f:11:be:aa:d0:da:43:e3:bf:f7:66:4f:49:6f:45:34:
3d:eb:df:9b:b7:8d:87:36:81:1f:cf:ab:c8:85:57:1b:fa:f8:
28:b2:08:1b:0c:ce:27:6f:c6:2b:ec:71:23:8c:20:6e:fb:92:
e9:b2:3c:58:9c:1e:24:4e:f1:e3:09:58:1d:ae:15:f8:84:98:
09:3b:d2:4c:57:b0:3f:85:0a:fe:cf:73:89:29:1d:61:3b:ac:
dc:52:3f:e7:9f:ec:55:e3:01:42:d6:27:1d:38:b0:6b:24:9c:
e6:f5:0f:a7:09:26:1d:df:bd:f1:b7:d8:d7:eb:7b:9d:77:5d:
14:ae:b4:e4:e2:72:b4:4f:bd:b8:2c:fa:58:cd:62:e7:17:2b:
0d:86:91:d6:40:ce:b0:c6:8d:b4:7c:f7:3c:d9:a3:84:df:3b:
c2:39:7f:f8:e3:e5:0e:98:5d:d8:16:7d:eb:a0:fa:f6:29:36:
20:fe:97:54:35:e4:ad:96:aa:03:aa:48:8f:f4:78:3e:e4:ed:
8d:c0:27:e6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZUXTWJElJEsIkE791Vf+/bjMmegwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIwMDVaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkMTJkZTA2NWFhYzNjZjFjYjhhNmI2ODVjNzQyM2FhMmIyNDBkZTkwY2Iz
YTBjODA5MmFmYzc4ZjAxYmE1OGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANXJSPRwY5ZpLOSjaQIQivDY6zFSoNtjR7SLi/Lik8D8MuahdRh6RrLuN51F
j29QGmFE7h24KHRuB1qO+COr+n88QasLPvokA2CujiJ6dIFIIPknttxN7uoUiQHN
TYQrrQTNiYBMHzYY9D70TO/8bOa5lLdu+600B1fHXMd1ngK/88eXju947bBGXd+g
NFZLD8KWSWru9TG+oMD8RVWiI7Q9gTG6kA6EPKI8Wwk6eIQGCbLZV2k4ffC9h7bo
mRR4fSiRMsLl1Hy4m97fj4lQLcQ4N+50ey+lXMFgicgs0eqCXmPMHgCtqfzNZBCu
q8O6jqL8XKbrMe79Qz6k3+I/fV0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQQt7QJ
4FpRQQmfTuKl3dtlIKh/UjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTE0NzNmZTUtZjEyOS00OGQ5LThkMjMtNjNkNjJjZWM2NjNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DgI
QDANBgkqhkiG9w0BAQsFAAOCAQEAZtGgEjwEvZMuhjXb7PVuAo9SBq/LIwCBdvFX
vuL1pBDy/SDTpt299XTDXgG5HVvFSqxm2kF0ADgPEb6q0NpD47/3Zk9Jb0U0Pevf
m7eNhzaBH8+ryIVXG/r4KLIIGwzOJ2/GK+xxI4wgbvuS6bI8WJweJE7x4wlYHa4V
+ISYCTvSTFewP4UK/s9ziSkdYTus3FI/55/sVeMBQtYnHTiwaySc5vUPpwkmHd+9
8bfY1+t7nXddFK605OJytE+9uCz6WM1i5xcrDYaR1kDOsMaNtHz3PNmjhN87wjl/
+OPlDphd2BZ966D69ik2IP6XVDXkrZaqA6pIj/R4PuTtjcAn5g==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:48 2025 by rpki-client