Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa
File: 9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa (raw, json)
Hash identifier: bjKqSSmm/0+6wPGMjg3fAk/crpDYSmA1vKUr+Fzw9Yo=
Subject key identifier: B4:79:64:6C:F5:23:A7:B7:FD:9F:E2:66:90:FD:E2:5B:32:AC:DB:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 617AC538E40B7326BE7B4AA2C10B00892626CA9A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa
Signing time: Fri 04 Jul 2025 18:30:10 +0000
ROA not before: Fri 04 Jul 2025 18:30:10 +0000
ROA not after: Fri 08 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:a000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:7a:c5:38:e4:0b:73:26:be:7b:4a:a2:c1:0b:00:89:26:26:ca:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 4 18:30:10 2025 GMT
Not After : Aug 8 23:59:59 2025 GMT
Subject: serialNumber=b8cf2c04f8363e184ce36be4a96e84ca3f5413126fd3fac685b21fae978b8292, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:da:7d:0f:da:32:7e:6d:8b:58:13:19:29:63:
a8:4a:19:4c:ea:bc:f3:03:18:43:db:a3:d5:29:f1:
8c:f4:65:04:4f:0a:25:63:40:34:02:7f:1c:d7:7f:
c2:6d:b5:1e:44:cb:48:62:3e:dd:6d:e9:0a:ac:49:
0b:5f:3f:08:5d:dd:eb:30:17:3b:6d:fa:5f:df:84:
b2:f6:da:76:4e:ba:86:5a:dc:f1:c4:1d:a9:0d:f9:
14:9c:5c:c1:f3:84:b8:43:b6:fd:4b:38:44:8e:9e:
46:6c:29:9a:56:8f:ed:1a:1b:3c:29:44:1b:a2:e3:
63:d6:fb:5a:d5:58:46:a9:58:52:5d:fc:66:8d:4c:
bc:81:fb:9a:6b:05:ee:0d:46:b5:c6:49:f0:3a:9b:
01:29:93:ec:e9:ba:64:b8:c9:8e:9a:ce:62:6b:49:
bd:2a:27:6f:f6:fd:cf:ad:68:b3:3c:c7:66:10:fc:
5a:44:3b:60:8c:99:4d:d8:a3:e3:53:d7:37:4a:31:
a1:8b:3c:2b:4a:e9:a7:6d:1c:e8:23:26:47:a7:7f:
8a:25:e4:d8:63:f9:e1:68:bf:c5:0a:d3:6c:87:24:
9f:c3:f9:6a:8b:ca:79:ab:e7:91:78:09:e3:03:89:
40:32:69:5a:18:f5:36:6b:ac:fd:dd:57:c0:92:b3:
c4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:79:64:6C:F5:23:A7:B7:FD:9F:E2:66:90:FD:E2:5B:32:AC:DB:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:a000::/48
Signature Algorithm: sha256WithRSAEncryption
be:5e:dd:2b:f0:dd:06:87:c5:8a:49:29:77:48:88:62:0f:9e:
1d:83:70:e9:a4:eb:82:24:e1:0b:15:c4:b7:f4:c4:f0:32:33:
88:1a:b9:3d:cd:84:3e:a0:d2:aa:bc:0d:a1:0a:96:56:95:9b:
bc:c8:a6:6b:55:ba:5e:b4:e2:1a:89:04:16:04:d0:72:5a:ac:
58:f0:a7:40:b7:46:34:b3:2c:64:2f:93:61:a7:54:73:23:63:
62:3f:6e:bd:94:94:be:d1:a6:e1:4d:c3:2e:6c:30:25:07:fa:
62:5e:06:c4:d1:6e:03:76:77:16:3e:ec:e3:6e:ad:45:e8:b5:
4f:a0:f8:e5:a1:64:15:22:8f:08:d8:77:0e:33:7f:bd:92:3b:
3e:cb:06:76:7d:66:ee:74:55:8e:cd:46:4b:cb:a8:12:92:ec:
00:78:f5:f6:08:7c:fc:3e:95:66:87:85:26:ff:79:bd:91:fe:
70:6a:39:88:f8:4f:01:74:84:c7:32:0b:8f:52:f9:a5:4f:ba:
01:3e:59:bf:9d:f8:b5:47:0d:0b:1b:21:bd:de:a7:fb:31:08:
47:ff:fb:c8:b9:82:3e:aa:65:72:18:5d:eb:85:67:0b:06:1b:
44:b8:a9:93:1b:f2:63:96:01:8d:11:51:94:14:53:74:9a:97:
96:97:1a:10
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYXrFOOQLcya+e0qiwQsAiSYmypowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDQxODMwMTBaFw0yNTA4MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4Y2YyYzA0ZjgzNjNlMTg0Y2UzNmJlNGE5NmU4NGNhM2Y1NDEzMTI2ZmQz
ZmFjNjg1YjIxZmFlOTc4YjgyOTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnafQ/aMn5ti1gTGSljqEoZTOq88wMYQ9uj1SnxjPRlBE8KJWNANAJ/HNd/
wm21HkTLSGI+3W3pCqxJC18/CF3d6zAXO236X9+Esvbadk66hlrc8cQdqQ35FJxc
wfOEuEO2/Us4RI6eRmwpmlaP7RobPClEG6LjY9b7WtVYRqlYUl38Zo1MvIH7mmsF
7g1GtcZJ8DqbASmT7Om6ZLjJjprOYmtJvSonb/b9z61oszzHZhD8WkQ7YIyZTdij
41PXN0oxoYs8K0rpp20c6CMmR6d/iiXk2GP54Wi/xQrTbIckn8P5aovKeavnkXgJ
4wOJQDJpWhj1Nmus/d1XwJKzxH0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS0eWRs
9SOnt/2f4maQ/eJbMqzbGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWMxYTEwY2MtNWRjOS00NGJjLWE0ZDItOTM5NmJkOWJjOTU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Hag
ADANBgkqhkiG9w0BAQsFAAOCAQEAvl7dK/DdBofFikkpd0iIYg+eHYNw6aTrgiTh
CxXEt/TE8DIziBq5Pc2EPqDSqrwNoQqWVpWbvMima1W6XrTiGokEFgTQclqsWPCn
QLdGNLMsZC+TYadUcyNjYj9uvZSUvtGm4U3DLmwwJQf6Yl4GxNFuA3Z3Fj7s426t
Rei1T6D45aFkFSKPCNh3DjN/vZI7PssGdn1m7nRVjs1GS8uoEpLsAHj19gh8/D6V
ZoeFJv95vZH+cGo5iPhPAXSExzILj1L5pU+6AT5Zv534tUcNCxshvd6n+zEIR//7
yLmCPqplchhd64VnCwYbRLipkxvyY5YBjRFRlBRTdJqXlpcaEA==
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:14 2025 by rpki-client