Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9926a15e-d7fd-4d7b-ad1e-d0df98f546cb.roa
File: 9926a15e-d7fd-4d7b-ad1e-d0df98f546cb.roa (raw, json)
Hash identifier: RpxlL5/Yp8bgLz2hJMG20A3jfTSPSwJvwzAtojpb4FI=
Subject key identifier: 04:17:EE:47:28:00:41:23:34:E5:18:A4:33:C0:C4:66:9F:1A:EB:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71EB23BAD4B5E95C561FA10DCBD53B8F510ABBE8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9926a15e-d7fd-4d7b-ad1e-d0df98f546cb.roa
Signing time: Fri 11 Jul 2025 18:40:39 +0000
ROA not before: Fri 11 Jul 2025 18:40:39 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:eb:23:ba:d4:b5:e9:5c:56:1f:a1:0d:cb:d5:3b:8f:51:0a:bb:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:40:39 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=aa734ce21b7f921eab9008da403aa37ac6cfcd1d572435a84d3a3aada1633fc4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d9:51:ad:c3:15:37:0b:13:9c:d6:ec:26:1a:
3a:20:22:fe:74:54:ab:92:f0:32:29:ae:ed:d6:8d:
ce:96:dd:18:7d:4f:fb:14:63:56:13:fe:38:ea:da:
de:5f:c9:8a:9d:4d:57:c6:ca:8f:de:49:ea:84:e0:
86:96:3f:4d:bf:b1:48:39:2d:aa:22:e3:4c:80:68:
52:30:c4:6e:9c:01:c2:1d:4a:34:ad:4e:77:16:cb:
b8:bd:5c:27:ed:8b:8e:0d:a3:9c:04:b3:0a:d1:42:
34:8a:0c:e3:80:0a:f1:01:b5:d3:b9:18:c9:8f:b6:
c5:30:0f:cc:ae:6b:8f:f8:b2:7d:2c:47:f8:ad:3a:
c5:ac:f3:65:37:5a:5c:23:45:c7:50:f7:0b:01:2c:
04:17:9c:39:78:62:d5:57:2e:08:e4:99:e4:4a:d7:
72:4f:b0:39:29:f9:b4:b2:98:e2:1d:e0:b1:df:65:
6e:45:49:5e:b4:db:ea:24:1c:0c:4e:a3:3b:8b:8b:
67:eb:cc:d9:8c:f3:53:5b:2c:89:86:5b:fb:f8:81:
df:49:de:4a:e6:2d:0a:47:31:a0:3b:03:fd:9f:4c:
6d:29:15:fb:ad:ec:cb:d7:95:eb:49:b8:30:fd:be:
af:96:f8:56:dc:c8:cc:cf:9e:b0:4a:83:b3:d8:24:
c9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:17:EE:47:28:00:41:23:34:E5:18:A4:33:C0:C4:66:9F:1A:EB:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9926a15e-d7fd-4d7b-ad1e-d0df98f546cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:9080::/48
Signature Algorithm: sha256WithRSAEncryption
9a:b7:e4:83:f4:a6:b7:92:3d:33:2c:2b:2d:8e:1b:3a:ed:03:
a0:c1:59:7a:2e:44:01:4d:9e:2f:d1:8d:4b:43:89:ca:ec:07:
ea:35:48:d4:85:c9:91:b6:68:95:61:51:4b:aa:91:50:f5:1f:
21:a0:cd:c1:e1:da:21:44:7f:6f:89:59:38:ba:d4:2d:93:9f:
2a:d3:4a:fc:75:51:34:47:4a:9e:47:88:3e:41:4b:a0:28:f2:
c6:1c:37:30:44:60:bd:4f:1c:21:f1:08:53:5f:5b:82:e6:9d:
19:5d:ee:c1:91:32:38:77:f5:4b:3c:c4:b1:2e:2a:17:f0:d6:
90:bd:90:db:88:9b:0c:f0:26:6f:e0:b2:a9:e1:cb:5c:27:f4:
21:91:78:ed:61:7e:8a:93:28:83:76:bd:83:9b:6b:39:cb:06:
05:8a:f0:5b:7b:72:c5:aa:41:30:2d:e4:e5:4d:c6:ce:f6:40:
19:11:1b:18:3c:ad:07:e7:3a:03:5c:cb:30:45:c7:f5:ee:42:
26:e7:26:68:d9:00:07:4d:3a:3c:8b:b0:1d:94:0d:02:17:88:
2d:3c:c1:34:2a:56:33:95:71:13:dd:70:c9:fa:56:76:c2:3d:
d6:24:22:9e:3c:7c:35:3a:61:84:0e:39:83:41:de:73:10:72:
a4:c5:f2:5a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcesjutS16VxWH6ENy9U7j1EKu+gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQwMzlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhNzM0Y2UyMWI3ZjkyMWVhYjkwMDhkYTQwM2FhMzdhYzZjZmNkMWQ1NzI0
MzVhODRkM2EzYWFkYTE2MzNmYzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTZUa3DFTcLE5zW7CYaOiAi/nRUq5LwMimu7daNzpbdGH1P+xRjVhP+OOra
3l/Jip1NV8bKj95J6oTghpY/Tb+xSDktqiLjTIBoUjDEbpwBwh1KNK1OdxbLuL1c
J+2Ljg2jnASzCtFCNIoM44AK8QG107kYyY+2xTAPzK5rj/iyfSxH+K06xazzZTda
XCNFx1D3CwEsBBecOXhi1VcuCOSZ5ErXck+wOSn5tLKY4h3gsd9lbkVJXrTb6iQc
DE6jO4uLZ+vM2YzzU1ssiYZb+/iB30neSuYtCkcxoDsD/Z9MbSkV+63sy9eV60m4
MP2+r5b4VtzIzM+esEqDs9gkyXMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQEF+5H
KABBIzTlGKQzwMRmnxrrZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTkyNmExNWUtZDdmZC00ZDdiLWFkMWUtZDBkZjk4ZjU0NmNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+Q
gDANBgkqhkiG9w0BAQsFAAOCAQEAmrfkg/Smt5I9MywrLY4bOu0DoMFZei5EAU2e
L9GNS0OJyuwH6jVI1IXJkbZolWFRS6qRUPUfIaDNweHaIUR/b4lZOLrULZOfKtNK
/HVRNEdKnkeIPkFLoCjyxhw3MERgvU8cIfEIU19bguadGV3uwZEyOHf1SzzEsS4q
F/DWkL2Q24ibDPAmb+CyqeHLXCf0IZF47WF+ipMog3a9g5trOcsGBYrwW3tyxapB
MC3k5U3GzvZAGREbGDytB+c6A1zLMEXH9e5CJucmaNkAB006PIuwHZQNAheILTzB
NCpWM5VxE91wyfpWdsI91iQinjx8NTphhA45g0HecxBypMXyWg==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:50 2025 by rpki-client