Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2c4c28c-0df9-40d4-bf4d-926104b691f4.roa
File: a2c4c28c-0df9-40d4-bf4d-926104b691f4.roa (raw, json)
Hash identifier: wKf8VoFt+C8YfhLOVCDm/+z93snS8JuR3OY31rPA6o8=
Subject key identifier: E0:51:D3:AB:AC:AD:CA:70:B8:5F:58:DF:77:45:36:73:22:7F:8A:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39C14FCE7CC27B1C7C2C441FC7234CE4560BCB83
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2c4c28c-0df9-40d4-bf4d-926104b691f4.roa
Signing time: Fri 11 Jul 2025 20:11:34 +0000
ROA not before: Fri 11 Jul 2025 20:11:34 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:c1:4f:ce:7c:c2:7b:1c:7c:2c:44:1f:c7:23:4c:e4:56:0b:cb:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:11:34 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=223150cb4afe1fe9b0f71858f11fafb550ffacad2326fa3a1516429237bf4703, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ee:8b:2d:4d:b9:84:8e:ab:d5:6b:40:f6:68:
92:d3:ad:ff:0d:1b:26:e3:e9:df:e6:fc:0b:5d:2e:
6a:91:95:21:0d:58:f4:76:cb:47:0c:c4:87:6d:d0:
f8:00:27:71:77:40:46:5e:fd:9b:f1:61:8d:37:71:
8d:40:11:1f:54:1f:93:16:1e:ca:8a:ec:31:a7:e7:
da:6c:97:0b:76:48:43:d6:61:00:63:9a:93:4b:fe:
5f:50:e2:71:d6:20:49:42:77:c6:ff:e2:ab:bd:e1:
17:1b:fb:71:46:48:c4:54:91:5a:98:90:0f:db:84:
16:ba:cb:e6:3c:ef:87:8b:16:87:e8:82:c7:eb:55:
55:1a:e9:84:23:74:a1:fb:f3:8d:14:68:a4:0f:3f:
c0:30:e0:c5:dc:78:1a:41:d8:05:53:2a:ca:90:67:
20:9f:b1:3c:01:1d:08:51:6e:82:08:87:f3:29:4e:
ab:d9:42:9d:18:5d:47:99:a8:70:0a:d8:55:93:ee:
d5:1b:3e:ca:dc:1a:52:14:2f:28:f1:a1:35:52:f3:
23:5d:1b:9f:10:63:63:a8:a0:f4:01:1a:3d:91:fe:
6b:08:b3:a6:7f:2e:03:d0:b6:28:7d:39:87:8c:2a:
3f:67:c4:28:96:29:42:3d:38:f2:ed:23:f5:14:66:
8f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:51:D3:AB:AC:AD:CA:70:B8:5F:58:DF:77:45:36:73:22:7F:8A:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2c4c28c-0df9-40d4-bf4d-926104b691f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
38:8d:0d:2d:fc:17:c5:fe:f0:1b:8c:a8:9e:9e:83:21:4d:6d:
25:ab:c2:7e:72:98:f8:f4:41:35:92:1d:fd:85:9b:b8:d1:f7:
dc:52:59:79:79:33:c9:7d:e7:36:b3:6a:d0:a6:1a:19:a8:ad:
95:1a:6a:bc:c5:42:99:27:fb:fa:ce:54:3c:4a:96:d3:0c:e0:
94:a7:23:0f:a1:7b:28:79:f4:fe:79:d5:9b:26:ca:72:22:bc:
42:b2:23:af:13:2c:cd:17:e0:b9:06:48:84:fb:2a:1b:99:17:
2e:8f:16:bc:40:a6:9e:a5:66:83:ae:b2:df:dc:54:bb:c2:b3:
03:ca:e1:3d:2b:4b:83:b6:be:4f:de:36:5a:78:98:90:25:7d:
76:3c:78:49:d8:40:23:ab:62:8f:1d:40:e3:71:7a:12:a9:07:
f1:b7:cd:b8:88:93:77:eb:40:d9:cc:a8:b6:ee:f2:d1:c8:ff:
fe:52:ed:a2:2c:e4:86:d2:72:7d:69:14:6f:15:0a:88:e9:71:
00:6d:30:52:0b:a1:1c:7a:7a:2a:19:68:91:3b:6e:ae:4d:a0:
6c:c8:42:a6:ae:6a:fa:f8:a7:d4:da:f9:53:c1:c5:91:f2:85:
fa:62:f5:c6:d0:fb:c5:ff:cf:25:07:12:0d:e4:9f:5e:14:db:
04:b2:37:37
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOcFPznzCexx8LEQfxyNM5FYLy4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDExMzRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyMzE1MGNiNGFmZTFmZTliMGY3MTg1OGYxMWZhZmI1NTBmZmFjYWQyMzI2
ZmEzYTE1MTY0MjkyMzdiZjQ3MDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3uiy1NuYSOq9VrQPZoktOt/w0bJuPp3+b8C10uapGVIQ1Y9HbLRwzEh23Q
+AAncXdARl79m/FhjTdxjUARH1QfkxYeyorsMafn2myXC3ZIQ9ZhAGOak0v+X1Di
cdYgSUJ3xv/iq73hFxv7cUZIxFSRWpiQD9uEFrrL5jzvh4sWh+iCx+tVVRrphCN0
ofvzjRRopA8/wDDgxdx4GkHYBVMqypBnIJ+xPAEdCFFuggiH8ylOq9lCnRhdR5mo
cArYVZPu1Rs+ytwaUhQvKPGhNVLzI10bnxBjY6ig9AEaPZH+awizpn8uA9C2KH05
h4wqP2fEKJYpQj048u0j9RRmjy0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTgUdOr
rK3KcLhfWN93RTZzIn+KgDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTJjNGMyOGMtMGRmOS00MGQ0LWJmNGQtOTI2MTA0YjY5MWY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DpA
MA0GCSqGSIb3DQEBCwUAA4IBAQA4jQ0t/BfF/vAbjKienoMhTW0lq8J+cpj49EE1
kh39hZu40ffcUll5eTPJfec2s2rQphoZqK2VGmq8xUKZJ/v6zlQ8SpbTDOCUpyMP
oXsoefT+edWbJspyIrxCsiOvEyzNF+C5BkiE+yobmRcujxa8QKaepWaDrrLf3FS7
wrMDyuE9K0uDtr5P3jZaeJiQJX12PHhJ2EAjq2KPHUDjcXoSqQfxt824iJN360DZ
zKi27vLRyP/+Uu2iLOSG0nJ9aRRvFQqI6XEAbTBSC6EcenoqGWiRO26uTaBsyEKm
rmr6+KfU2vlTwcWR8oX6YvXG0PvF/88lBxIN5J9eFNsEsjc3
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:33:57 2025 by rpki-client