Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa
File: 915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa (raw, json)
Hash identifier: a3uy24TWwW+I1sG7FOoV3ttxBbs3j/o84RGiwvWGod8=
Subject key identifier: 8E:C8:AC:AF:28:B0:D3:84:BE:40:92:2E:96:4B:C2:0B:25:BC:B6:D7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2839B2526C6C43D642C2F8C95C37789E887AC0B5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa
Signing time: Sat 12 Jul 2025 00:50:48 +0000
ROA not before: Sat 12 Jul 2025 00:50:48 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:39:b2:52:6c:6c:43:d6:42:c2:f8:c9:5c:37:78:9e:88:7a:c0:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:50:48 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=1348f36c537cc6e0a895ee849fbae6a5dce3d5fead9d73f0f928eee179f13ddb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8b:96:e6:37:05:1b:92:7e:42:1b:50:f4:ff:
aa:8c:d3:76:9f:e8:bb:53:2c:8e:06:ec:47:10:02:
4a:3f:19:00:e8:6f:92:2f:21:5d:5c:ca:81:51:e9:
4b:57:16:21:5e:c6:1c:b8:a5:fc:d4:89:29:04:de:
52:13:79:4d:de:e7:ff:9f:68:d3:07:3a:91:fb:31:
e1:30:cc:be:64:39:55:60:e9:51:2e:2c:14:4a:45:
06:34:b9:ba:02:2d:c1:ef:86:be:4b:16:11:4e:ee:
65:ac:bb:0e:47:60:a3:19:eb:f9:05:a3:59:69:45:
3f:65:e7:73:64:38:79:62:b9:a1:6c:11:f6:dd:9b:
82:0b:7d:16:a4:db:1b:83:78:44:99:5e:4a:29:ae:
d4:e3:b8:e0:34:e4:c4:89:4e:36:89:5b:29:af:22:
99:7a:6c:76:ad:d0:62:5e:cd:4e:12:4c:9e:72:b0:
8e:65:5e:f3:9c:ec:52:9c:0d:aa:53:47:75:18:85:
d1:5a:d1:98:ef:94:44:6c:54:be:55:e9:69:a6:45:
1b:e2:c3:ed:3c:47:9a:df:be:8f:bc:8a:8c:75:5c:
72:2a:92:38:d7:ca:9f:65:76:1f:cf:8d:c3:8d:13:
b1:67:8e:7a:4b:8b:86:db:6b:05:c6:59:d4:c3:a3:
4d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C8:AC:AF:28:B0:D3:84:BE:40:92:2E:96:4B:C2:0B:25:BC:B6:D7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8000::/36
Signature Algorithm: sha256WithRSAEncryption
2f:2f:8a:6e:c5:a2:fe:e6:4e:23:45:a3:c3:b8:19:e7:76:cc:
7c:2e:5d:e6:2c:32:60:9b:7c:39:68:50:5a:74:c5:5b:99:45:
86:6f:56:3a:e7:59:24:e1:98:cb:8b:0a:c4:0a:40:5e:0e:76:
11:90:bc:8b:b3:f9:fd:93:2d:9c:74:e7:a4:07:e0:72:d9:57:
79:2f:a0:03:23:a4:a6:96:f1:66:52:d4:03:2e:cd:5d:97:d3:
e4:46:90:29:d3:da:fa:0d:8a:9a:2b:7e:d0:0d:4e:42:e5:e6:
5a:f2:e5:9d:28:53:a4:55:c3:f7:df:6c:e9:80:10:bd:76:13:
b2:7b:0f:10:bd:8f:73:86:ed:12:45:55:41:3c:be:6f:a7:50:
9b:b6:7a:e9:77:6f:d4:70:5c:8f:41:68:38:74:d4:8a:ce:2c:
21:69:5b:ec:73:95:c2:3e:cb:0a:c5:ae:bb:d3:e0:c6:b6:9e:
d8:5f:4b:ae:b2:85:31:a9:f6:e9:5e:67:a5:3a:92:7a:06:73:
55:42:56:35:ee:13:9b:d6:18:2b:51:9e:d7:e1:9f:d8:91:a5:
16:35:af:50:51:d3:87:16:30:05:a1:2f:2c:fb:7b:bb:bc:4d:
82:3c:7b:2e:2f:37:6d:59:86:3c:79:f3:bf:ed:0e:b6:22:19:
fe:31:11:1d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKDmyUmxsQ9ZCwvjJXDd4noh6wLUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUwNDhaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzNDhmMzZjNTM3Y2M2ZTBhODk1ZWU4NDlmYmFlNmE1ZGNlM2Q1ZmVhZDlk
NzNmMGY5MjhlZWUxNzlmMTNkZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGLluY3BRuSfkIbUPT/qozTdp/ou1MsjgbsRxACSj8ZAOhvki8hXVzKgVHp
S1cWIV7GHLil/NSJKQTeUhN5Td7n/59o0wc6kfsx4TDMvmQ5VWDpUS4sFEpFBjS5
ugItwe+GvksWEU7uZay7Dkdgoxnr+QWjWWlFP2Xnc2Q4eWK5oWwR9t2bggt9FqTb
G4N4RJleSimu1OO44DTkxIlONolbKa8imXpsdq3QYl7NThJMnnKwjmVe85zsUpwN
qlNHdRiF0VrRmO+URGxUvlXpaaZFG+LD7TxHmt++j7yKjHVcciqSONfKn2V2H8+N
w40TsWeOekuLhttrBcZZ1MOjTc8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSOyKyv
KLDThL5Aki6WS8ILJby21zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTE1Y2NlZjYtYjA2Zi00ZTExLWJlOWEtOGI5YTIyOWZmNTJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BCA
MA0GCSqGSIb3DQEBCwUAA4IBAQAvL4puxaL+5k4jRaPDuBnndsx8Ll3mLDJgm3w5
aFBadMVbmUWGb1Y651kk4ZjLiwrECkBeDnYRkLyLs/n9ky2cdOekB+By2Vd5L6AD
I6SmlvFmUtQDLs1dl9PkRpAp09r6DYqaK37QDU5C5eZa8uWdKFOkVcP332zpgBC9
dhOyew8QvY9zhu0SRVVBPL5vp1Cbtnrpd2/UcFyPQWg4dNSKziwhaVvsc5XCPssK
xa670+DGtp7YX0uusoUxqfbpXmelOpJ6BnNVQlY17hOb1hgrUZ7X4Z/YkaUWNa9Q
UdOHFjAFoS8s+3u7vE2CPHsuLzdtWYY8efO/7Q62Ihn+MREd
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:09 2025 by rpki-client