Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa
File: 9963ca7c-f411-4aae-ac61-2c650f8269e0.roa (raw, json)
Hash identifier: IC6b3IKUwOBBJ+DMSc9Gq3RNF00fj/nTDpfAr17b/dQ=
Subject key identifier: D1:31:CE:FB:41:2E:0B:23:C2:7C:7E:DA:26:02:EB:D6:A0:3B:B2:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FB4E5831C72902EA4C5A2770CE2BAC5D8F67DF4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa
Signing time: Fri 11 Jul 2025 20:31:13 +0000
ROA not before: Fri 11 Jul 2025 20:31:13 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:b4:e5:83:1c:72:90:2e:a4:c5:a2:77:0c:e2:ba:c5:d8:f6:7d:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:31:13 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=9b956aa9588c0d5359cb600b283341dc07f16ba76dab920fa609a6b64ffe75a0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c6:a8:1f:d9:0e:35:a2:b2:ab:3a:74:d5:a6:
30:d2:58:e9:46:8b:33:5b:f9:b8:09:73:a9:c6:0f:
f5:05:12:9b:ff:96:96:b5:53:c3:e5:92:e1:a1:1e:
d9:73:d7:01:96:aa:cb:5c:9f:af:ed:1f:65:f3:f7:
c0:52:c8:c3:7e:fd:ee:ab:65:fe:fe:2f:ff:09:15:
da:a2:e5:2c:ef:3f:89:9c:2e:51:ff:73:f3:f1:3c:
02:ea:c3:f9:0e:01:4b:40:a3:a2:7e:ca:a7:c7:7b:
e2:e5:ca:5d:e8:2d:ac:7d:14:ca:f2:3f:df:80:c5:
f6:15:a9:65:7f:b8:be:91:04:0a:f7:1d:83:f7:e0:
6f:a0:ef:fd:55:2a:4c:ef:6a:fe:c6:c0:76:eb:50:
76:2e:ee:5a:92:26:e6:9e:6d:bb:4f:dc:ff:6e:3c:
ed:02:05:e4:2e:60:b3:0f:c2:16:96:3d:89:63:d8:
ee:7a:47:48:00:4e:3e:17:a9:f6:c3:51:7c:d3:1b:
4d:c3:bd:30:39:c3:bc:80:bc:1d:d0:2d:f7:4d:d3:
a0:c0:b2:fa:d8:ea:10:d0:f1:48:29:e5:0f:2c:33:
33:16:55:c1:8a:eb:2a:73:66:d6:0d:15:25:fa:04:
51:2e:d9:51:cf:96:a3:8d:b5:24:ae:dd:3a:8c:56:
5a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:31:CE:FB:41:2E:0B:23:C2:7C:7E:DA:26:02:EB:D6:A0:3B:B2:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:400::/38
Signature Algorithm: sha256WithRSAEncryption
b0:e6:57:7b:ac:9b:ba:8d:2b:00:04:9b:55:13:a2:4b:a7:c0:
c1:9d:c1:6b:fc:ed:05:69:ac:dd:c6:ff:d1:38:63:b6:c3:53:
09:8f:3d:23:ed:8a:1a:15:7b:93:0e:b2:3a:e6:09:90:50:dd:
2d:5b:4b:47:c8:c7:21:b2:a7:2f:22:2f:8a:d3:6c:14:8f:5c:
3a:2e:5f:cb:c2:51:68:b8:d5:3b:55:f0:fb:39:35:d7:c5:1e:
47:29:a7:92:c2:f5:12:bc:05:36:2f:b4:c9:b2:27:8d:4a:04:
c1:a8:23:9e:1b:2a:ec:f8:83:56:3e:c2:8d:06:3d:ca:b6:84:
63:39:0b:d3:e9:c1:fa:ff:e6:75:3b:d0:41:10:46:10:b7:a7:
5a:24:d2:13:c8:ca:36:ee:f4:33:71:e2:cf:53:56:fe:fc:61:
16:08:ea:e9:05:bb:5d:43:1f:16:a1:13:e5:5b:c0:88:62:38:
59:9a:57:ed:be:b2:4d:c6:3f:f5:9b:8c:07:b2:d4:d8:7c:c8:
a4:65:6b:9b:65:29:d7:92:0d:fa:8c:55:bd:3c:30:53:75:26:
ae:78:76:31:50:0a:9f:83:bd:6a:cf:f7:77:18:a1:b6:8a:65:
67:37:ac:51:6e:ba:f7:71:b3:43:6b:84:19:32:b9:c3:2a:81:
77:8b:79:e0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP7TlgxxykC6kxaJ3DOK6xdj2ffQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMxMTNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDliOTU2YWE5NTg4YzBkNTM1OWNiNjAwYjI4MzM0MWRjMDdmMTZiYTc2ZGFi
OTIwZmE2MDlhNmI2NGZmZTc1YTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDGqB/ZDjWisqs6dNWmMNJY6UaLM1v5uAlzqcYP9QUSm/+WlrVTw+WS4aEe
2XPXAZaqy1yfr+0fZfP3wFLIw3797qtl/v4v/wkV2qLlLO8/iZwuUf9z8/E8AurD
+Q4BS0Cjon7Kp8d74uXKXegtrH0UyvI/34DF9hWpZX+4vpEECvcdg/fgb6Dv/VUq
TO9q/sbAdutQdi7uWpIm5p5tu0/c/2487QIF5C5gsw/CFpY9iWPY7npHSABOPhep
9sNRfNMbTcO9MDnDvIC8HdAt903ToMCy+tjqENDxSCnlDywzMxZVwYrrKnNm1g0V
JfoEUS7ZUc+Wo421JK7dOoxWWhECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTRMc77
QS4LI8J8ftomAuvWoDuy4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk2M2NhN2MtZjQxMS00YWFlLWFjNjEtMmM2NTBmODI2OWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEE
MA0GCSqGSIb3DQEBCwUAA4IBAQCw5ld7rJu6jSsABJtVE6JLp8DBncFr/O0Faazd
xv/ROGO2w1MJjz0j7YoaFXuTDrI65gmQUN0tW0tHyMchsqcvIi+K02wUj1w6Ll/L
wlFouNU7VfD7OTXXxR5HKaeSwvUSvAU2L7TJsieNSgTBqCOeGyrs+INWPsKNBj3K
toRjOQvT6cH6/+Z1O9BBEEYQt6daJNITyMo27vQzceLPU1b+/GEWCOrpBbtdQx8W
oRPlW8CIYjhZmlftvrJNxj/1m4wHstTYfMikZWubZSnXkg36jFW9PDBTdSaueHYx
UAqfg71qz/d3GKG2imVnN6xRbrr3cbNDa4QZMrnDKoF3i3ng
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:57:38 2025 by rpki-client