Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
File: 9a0196e5-a789-4daf-912c-37aa6951f379.roa (raw, json)
Hash identifier: xqTOtjbRA2BxcncLeKz4HlNEbM9515Gi6D1RCvU1uTQ=
Subject key identifier: FE:9E:F9:D7:63:2C:EC:91:7C:C5:4F:C4:BD:C0:7E:84:8B:60:F0:F0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B0A293ADA15C49DB2118DE5B9AEDF12D76F54CA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
Signing time: Tue 01 Jul 2025 15:10:12 +0000
ROA not before: Tue 01 Jul 2025 15:10:12 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:0a:29:3a:da:15:c4:9d:b2:11:8d:e5:b9:ae:df:12:d7:6f:54:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:10:12 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=feb6b332845c3a28d04bf5efa19327cd54866d12cb015ee759d45528dd1f60e5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f2:22:98:59:26:83:3e:38:08:61:db:d0:be:
d7:67:dc:43:3f:79:96:6b:ee:2e:29:cc:4a:cb:7d:
95:1c:90:0e:8e:9a:f7:b4:a5:8b:23:83:fa:8f:14:
1a:f0:d8:8c:26:3c:5d:e3:36:62:d7:c6:86:b6:81:
27:23:0f:c5:0c:dd:22:2a:68:dc:f7:20:d1:bc:0c:
61:9c:14:98:10:d6:6e:83:31:26:5f:7d:a3:20:83:
6c:a9:d7:38:95:d3:ae:1b:db:52:29:4f:fc:1f:9b:
bb:c4:19:9a:b7:0c:d1:87:57:02:9e:95:76:2b:d2:
97:98:4b:1c:47:d0:2e:78:9b:8b:bc:fb:78:68:fe:
89:9b:6e:d0:36:8c:3f:c5:fd:d2:82:a1:f0:08:9c:
a5:7c:3a:df:41:54:4d:0c:eb:64:59:5a:fc:00:d0:
08:13:b9:fb:59:a7:8b:42:f8:34:66:e7:65:26:87:
09:94:9f:88:f6:87:f1:0a:0d:96:12:20:c0:f9:1f:
64:7a:f6:a3:15:25:a8:32:96:90:b6:af:8a:1c:5c:
a5:9c:e0:8d:28:32:6c:07:c1:19:4a:0c:74:bc:9b:
2c:cf:a2:9e:27:a9:8c:72:5f:0a:a9:ad:99:10:82:
0e:74:92:d7:b1:71:74:82:c8:19:8f:ab:89:7c:8f:
21:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:9E:F9:D7:63:2C:EC:91:7C:C5:4F:C4:BD:C0:7E:84:8B:60:F0:F0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:a000::/40
Signature Algorithm: sha256WithRSAEncryption
14:7d:d9:3b:5b:98:65:52:b0:14:ce:68:36:5c:63:a2:8b:88:
fb:b7:78:e4:5b:80:2c:36:be:18:7f:d0:59:37:c5:6f:d9:2b:
cc:1d:74:52:61:3d:05:8a:d0:8c:cd:2e:80:9c:e6:a4:64:61:
3d:b8:c1:b9:9d:0e:09:3c:b3:9d:29:d9:08:ad:a0:e8:03:b2:
bd:c3:32:51:ee:79:33:41:3c:9e:ad:f7:a6:d9:2a:35:d9:3c:
75:3c:98:bd:d3:73:de:8e:63:20:22:39:04:e7:83:10:fa:96:
3e:d0:93:0f:46:5b:87:2b:26:d1:25:ac:4f:bd:78:c7:dd:f3:
82:dc:db:6c:30:dd:90:18:2f:c9:83:c0:6c:e0:b3:f3:90:66:
ad:f6:91:90:11:23:d1:30:49:7b:3b:ec:7f:8b:27:9b:d3:3e:
8a:64:0a:e9:70:92:d0:c3:40:bd:01:17:5c:f3:01:5e:91:e6:
68:cf:53:2f:ab:e3:4a:5c:1c:f4:75:83:3e:8f:45:1f:47:5c:
66:0c:cb:c2:a3:e4:e1:48:fd:44:ae:1a:94:24:5f:3b:9f:fe:
d7:05:bf:32:a4:73:2e:f2:b3:53:2c:e0:7f:38:b6:09:d2:96:
6b:35:fd:64:70:5f:21:fb:c0:87:6c:e9:e9:ac:be:59:e0:59:
d8:e6:9a:46
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSwopOtoVxJ2yEY3lua7fEtdvVMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTEwMTJaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlYjZiMzMyODQ1YzNhMjhkMDRiZjVlZmExOTMyN2NkNTQ4NjZkMTJjYjAx
NWVlNzU5ZDQ1NTI4ZGQxZjYwZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvyIphZJoM+OAhh29C+12fcQz95lmvuLinMSst9lRyQDo6a97SliyOD+o8U
GvDYjCY8XeM2YtfGhraBJyMPxQzdIipo3Pcg0bwMYZwUmBDWboMxJl99oyCDbKnX
OJXTrhvbUilP/B+bu8QZmrcM0YdXAp6VdivSl5hLHEfQLnibi7z7eGj+iZtu0DaM
P8X90oKh8AicpXw630FUTQzrZFla/ADQCBO5+1mni0L4NGbnZSaHCZSfiPaH8QoN
lhIgwPkfZHr2oxUlqDKWkLavihxcpZzgjSgybAfBGUoMdLybLM+iniepjHJfCqmt
mRCCDnSS17FxdILIGY+riXyPIa8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT+nvnX
YyzskXzFT8S9wH6Ei2Dw8DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWEwMTk2ZTUtYTc4OS00ZGFmLTkxMmMtMzdhYTY5NTFmMzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCg
MA0GCSqGSIb3DQEBCwUAA4IBAQAUfdk7W5hlUrAUzmg2XGOii4j7t3jkW4AsNr4Y
f9BZN8Vv2SvMHXRSYT0FitCMzS6AnOakZGE9uMG5nQ4JPLOdKdkIraDoA7K9wzJR
7nkzQTyerfem2So12Tx1PJi903PejmMgIjkE54MQ+pY+0JMPRluHKybRJaxPvXjH
3fOC3NtsMN2QGC/Jg8Bs4LPzkGat9pGQESPRMEl7O+x/iyeb0z6KZArpcJLQw0C9
ARdc8wFekeZoz1Mvq+NKXBz0dYM+j0UfR1xmDMvCo+ThSP1ErhqUJF87n/7XBb8y
pHMu8rNTLOB/OLYJ0pZrNf1kcF8h+8CHbOnprL5Z4FnY5ppG
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:24 2025 by rpki-client