Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
File: 9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa (raw, json)
Hash identifier: yzciTVfGWIzuP7r3L7Fe9Mx+mSqfJbCyz/ShT4ukQR0=
Subject key identifier: 61:41:78:90:A7:E0:3F:4C:6D:BE:2B:2A:E9:E6:01:69:AF:6D:98:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 529FCC8F890371CAA558DB3281D6953CB479BA46
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
Signing time: Fri 11 Jul 2025 20:11:09 +0000
ROA not before: Fri 11 Jul 2025 20:11:09 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:9f:cc:8f:89:03:71:ca:a5:58:db:32:81:d6:95:3c:b4:79:ba:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:11:09 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=76609be872c3452c8bfefc4590c41cdf81b726105304e74a2b94b10e6c2d41c1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:36:c2:ce:46:bf:60:c7:ac:ac:66:6f:dc:bb:
78:a6:8d:09:b1:ca:37:ba:38:38:4a:c3:18:a6:a9:
5a:41:41:b0:6a:d2:85:0a:c3:3f:cb:ca:d5:20:d4:
11:45:75:ba:e8:df:dc:95:7e:e4:58:7e:eb:a5:6c:
eb:9a:31:34:53:cd:b4:db:35:a4:08:81:ac:8a:a2:
23:32:7a:d7:cf:b5:26:5d:8f:d3:7b:40:40:8a:79:
0a:9f:e2:8c:21:42:95:2f:24:81:70:6f:e8:4e:a0:
90:3d:30:09:d7:9a:f2:29:a8:26:70:4c:10:68:8e:
19:f7:53:b4:67:9d:2e:fd:76:e1:37:e4:58:f9:ab:
88:da:94:70:e3:70:d1:f8:88:a6:b8:ad:c2:53:00:
ae:12:98:47:a6:79:fa:9b:1c:ff:43:3c:48:20:a8:
91:f7:c5:a0:f5:cb:3d:d2:35:85:f6:f0:eb:36:b0:
20:74:0a:5e:ef:85:cf:5c:80:fc:fa:30:9d:5c:ab:
83:d3:cc:8d:81:d9:60:19:b4:38:cb:cb:39:23:6f:
cd:41:1e:02:8b:9f:a5:47:af:b6:b6:b0:9f:93:fd:
5e:02:83:a1:76:42:f2:99:4a:0d:1a:2c:24:bc:8e:
9b:d7:a2:9d:92:39:0a:a9:8e:e3:2d:20:f5:94:8f:
aa:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:41:78:90:A7:E0:3F:4C:6D:BE:2B:2A:E9:E6:01:69:AF:6D:98:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:6000::/40
Signature Algorithm: sha256WithRSAEncryption
77:cb:5c:9b:82:29:2b:af:95:27:49:ef:c3:51:76:6d:77:fd:
27:d6:31:e8:b3:24:d2:b2:5a:96:ad:66:c2:c9:ea:65:ea:7d:
ee:4a:73:87:d8:6b:e1:08:3c:a9:2f:6b:9f:04:8d:4f:b9:9e:
de:09:11:ad:29:1c:91:06:ad:38:c2:fa:ba:7a:0f:ae:1d:7c:
33:e6:84:74:ba:b9:3d:b4:79:74:ff:af:c8:4a:fd:4b:15:f5:
7f:47:1b:12:4d:b0:a5:40:0d:1b:b8:9b:e3:43:e8:d5:8b:4d:
37:44:01:94:37:8d:31:37:e7:a7:11:27:8c:9d:26:22:23:d2:
66:cc:7c:e6:13:8d:c5:ad:6c:ec:2b:b9:a8:87:cc:69:fd:f0:
79:73:1d:3f:72:be:23:ca:69:8e:c0:b6:df:eb:b7:37:cb:d7:
75:c8:d1:03:5b:86:c9:43:1a:56:db:99:70:c1:97:c6:c5:4b:
5e:b7:e6:74:18:5d:32:ae:78:15:98:ac:81:b7:b4:72:a5:8e:
5d:76:75:a0:1a:57:72:b4:8f:bf:f1:2d:31:00:98:26:ac:e1:
94:a9:9c:30:3e:48:05:4e:fa:bf:56:8e:6f:65:2c:43:39:d1:
88:72:88:31:90:d2:d5:f9:36:89:2d:3f:93:cd:b4:a8:ba:65:
4c:65:02:e8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUp/Mj4kDccqlWNsygdaVPLR5ukYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDExMDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2NjA5YmU4NzJjMzQ1MmM4YmZlZmM0NTkwYzQxY2RmODFiNzI2MTA1MzA0
ZTc0YTJiOTRiMTBlNmMyZDQxYzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIM2ws5Gv2DHrKxmb9y7eKaNCbHKN7o4OErDGKapWkFBsGrShQrDP8vK1SDU
EUV1uujf3JV+5Fh+66Vs65oxNFPNtNs1pAiBrIqiIzJ618+1Jl2P03tAQIp5Cp/i
jCFClS8kgXBv6E6gkD0wCdea8imoJnBMEGiOGfdTtGedLv124TfkWPmriNqUcONw
0fiIpritwlMArhKYR6Z5+psc/0M8SCCokffFoPXLPdI1hfbw6zawIHQKXu+Fz1yA
/PownVyrg9PMjYHZYBm0OMvLOSNvzUEeAoufpUevtrawn5P9XgKDoXZC8plKDRos
JLyOm9einZI5CqmO4y0g9ZSPqg8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRhQXiQ
p+A/TG2+Kyrp5gFpr22Y0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWRjYzcwZGUtNjJiMC00MTBhLThjNDAtZDUxMDJjOWNjZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJg
MA0GCSqGSIb3DQEBCwUAA4IBAQB3y1ybgikrr5UnSe/DUXZtd/0n1jHosyTSslqW
rWbCyepl6n3uSnOH2GvhCDypL2ufBI1PuZ7eCRGtKRyRBq04wvq6eg+uHXwz5oR0
urk9tHl0/6/ISv1LFfV/RxsSTbClQA0buJvjQ+jVi003RAGUN40xN+enESeMnSYi
I9JmzHzmE43FrWzsK7moh8xp/fB5cx0/cr4jymmOwLbf67c3y9d1yNEDW4bJQxpW
25lwwZfGxUtet+Z0GF0yrngVmKyBt7RypY5ddnWgGldytI+/8S0xAJgmrOGUqZww
PkgFTvq/Vo5vZSxDOdGIcogxkNLV+TaJLT+TzbSoumVMZQLo
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:39 2025 by rpki-client