Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
File: a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa (raw, json)
Hash identifier: RHGAPCVxIjWh7chUZFKzqttghGKn3q+ZZOtmfIRKdZM=
Subject key identifier: 98:AF:F2:DB:8A:FD:90:A7:22:7B:00:93:FB:D0:03:EE:7A:41:89:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 445F0014E02BC65ADBD97B79656596B83AFA1881
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
Signing time: Fri 11 Jul 2025 19:21:20 +0000
ROA not before: Fri 11 Jul 2025 19:21:20 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:5f:00:14:e0:2b:c6:5a:db:d9:7b:79:65:65:96:b8:3a:fa:18:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:21:20 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=b2c59786e91e9f1f17b11161fdc171b0ee5439b564675ba4e54da411a6db0ae0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7a:6f:d4:0b:4d:8e:df:14:99:3b:58:5b:16:
4b:ff:6a:90:f2:c9:79:ed:06:1c:c7:18:b5:22:f5:
ab:51:e5:6c:98:87:48:b1:78:9a:d5:e2:67:aa:c6:
ab:a2:6b:5e:d5:e1:49:12:71:8f:85:b4:57:c0:a3:
1a:bd:68:8d:75:92:da:37:73:87:9e:99:2d:0e:20:
ae:cc:f8:dd:46:70:57:0b:dc:66:31:b6:da:67:cd:
99:97:17:00:09:b3:df:6f:eb:f9:8b:95:aa:0f:3e:
99:dc:f3:f1:c7:20:be:8b:db:1e:33:68:57:d4:71:
42:b3:1f:bb:7d:18:34:d9:c1:88:af:d3:8c:ad:41:
4a:a6:26:00:a8:4a:4b:cf:6d:9e:95:ae:5f:c6:3c:
ed:f9:c8:8d:4c:3e:60:b5:91:84:4d:2b:0f:ef:a6:
bc:47:aa:32:30:1d:a4:6a:96:87:ad:d0:ac:19:61:
b0:3a:36:d2:1a:ef:92:8e:7b:8e:39:d9:e6:32:0e:
1e:1f:6a:9f:a9:89:e2:07:cb:4e:63:08:6f:27:be:
63:34:31:9b:df:94:1a:4c:94:d5:61:6f:f2:27:32:
cb:0a:2c:a7:57:49:9a:61:0d:9a:2c:fe:40:01:09:
8d:7a:e5:40:8f:03:b3:53:bf:81:9f:3b:b7:00:39:
60:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:AF:F2:DB:8A:FD:90:A7:22:7B:00:93:FB:D0:03:EE:7A:41:89:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6080::/48
Signature Algorithm: sha256WithRSAEncryption
2e:5e:fc:a7:58:46:f8:9d:f1:d8:6d:87:e7:0a:4d:cf:5d:f8:
e1:c0:98:46:45:ad:f9:f3:40:91:72:d5:e1:48:7b:7f:d9:37:
e3:90:e1:38:9c:54:65:5d:0c:69:62:72:ed:21:f6:84:58:c7:
f6:69:d2:f7:01:9c:6d:39:08:16:c8:40:fa:0b:e9:be:85:8f:
3e:90:c2:d8:fb:3e:38:47:e5:5f:7a:87:ba:3f:57:51:63:f5:
9c:a3:fc:20:92:49:d5:51:22:68:3e:0d:53:36:af:6c:60:e4:
fb:23:5b:63:89:40:57:5b:33:b7:32:9f:5d:c3:e8:29:3c:53:
c9:50:01:b0:78:d1:66:3a:18:17:ef:13:cd:26:7e:20:c8:21:
eb:75:a7:1a:c8:35:0c:3b:56:b9:e4:19:44:bd:52:dc:d6:79:
f7:25:34:21:a4:c6:8d:ee:ba:da:ac:cb:55:7c:19:88:ae:68:
fc:95:cb:34:52:52:e6:18:a3:e9:9e:f2:b8:80:d2:d8:e6:8c:
dd:91:b5:7a:3e:41:f6:e2:0c:85:02:c5:6d:89:d0:20:d8:0f:
05:0d:60:13:ca:65:36:85:48:39:a6:69:26:37:21:91:27:e5:
43:60:9f:ba:26:63:93:35:5f:51:b4:41:88:f9:7d:96:e0:45:
18:4e:60:9f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURF8AFOArxlrb2Xt5ZWWWuDr6GIEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIxMjBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyYzU5Nzg2ZTkxZTlmMWYxN2IxMTE2MWZkYzE3MWIwZWU1NDM5YjU2NDY3
NWJhNGU1NGRhNDExYTZkYjBhZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKN6b9QLTY7fFJk7WFsWS/9qkPLJee0GHMcYtSL1q1HlbJiHSLF4mtXiZ6rG
q6JrXtXhSRJxj4W0V8CjGr1ojXWS2jdzh56ZLQ4grsz43UZwVwvcZjG22mfNmZcX
AAmz32/r+YuVqg8+mdzz8ccgvovbHjNoV9RxQrMfu30YNNnBiK/TjK1BSqYmAKhK
S89tnpWuX8Y87fnIjUw+YLWRhE0rD++mvEeqMjAdpGqWh63QrBlhsDo20hrvko57
jjnZ5jIOHh9qn6mJ4gfLTmMIbye+YzQxm9+UGkyU1WFv8icyywosp1dJmmENmiz+
QAEJjXrlQI8Ds1O/gZ87twA5YFsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSYr/Lb
iv2QpyJ7AJP70APuekGJejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQwZTJjZjItZDZlNC00ODEzLWE1YWEtNjIzZWRhODkyNmU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFg
gDANBgkqhkiG9w0BAQsFAAOCAQEALl78p1hG+J3x2G2H5wpNz1344cCYRkWt+fNA
kXLV4Uh7f9k345DhOJxUZV0MaWJy7SH2hFjH9mnS9wGcbTkIFshA+gvpvoWPPpDC
2Ps+OEflX3qHuj9XUWP1nKP8IJJJ1VEiaD4NUzavbGDk+yNbY4lAV1sztzKfXcPo
KTxTyVABsHjRZjoYF+8TzSZ+IMgh63WnGsg1DDtWueQZRL1S3NZ59yU0IaTGje66
2qzLVXwZiK5o/JXLNFJS5hij6Z7yuIDS2OaM3ZG1ej5B9uIMhQLFbYnQINgPBQ1g
E8plNoVIOaZpJjchkSflQ2CfuiZjkzVfUbRBiPl9luBFGE5gnw==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:17 2025 by rpki-client