Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa
File: 9d030354-5f4d-47d4-9f96-310c9a509d02.roa (raw, json)
Hash identifier: bT0M3Mz2hUFAFKlg/+snLTJH2+WFkH75tJfl7bezEVY=
Subject key identifier: FB:FF:49:64:C1:72:F4:05:50:47:EB:47:48:C2:2F:DE:7A:71:7F:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33B1526C4D51B4748EDEA3EE0A5734D7606D9CCD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa
Signing time: Mon 07 Jul 2025 18:21:11 +0000
ROA not before: Mon 07 Jul 2025 18:21:11 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:b1:52:6c:4d:51:b4:74:8e:de:a3:ee:0a:57:34:d7:60:6d:9c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:21:11 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=2719e3fd28f079b2053706ef09655f6f084241642cfa42c0f6f433ee0d6d0e51, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:00:e9:90:24:0d:e3:3b:cb:77:03:4f:aa:3c:
dc:87:43:35:0b:18:f5:dc:ef:5e:95:5f:be:00:55:
ee:a4:0f:ab:ca:64:00:45:75:5d:7d:d0:a7:ee:44:
4f:d3:ab:ba:76:96:7b:ad:11:7f:3a:5f:d5:ce:da:
ad:7f:24:f6:7f:77:4e:b3:50:e5:be:88:2e:35:9e:
c8:0f:b0:3c:6b:cc:44:af:29:72:fc:b8:9a:95:98:
65:03:e4:e9:b5:01:b2:cb:8a:7c:f5:9d:c9:03:58:
c3:13:aa:a1:7d:7b:08:3b:ac:30:4a:41:54:65:17:
d8:42:a8:8c:2c:14:93:f9:64:30:74:3e:16:75:c7:
3a:4f:82:16:34:6c:4a:4c:0f:9a:2b:46:7f:f8:2e:
83:a4:24:df:2d:8c:65:99:5d:d9:73:a7:86:d7:89:
d3:3f:77:36:22:06:c2:ed:c4:04:f9:11:0c:fd:51:
29:cf:82:52:a2:8e:45:d2:fb:1a:d3:7b:55:5a:db:
1e:d3:f5:f8:5c:cf:1e:55:a4:5e:55:8d:1c:27:5a:
4d:bb:e0:ab:ec:bf:60:b4:07:8f:af:4e:51:cd:ad:
7f:a3:4a:e8:4e:4d:b6:a4:61:09:3f:52:3d:8c:79:
bd:a5:86:ab:8d:ad:30:5d:40:3a:53:cb:3f:11:a8:
06:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:FF:49:64:C1:72:F4:05:50:47:EB:47:48:C2:2F:DE:7A:71:7F:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:800::/40
Signature Algorithm: sha256WithRSAEncryption
6b:15:7f:5b:c8:c9:76:b5:6d:62:52:01:08:a0:35:54:4a:f2:
1c:3c:47:52:78:77:bc:a1:36:49:e4:75:3d:6e:a6:4f:55:b2:
2c:89:69:ea:b7:4b:81:d6:58:ce:0c:a6:32:12:09:35:11:68:
ed:77:32:c8:dc:70:0e:9f:87:4c:4e:03:7a:4f:1c:17:6d:4c:
b5:10:71:cd:3b:e4:8f:44:5a:b7:77:a3:f1:6f:a5:00:62:d6:
f6:d7:53:86:63:c2:69:20:f1:74:69:ca:e6:08:53:4f:30:6f:
90:ef:0c:c1:bf:54:be:9f:06:35:4c:c7:80:b5:c6:8c:a6:cf:
24:47:1f:4d:11:f2:49:7d:43:c6:5a:60:2d:cb:33:81:1d:b2:
ee:84:08:44:99:cf:59:bb:e7:00:c4:52:e1:89:d1:4d:3b:87:
4a:c5:2d:7d:87:29:31:ea:25:73:62:fa:61:e0:18:3b:f8:24:
55:f2:0c:66:e7:3d:48:3c:ee:c4:64:e9:71:db:a7:a9:19:23:
8e:58:6c:83:43:93:05:a5:06:bd:9e:b6:3c:3f:1e:82:af:75:
bd:f6:e4:e8:9a:d8:ee:ed:c7:e7:ec:06:54:95:a0:ec:9e:f8:
59:35:08:0e:47:9f:5b:b1:9a:a1:37:fd:c4:23:af:e0:19:5e:
3e:c8:09:9b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM7FSbE1RtHSO3qPuClc012BtnM0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIxMTFaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3MTllM2ZkMjhmMDc5YjIwNTM3MDZlZjA5NjU1ZjZmMDg0MjQxNjQyY2Zh
NDJjMGY2ZjQzM2VlMGQ2ZDBlNTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgA6ZAkDeM7y3cDT6o83IdDNQsY9dzvXpVfvgBV7qQPq8pkAEV1XX3Qp+5E
T9OrunaWe60Rfzpf1c7arX8k9n93TrNQ5b6ILjWeyA+wPGvMRK8pcvy4mpWYZQPk
6bUBssuKfPWdyQNYwxOqoX17CDusMEpBVGUX2EKojCwUk/lkMHQ+FnXHOk+CFjRs
SkwPmitGf/gug6Qk3y2MZZld2XOnhteJ0z93NiIGwu3EBPkRDP1RKc+CUqKORdL7
GtN7VVrbHtP1+FzPHlWkXlWNHCdaTbvgq+y/YLQHj69OUc2tf6NK6E5NtqRhCT9S
PYx5vaWGq42tMF1AOlPLPxGoBoECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT7/0lk
wXL0BVBH60dIwi/eenF/jzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQwMzAzNTQtNWY0ZC00N2Q0LTlmOTYtMzEwYzlhNTA5ZDAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAI
MA0GCSqGSIb3DQEBCwUAA4IBAQBrFX9byMl2tW1iUgEIoDVUSvIcPEdSeHe8oTZJ
5HU9bqZPVbIsiWnqt0uB1ljODKYyEgk1EWjtdzLI3HAOn4dMTgN6TxwXbUy1EHHN
O+SPRFq3d6Pxb6UAYtb211OGY8JpIPF0acrmCFNPMG+Q7wzBv1S+nwY1TMeAtcaM
ps8kRx9NEfJJfUPGWmAtyzOBHbLuhAhEmc9Zu+cAxFLhidFNO4dKxS19hykx6iVz
Yvph4Bg7+CRV8gxm5z1IPO7EZOlx26epGSOOWGyDQ5MFpQa9nrY8Px6Cr3W99uTo
mtju7cfn7AZUlaDsnvhZNQgOR59bsZqhN/3EI6/gGV4+yAmb
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:34 2025 by rpki-client