Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a507fd37-f907-46ea-8c80-857b97a67610.roa
File: a507fd37-f907-46ea-8c80-857b97a67610.roa (raw, json)
Hash identifier: rl7NX3rTiyvnmMZs/zF8TsuZnR86JPsyS8iBMNhoX9c=
Subject key identifier: 28:25:20:4C:94:73:FF:71:C3:3E:DF:4B:EF:69:F3:D0:6A:BF:FF:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F88B9B748D77898D8BB2B5E4AB17C09B8CE0847
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a507fd37-f907-46ea-8c80-857b97a67610.roa
Signing time: Fri 11 Jul 2025 19:30:48 +0000
ROA not before: Fri 11 Jul 2025 19:30:48 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:88:b9:b7:48:d7:78:98:d8:bb:2b:5e:4a:b1:7c:09:b8:ce:08:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:30:48 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=89bbc158bde9cde7b756f261570b505e46926ce848b3795bf4752c40c68692c8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:91:5f:d9:1e:bf:d3:d3:23:21:6c:51:d1:df:
41:c4:d7:7e:a9:ee:d6:81:47:19:53:03:61:16:b3:
8c:bb:14:5a:92:d2:97:87:26:37:81:1b:c2:69:84:
75:63:b6:04:70:5c:8a:2d:fa:0c:eb:05:5b:9e:93:
67:77:03:cc:a1:ad:18:d6:b1:7c:d3:a2:a2:80:0d:
6d:7f:96:4e:44:39:aa:db:66:71:b7:71:ae:32:11:
16:df:60:bb:ad:ad:46:34:50:01:76:91:e8:91:cd:
71:d0:fd:1e:44:03:55:60:38:0e:c5:49:3b:10:df:
e4:11:47:62:3a:23:b3:fe:92:a6:c8:95:d5:db:c5:
b9:11:68:5e:77:e8:a2:da:e8:65:d8:8b:d6:fd:18:
4b:65:cb:06:26:ea:e6:2f:28:dd:09:2e:76:2b:fa:
73:8f:5d:5a:d4:32:ac:17:f2:0b:c3:10:e0:88:7c:
93:7c:b8:47:a1:df:ed:f1:25:d4:6f:1b:6e:f4:76:
f4:d0:c2:dc:26:b9:62:0a:d3:05:bd:4a:b7:13:53:
6c:f9:7a:ce:bf:63:11:75:6a:4b:ea:3f:1e:71:45:
95:80:d4:be:5e:70:6e:77:53:17:73:2a:3f:ff:d7:
91:46:88:02:55:f9:bd:cf:8a:8a:d6:97:84:f0:4b:
1a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:25:20:4C:94:73:FF:71:C3:3E:DF:4B:EF:69:F3:D0:6A:BF:FF:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a507fd37-f907-46ea-8c80-857b97a67610.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e000::/40
Signature Algorithm: sha256WithRSAEncryption
a2:d6:f6:1a:f5:6b:bc:3e:8c:98:87:2f:8a:26:cb:c3:c0:9a:
95:e1:4b:8d:2b:7e:6d:09:f0:d8:75:49:f4:7d:ef:60:e1:76:
eb:42:4e:55:96:de:34:c2:7e:f0:4a:c4:e2:62:a6:18:8f:f2:
0b:45:42:fa:5c:bb:09:c4:cb:9f:a2:ae:c8:39:64:09:ed:80:
3a:b8:7f:ce:21:57:e0:41:1c:4f:4e:48:b0:a3:fb:91:1b:ab:
60:f2:69:27:69:7a:ce:db:48:1e:e6:63:e3:c2:e0:96:9a:85:
ae:0d:13:73:e5:7b:0b:9e:01:bf:c0:e2:6e:08:3a:d6:b4:95:
25:e3:09:5b:33:22:10:35:ef:f5:ca:24:7a:f2:08:c7:1a:8d:
8f:63:b5:1f:66:9e:6a:15:6a:6b:e7:54:6a:66:cf:90:94:39:
9b:ad:e5:dc:88:5d:38:69:f9:49:40:c9:0c:e2:91:d9:be:d7:
55:16:82:56:49:97:7b:75:27:f3:8f:34:dd:86:c0:76:3f:48:
73:8a:62:b6:04:fb:90:9c:22:2c:3f:75:27:bc:50:c3:dc:67:
4a:a0:29:e9:d6:80:cc:d5:ea:8e:8f:cd:71:47:a4:b1:bf:fc:
ca:22:0d:c9:ce:78:1b:21:98:6e:e9:68:a1:97:99:37:e6:d7:
bb:60:50:6f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb4i5t0jXeJjYuyteSrF8CbjOCEcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMwNDhaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5YmJjMTU4YmRlOWNkZTdiNzU2ZjI2MTU3MGI1MDVlNDY5MjZjZTg0OGIz
Nzk1YmY0NzUyYzQwYzY4NjkyYzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmRX9kev9PTIyFsUdHfQcTXfqnu1oFHGVMDYRazjLsUWpLSl4cmN4EbwmmE
dWO2BHBcii36DOsFW56TZ3cDzKGtGNaxfNOiooANbX+WTkQ5qttmcbdxrjIRFt9g
u62tRjRQAXaR6JHNcdD9HkQDVWA4DsVJOxDf5BFHYjojs/6SpsiV1dvFuRFoXnfo
otroZdiL1v0YS2XLBibq5i8o3Qkudiv6c49dWtQyrBfyC8MQ4Ih8k3y4R6Hf7fEl
1G8bbvR29NDC3Ca5YgrTBb1KtxNTbPl6zr9jEXVqS+o/HnFFlYDUvl5wbndTF3Mq
P//XkUaIAlX5vc+KitaXhPBLGv0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQoJSBM
lHP/ccM+30vvafPQar//nzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTUwN2ZkMzctZjkwNy00NmVhLThjODAtODU3Yjk3YTY3NjEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HLg
MA0GCSqGSIb3DQEBCwUAA4IBAQCi1vYa9Wu8PoyYhy+KJsvDwJqV4UuNK35tCfDY
dUn0fe9g4XbrQk5Vlt40wn7wSsTiYqYYj/ILRUL6XLsJxMufoq7IOWQJ7YA6uH/O
IVfgQRxPTkiwo/uRG6tg8mknaXrO20ge5mPjwuCWmoWuDRNz5XsLngG/wOJuCDrW
tJUl4wlbMyIQNe/1yiR68gjHGo2PY7UfZp5qFWpr51RqZs+QlDmbreXciF04aflJ
QMkM4pHZvtdVFoJWSZd7dSfzjzTdhsB2P0hzimK2BPuQnCIsP3UnvFDD3GdKoCnp
1oDM1eqOj81xR6Sxv/zKIg3JzngbIZhu6Wihl5k35te7YFBv
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:11 2025 by rpki-client