Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
File: 9fb96617-2d2f-468d-b766-35c52d9f2681.roa (raw, json)
Hash identifier: E7LxLyb499S97cLTuPFkOf1v1hBvSR9kgE+18g1MHPw=
Subject key identifier: D1:2A:2E:A4:B5:DF:BF:6B:90:49:00:64:A1:5B:68:D9:2C:A0:18:6E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34A39BDC4D8022C72E348C28FB7C8D04D22499C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
Signing time: Fri 11 Jul 2025 20:31:11 +0000
ROA not before: Fri 11 Jul 2025 20:31:11 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:a3:9b:dc:4d:80:22:c7:2e:34:8c:28:fb:7c:8d:04:d2:24:99:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:31:11 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=24599e3beaba3df0e0a400caebd05c25353e7a999d359e010d54ba598c4a8ecb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:91:f3:88:df:a7:46:d4:69:cc:ed:5b:5c:d1:
02:26:10:38:2b:2f:5d:fb:cd:eb:8f:80:7e:12:c7:
8a:e0:be:bc:b5:58:18:b3:58:1c:75:a7:2e:88:ee:
b4:5f:20:db:7b:f3:4b:9f:14:5d:a0:c4:7c:23:97:
ed:ac:41:fd:3c:b1:29:e0:d4:13:41:09:66:5d:02:
f7:69:04:8a:b7:e6:3f:72:0e:1a:e9:4c:73:55:18:
24:a7:8c:1d:f5:13:fc:49:64:2a:a4:46:54:2d:9e:
f1:29:47:63:65:e6:7d:7b:13:92:af:0c:82:10:ac:
f8:5a:e8:bd:12:5a:5a:7d:0b:78:66:e0:d1:92:e7:
12:58:09:12:c8:bd:79:b8:83:fc:f1:09:1e:5c:cc:
ca:53:ed:80:9f:8e:6e:40:0d:73:03:8d:73:27:2d:
73:da:76:a9:66:14:b2:80:d3:13:6f:f4:bf:5a:c6:
21:26:ed:ef:a9:61:7f:7e:1e:44:cd:9b:ff:92:ff:
c3:81:0d:62:29:b8:7c:27:89:5e:60:c6:45:61:cc:
14:c8:0f:b6:b9:b9:64:9f:cc:95:82:40:a1:31:d1:
97:a9:ba:47:c3:3c:53:82:d8:88:c9:c6:ae:4e:60:
c1:92:77:52:c6:d3:d9:32:33:fd:65:da:14:e7:91:
e2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:2A:2E:A4:B5:DF:BF:6B:90:49:00:64:A1:5B:68:D9:2C:A0:18:6E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015:800::/38
Signature Algorithm: sha256WithRSAEncryption
65:2c:45:74:e8:4a:7f:24:1f:c9:9d:83:81:f0:d3:8b:6c:25:
f1:df:b1:37:ed:79:62:58:01:c9:f6:5e:ba:f7:ea:0c:cd:bb:
48:6b:1e:5e:41:84:dd:4b:41:09:4a:9c:1c:1e:a5:67:b9:46:
52:da:67:76:de:1f:6c:1b:fa:82:30:6c:a7:cc:0c:28:63:d1:
f8:73:54:5d:be:2c:11:c7:5a:6b:3d:dd:01:ba:99:b4:63:b2:
ab:57:d6:e4:61:36:43:6d:18:94:36:dd:36:81:a3:94:e1:ff:
b2:67:74:29:a1:6d:a7:04:e8:33:b1:55:5e:ab:cd:32:1a:f3:
50:42:37:67:09:e8:18:c2:bd:7a:57:c1:f9:92:c2:70:56:99:
22:30:c7:4b:f8:86:e7:fc:4d:5a:29:91:61:37:6e:43:8a:9a:
2e:c0:dd:a1:8a:6c:d1:21:24:a4:48:29:d7:a8:20:61:04:58:
ae:53:e8:a5:d8:13:e9:76:bd:7e:27:f9:b8:44:a8:be:d3:75:
ef:4e:a3:1a:89:47:69:63:f6:d3:07:cc:19:68:30:fd:00:ea:
1b:95:1d:b4:ac:b2:a0:35:07:d1:ab:9f:5b:18:68:1c:89:17:
32:7a:9c:88:61:b8:2e:6f:e9:ba:81:81:b9:01:c4:8f:80:6a:
15:64:8a:9a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNKOb3E2AIscuNIwo+3yNBNIkmckwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMxMTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0NTk5ZTNiZWFiYTNkZjBlMGE0MDBjYWViZDA1YzI1MzUzZTdhOTk5ZDM1
OWUwMTBkNTRiYTU5OGM0YThlY2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO6R84jfp0bUacztW1zRAiYQOCsvXfvN64+AfhLHiuC+vLVYGLNYHHWnLoju
tF8g23vzS58UXaDEfCOX7axB/TyxKeDUE0EJZl0C92kEirfmP3IOGulMc1UYJKeM
HfUT/ElkKqRGVC2e8SlHY2XmfXsTkq8MghCs+FrovRJaWn0LeGbg0ZLnElgJEsi9
ebiD/PEJHlzMylPtgJ+ObkANcwONcyctc9p2qWYUsoDTE2/0v1rGISbt76lhf34e
RM2b/5L/w4ENYim4fCeJXmDGRWHMFMgPtrm5ZJ/MlYJAoTHRl6m6R8M8U4LYiMnG
rk5gwZJ3UsbT2TIz/WXaFOeR4oMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTRKi6k
td+/a5BJAGShW2jZLKAYbjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZiOTY2MTctMmQyZi00NjhkLWI3NjYtMzVjNTJkOWYyNjgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUI
MA0GCSqGSIb3DQEBCwUAA4IBAQBlLEV06Ep/JB/JnYOB8NOLbCXx37E37XliWAHJ
9l669+oMzbtIax5eQYTdS0EJSpwcHqVnuUZS2md23h9sG/qCMGynzAwoY9H4c1Rd
viwRx1prPd0Bupm0Y7KrV9bkYTZDbRiUNt02gaOU4f+yZ3QpoW2nBOgzsVVeq80y
GvNQQjdnCegYwr16V8H5ksJwVpkiMMdL+Ibn/E1aKZFhN25DipouwN2himzRISSk
SCnXqCBhBFiuU+il2BPpdr1+J/m4RKi+03XvTqMaiUdpY/bTB8wZaDD9AOoblR20
rLKgNQfRq59bGGgciRcyepyIYbgub+m6gYG5AcSPgGoVZIqa
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:33:04 2025 by rpki-client