Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ff479c7-35c9-43ea-ab99-712ce7537beb.roa
File: 9ff479c7-35c9-43ea-ab99-712ce7537beb.roa (raw, json)
Hash identifier: WEiWLeB62+gXqd5DRMnl04/cSABD/GXglUrPTxErn7g=
Subject key identifier: 65:0A:50:5E:31:BF:AD:A0:40:52:E5:4A:7C:76:8E:CD:10:3D:BA:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78E9B5ACE249BB0FD5E1EDB2B30F9F199B0AFAE8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ff479c7-35c9-43ea-ab99-712ce7537beb.roa
Signing time: Tue 01 Jul 2025 15:11:03 +0000
ROA not before: Tue 01 Jul 2025 15:11:03 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:e9:b5:ac:e2:49:bb:0f:d5:e1:ed:b2:b3:0f:9f:19:9b:0a:fa:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:11:03 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=6b5fd77780741fd7ef11ab51d6ec6c5f9ea2d1204cf959a0eaea00f048e51295, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:79:59:ff:b2:af:a9:5b:46:c0:79:f5:c6:a6:
0d:3a:b0:a5:fa:18:3d:d4:61:d4:08:36:45:3e:78:
5c:66:c9:84:ba:5c:9e:06:da:00:83:cf:ae:b3:42:
40:c4:38:e7:3a:e0:2d:b7:c6:3a:16:d1:09:3a:c7:
24:d2:28:77:1b:13:0b:ac:e3:89:df:50:c7:84:d6:
dc:5d:83:b6:7a:3b:73:90:bd:69:99:c9:94:44:c4:
15:2e:52:e9:19:28:0a:2a:a0:a7:76:22:fc:52:2c:
25:a4:99:44:89:e2:6f:b9:2e:fd:7a:60:7b:04:0e:
4d:3b:0b:55:da:6b:24:cf:59:88:81:6a:c4:84:8e:
49:1d:ac:2b:ec:91:0c:3e:fd:20:3b:27:75:61:d9:
9b:59:9b:39:3f:a1:17:d8:1e:d2:21:66:84:17:e1:
c8:25:f5:1e:c7:1f:c1:24:31:54:3b:4f:42:34:ac:
35:17:04:84:7d:c9:d7:a2:f4:6a:1c:e7:17:90:f1:
98:7a:e2:40:cd:7d:0d:62:c9:29:fd:bb:34:99:bc:
a5:d5:f8:fa:d3:c5:b6:46:76:04:a0:7f:53:b3:be:
28:bd:68:b5:25:78:49:ae:f9:d6:2e:2a:d6:2b:3e:
86:49:3e:1c:1f:6b:bf:20:e3:94:27:09:7b:24:a2:
3a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:0A:50:5E:31:BF:AD:A0:40:52:E5:4A:7C:76:8E:CD:10:3D:BA:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ff479c7-35c9-43ea-ab99-712ce7537beb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:2000::/40
Signature Algorithm: sha256WithRSAEncryption
37:14:a9:e9:9e:a7:62:01:f2:7b:72:1b:ed:93:83:60:bf:f2:
8f:80:1c:83:9c:34:d4:9f:07:d1:6a:ed:78:9c:9e:43:be:0f:
0d:e5:00:9a:40:2f:01:e6:d2:63:b5:9b:30:87:77:af:91:3e:
d4:14:25:c4:2e:6b:0b:f5:03:ab:f3:cc:33:3b:ae:6a:bd:ab:
5a:37:91:94:c1:a9:eb:86:d7:08:73:cf:33:94:d9:0f:70:8f:
62:af:61:39:3b:f1:0c:e6:fc:f5:6f:e0:34:03:be:f3:03:45:
d9:44:6f:5f:ec:4d:44:ed:94:76:5d:7d:4c:41:6f:e9:77:9f:
57:01:7f:b9:21:1e:a5:f4:52:3d:4e:40:6b:70:f3:65:e9:39:
f0:6c:44:b9:24:88:c2:9d:91:cc:c1:48:e8:be:26:2a:54:b8:
05:ef:85:6d:6d:83:1b:ac:8e:1d:d7:8b:c4:ed:19:6d:d3:00:
78:5f:3f:27:8e:8e:34:ca:ce:01:78:81:82:23:1c:08:eb:25:
92:24:68:18:67:f9:9c:fd:cd:25:e9:d9:c0:7c:ef:91:86:4f:
b1:c9:ad:80:a8:1e:96:aa:79:90:47:a0:9a:e5:e7:97:63:ff:
ed:50:ad:0d:35:f1:a2:1c:1d:e4:65:20:84:5a:e0:df:33:fd:
61:8a:d5:44
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeOm1rOJJuw/V4e2ysw+fGZsK+ugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTExMDNaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiNWZkNzc3ODA3NDFmZDdlZjExYWI1MWQ2ZWM2YzVmOWVhMmQxMjA0Y2Y5
NTlhMGVhZWEwMGYwNDhlNTEyOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKx5Wf+yr6lbRsB59camDTqwpfoYPdRh1Ag2RT54XGbJhLpcngbaAIPPrrNC
QMQ45zrgLbfGOhbRCTrHJNIodxsTC6zjid9Qx4TW3F2Dtno7c5C9aZnJlETEFS5S
6RkoCiqgp3Yi/FIsJaSZRInib7ku/XpgewQOTTsLVdprJM9ZiIFqxISOSR2sK+yR
DD79IDsndWHZm1mbOT+hF9ge0iFmhBfhyCX1HscfwSQxVDtPQjSsNRcEhH3J16L0
ahznF5DxmHriQM19DWLJKf27NJm8pdX4+tPFtkZ2BKB/U7O+KL1otSV4Sa751i4q
1is+hkk+HB9rvyDjlCcJeySiOmMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRlClBe
Mb+toEBS5Up8do7NED26kjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZmNDc5YzctMzVjOS00M2VhLWFiOTktNzEyY2U3NTM3YmViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAg
MA0GCSqGSIb3DQEBCwUAA4IBAQA3FKnpnqdiAfJ7chvtk4Ngv/KPgByDnDTUnwfR
au14nJ5Dvg8N5QCaQC8B5tJjtZswh3evkT7UFCXELmsL9QOr88wzO65qvataN5GU
wanrhtcIc88zlNkPcI9ir2E5O/EM5vz1b+A0A77zA0XZRG9f7E1E7ZR2XX1MQW/p
d59XAX+5IR6l9FI9TkBrcPNl6TnwbES5JIjCnZHMwUjoviYqVLgF74VtbYMbrI4d
14vE7Rlt0wB4Xz8njo40ys4BeIGCIxwI6yWSJGgYZ/mc/c0l6dnAfO+Rhk+xya2A
qB6WqnmQR6Ca5eeXY//tUK0NNfGiHB3kZSCEWuDfM/1hitVE
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:42:21 2025 by rpki-client