Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b73df2-00f3-4adc-a2a1-c8b41e531cf2.roa
File: 94b73df2-00f3-4adc-a2a1-c8b41e531cf2.roa (raw, json)
Hash identifier: 1/m7PIYgPgHLqy1DO8gFw5j9wLbmNEd1LR7LLWuaz6o=
Subject key identifier: 55:9C:14:46:3B:4A:34:42:57:14:F9:FB:98:73:3A:A2:EE:44:43:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 702178BFC9226D3D393A5D4BE93D3AB648F4A0A6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b73df2-00f3-4adc-a2a1-c8b41e531cf2.roa
Signing time: Fri 11 Jul 2025 19:40:15 +0000
ROA not before: Fri 11 Jul 2025 19:40:15 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:a080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:21:78:bf:c9:22:6d:3d:39:3a:5d:4b:e9:3d:3a:b6:48:f4:a0:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:40:15 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=df3c9bcd169d517cd36faf7c1eec1cbd0ca1c0831b8e6eedea880a1e9dd3e01b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ae:9e:9e:82:49:4c:cb:51:8e:a3:7a:6a:67:
63:58:8e:4a:59:35:9a:a6:3e:bb:9c:31:f7:48:85:
4e:a8:2c:bd:30:12:7d:51:96:e3:32:61:38:50:c4:
39:dc:b5:c0:26:aa:be:43:dc:09:60:1a:89:fd:b4:
aa:21:b4:dd:02:b0:03:65:d3:d9:b5:0b:41:b1:a1:
53:73:58:b4:af:2b:af:de:18:bc:52:71:30:f0:3a:
e9:e4:7b:bd:9c:95:e1:6c:8b:34:fe:b0:00:4e:85:
9e:79:14:88:36:4c:c8:2c:b2:0e:74:c1:b2:25:b0:
9b:76:85:50:95:77:99:95:b3:7a:e7:a4:f0:bb:d9:
18:b3:8b:45:87:c4:32:f4:2b:3e:1a:39:cc:b6:46:
96:02:39:19:2f:ba:5c:31:fc:1f:c5:5b:09:39:30:
8a:e5:53:05:b7:ff:1f:19:ba:2f:71:ba:f1:fd:e6:
8b:92:91:2c:32:80:a9:ce:19:03:e2:3a:68:86:59:
6d:83:ab:73:4b:cc:38:d2:07:e5:dd:c9:4e:e3:d6:
a3:1b:03:35:14:bc:02:da:27:2c:bb:d9:8e:32:46:
f3:45:60:2c:50:c6:ef:1a:30:28:9a:4b:f5:1b:26:
69:c6:36:00:4f:6a:fa:cc:d8:f6:16:38:53:f7:36:
3c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:9C:14:46:3B:4A:34:42:57:14:F9:FB:98:73:3A:A2:EE:44:43:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b73df2-00f3-4adc-a2a1-c8b41e531cf2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:a080::/46
Signature Algorithm: sha256WithRSAEncryption
0d:ef:0d:1f:35:5b:09:81:6f:72:bb:40:c2:c2:81:a4:e6:48:
29:8e:5d:60:c6:cd:3d:a8:18:91:3c:58:f8:65:ae:38:d4:47:
56:47:07:66:37:8a:33:a5:05:31:a7:91:3b:e0:b2:6b:eb:e6:
a6:93:09:b4:24:56:33:c8:6d:7b:0e:8d:fc:9b:fb:26:7d:45:
3a:5d:3a:21:a7:86:0e:61:7d:d3:21:7a:43:cc:25:4c:df:76:
fb:95:56:92:cf:73:74:94:b0:8c:be:9d:be:79:0e:bb:ff:2d:
c3:e7:d1:6a:c2:ff:b6:4c:b8:9d:34:40:a4:d7:ce:ee:1a:a5:
d5:a8:47:16:57:6f:8a:36:93:6d:70:a3:da:bf:55:c1:58:bd:
8d:72:62:37:e0:cd:9b:f9:8f:08:0f:85:68:03:ad:d3:b9:2c:
47:23:b1:f6:a6:5c:56:83:51:0f:e8:0a:63:b1:41:fb:3d:97:
ae:86:65:43:d8:88:0c:fd:06:50:4f:66:0f:1d:e8:24:f4:d4:
33:17:f6:b9:df:fe:f6:89:2d:d5:3b:47:e9:14:2b:50:43:98:
40:d4:0a:48:0a:e2:24:fa:58:b3:37:71:62:fc:81:d2:f3:4d:
40:36:fc:86:20:bf:04:d8:6e:e2:f2:bd:7b:f4:f9:e6:a5:a6:
84:2b:00:8e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcCF4v8kibT05Ol1L6T06tkj0oKYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTQwMTVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmM2M5YmNkMTY5ZDUxN2NkMzZmYWY3YzFlZWMxY2JkMGNhMWMwODMxYjhl
NmVlZGVhODgwYTFlOWRkM2UwMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJCunp6CSUzLUY6jempnY1iOSlk1mqY+u5wx90iFTqgsvTASfVGW4zJhOFDE
Ody1wCaqvkPcCWAaif20qiG03QKwA2XT2bULQbGhU3NYtK8rr94YvFJxMPA66eR7
vZyV4WyLNP6wAE6FnnkUiDZMyCyyDnTBsiWwm3aFUJV3mZWzeuek8LvZGLOLRYfE
MvQrPho5zLZGlgI5GS+6XDH8H8VbCTkwiuVTBbf/Hxm6L3G68f3mi5KRLDKAqc4Z
A+I6aIZZbYOrc0vMONIH5d3JTuPWoxsDNRS8AtonLLvZjjJG80VgLFDG7xowKJpL
9RsmacY2AE9q+szY9hY4U/c2PMkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRVnBRG
O0o0QlcU+fuYczqi7kRDyzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRiNzNkZjItMDBmMy00YWRjLWEyYTEtYzhiNDFlNTMxY2YyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWg
gDANBgkqhkiG9w0BAQsFAAOCAQEADe8NHzVbCYFvcrtAwsKBpOZIKY5dYMbNPagY
kTxY+GWuONRHVkcHZjeKM6UFMaeRO+Cya+vmppMJtCRWM8htew6N/Jv7Jn1FOl06
IaeGDmF90yF6Q8wlTN92+5VWks9zdJSwjL6dvnkOu/8tw+fRasL/tky4nTRApNfO
7hql1ahHFldvijaTbXCj2r9VwVi9jXJiN+DNm/mPCA+FaAOt07ksRyOx9qZcVoNR
D+gKY7FB+z2XroZlQ9iIDP0GUE9mDx3oJPTUMxf2ud/+9okt1TtH6RQrUEOYQNQK
SAriJPpYszdxYvyB0vNNQDb8hiC/BNhu4vK9e/T55qWmhCsAjg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:32:39 2025 by rpki-client