Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
File: 92652652-28d6-49c1-8ea6-f5079f374345.roa (raw, json)
Hash identifier: xXXInENZ9OUjVHG8hm1h4iRddQVYav63vFoQM+uM1NM=
Subject key identifier: DC:B3:6A:77:C1:FE:39:81:3E:E1:3A:73:DC:A3:FE:D3:09:72:43:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 471B07BCA6DF1E4053304110C06780B7895D0198
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
Signing time: Fri 11 Jul 2025 19:10:11 +0000
ROA not before: Fri 11 Jul 2025 19:10:11 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:1b:07:bc:a6:df:1e:40:53:30:41:10:c0:67:80:b7:89:5d:01:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:10:11 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=de3b3049af34ea8fa272ffcd1d6bc1a7a556874cca6b2c1a59cd4356cece1228, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:46:02:dd:4d:07:a9:58:0f:3c:60:9a:5b:2a:
39:90:bf:c1:57:fe:df:d1:88:a4:fe:60:9f:92:a4:
60:fa:2e:84:e6:95:49:0d:1d:40:1d:c7:dd:c3:f5:
94:8e:93:6a:6f:a7:f3:d3:f8:14:4e:df:c2:11:9b:
86:bd:d5:bf:a5:32:e6:2c:4f:f1:0a:0c:6a:4d:cb:
fd:6c:95:dc:83:2e:fe:f0:83:91:b9:fa:61:62:26:
e9:98:cf:97:e6:3f:04:9f:11:08:66:c0:38:ab:a9:
f8:01:b8:76:6a:e2:3d:d1:ac:62:d4:b5:f1:60:e6:
e5:8f:36:e5:42:7a:c9:6b:7c:0e:95:47:07:5c:f7:
d0:97:cf:f7:36:8a:2e:96:f8:0d:f1:7e:da:cc:f7:
cd:fe:9f:87:a4:e8:6c:70:43:44:e1:93:a4:f8:55:
49:bb:c2:fc:2a:3f:44:eb:23:7f:14:b2:eb:eb:ca:
5f:1b:c7:1f:8c:d1:df:17:2d:35:17:58:7a:fc:08:
5e:0b:49:f9:d4:34:a4:62:66:2c:e0:3c:a8:d8:b9:
a7:b9:c8:7f:89:4b:ce:b1:3d:5c:b8:a3:b0:f0:b2:
af:e5:d1:57:ee:30:0c:11:34:20:be:48:6c:09:ab:
e3:4e:64:78:b8:03:58:9f:d0:c0:04:21:54:cb:5e:
d9:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:B3:6A:77:C1:FE:39:81:3E:E1:3A:73:DC:A3:FE:D3:09:72:43:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4060::/48
Signature Algorithm: sha256WithRSAEncryption
b1:25:74:dd:5a:6c:0b:8c:fc:14:b5:48:ba:5d:c2:d8:c7:d2:
dd:e2:be:fe:b8:83:62:eb:99:8f:5f:41:db:e2:17:02:1a:29:
a8:99:2e:30:2c:1d:9a:8c:2b:cf:a6:00:6e:1a:6c:6a:0c:1e:
7b:cd:a4:77:a4:4e:48:44:64:e6:0a:13:b4:d7:8e:dd:30:6d:
2a:dd:ed:21:93:3e:eb:3c:03:b2:e0:b7:15:b2:9d:07:36:52:
07:5e:ed:db:18:d9:8a:d9:a6:53:cf:7c:de:85:fd:0f:18:bf:
ea:58:b5:b4:71:31:3f:10:55:65:72:71:33:18:2f:7b:c1:ff:
9e:24:e7:93:c9:ee:e2:93:63:b3:36:dd:08:84:f4:15:8d:c7:
21:2b:71:ec:f2:db:be:37:4c:8c:e1:9b:93:0d:41:2d:ed:7b:
56:f9:10:29:c0:89:b4:b6:18:a3:89:6f:c0:44:70:c1:68:43:
48:43:7e:e7:5a:00:b6:ed:5e:3d:60:81:a3:44:7e:5d:ab:54:
47:33:e4:06:aa:3c:f2:24:7b:7b:8c:4d:fc:5b:64:2f:af:fd:
e6:fe:ec:7c:cb:26:f6:c6:d0:91:55:fa:37:4e:86:59:7f:13:
70:f7:5e:64:ee:fc:32:f1:e3:ad:2d:1b:55:f4:c1:8b:cf:bf:
3b:69:b7:d0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURxsHvKbfHkBTMEEQwGeAt4ldAZgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTEwMTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlM2IzMDQ5YWYzNGVhOGZhMjcyZmZjZDFkNmJjMWE3YTU1Njg3NGNjYTZi
MmMxYTU5Y2Q0MzU2Y2VjZTEyMjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANRGAt1NB6lYDzxgmlsqOZC/wVf+39GIpP5gn5KkYPouhOaVSQ0dQB3H3cP1
lI6Tam+n89P4FE7fwhGbhr3Vv6Uy5ixP8QoMak3L/WyV3IMu/vCDkbn6YWIm6ZjP
l+Y/BJ8RCGbAOKup+AG4dmriPdGsYtS18WDm5Y825UJ6yWt8DpVHB1z30JfP9zaK
Lpb4DfF+2sz3zf6fh6TobHBDROGTpPhVSbvC/Co/ROsjfxSy6+vKXxvHH4zR3xct
NRdYevwIXgtJ+dQ0pGJmLOA8qNi5p7nIf4lLzrE9XLijsPCyr+XRV+4wDBE0IL5I
bAmr405keLgDWJ/QwAQhVMte2ecCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTcs2p3
wf45gT7hOnPco/7TCXJDmjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTI2NTI2NTItMjhkNi00OWMxLThlYTYtZjUwNzlmMzc0MzQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
YDANBgkqhkiG9w0BAQsFAAOCAQEAsSV03VpsC4z8FLVIul3C2MfS3eK+/riDYuuZ
j19B2+IXAhopqJkuMCwdmowrz6YAbhpsagwee82kd6ROSERk5goTtNeO3TBtKt3t
IZM+6zwDsuC3FbKdBzZSB17t2xjZitmmU8983oX9Dxi/6li1tHExPxBVZXJxMxgv
e8H/niTnk8nu4pNjszbdCIT0FY3HIStx7PLbvjdMjOGbkw1BLe17VvkQKcCJtLYY
o4lvwERwwWhDSEN+51oAtu1ePWCBo0R+XatURzPkBqo88iR7e4xN/FtkL6/95v7s
fMsm9sbQkVX6N06GWX8TcPdeZO78MvHjrS0bVfTBi8+/O2m30A==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:09 2025 by rpki-client