Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a626735f-cb4b-4dff-992e-95390a4e2eea.roa
File: a626735f-cb4b-4dff-992e-95390a4e2eea.roa (raw, json)
Hash identifier: c4eZryHizwW+fOsmoVoxd9bmZY0S4nzvTA//+lT2ftA=
Subject key identifier: A7:87:F1:3B:49:6D:6D:A4:BD:BB:A7:75:2A:90:F0:EA:7D:DA:A5:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 728F913D93AA6AF0DD35755CD754A9176DFA754B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a626735f-cb4b-4dff-992e-95390a4e2eea.roa
Signing time: Sat 12 Jul 2025 00:50:11 +0000
ROA not before: Sat 12 Jul 2025 00:50:11 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:8f:91:3d:93:aa:6a:f0:dd:35:75:5c:d7:54:a9:17:6d:fa:75:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:50:11 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=da4ca7dc92b54dae794c4a69c35b64c42f9d7fbffe32537bf88e43ca1110295a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a6:c8:e1:1d:5c:1c:ac:0e:b6:ba:93:a6:88:
b4:20:53:00:64:40:47:b0:a3:72:f3:c7:cd:00:c2:
56:b8:54:87:38:31:f7:a9:fe:c5:c1:b1:42:57:86:
0b:8e:81:71:f7:16:1d:05:13:5d:cd:de:4b:0c:ab:
ec:eb:10:8b:bb:05:55:0f:51:b6:25:e2:88:5a:ce:
e6:40:92:6f:81:f0:77:b5:e7:45:d1:fb:32:f9:f7:
06:ef:e8:f2:b6:43:7b:83:95:b9:7d:57:28:f3:19:
a8:25:b6:4e:3a:95:d4:2f:23:19:d3:56:aa:e3:65:
a9:07:62:80:1a:16:44:64:8d:63:b8:20:f0:00:80:
b0:ea:38:8d:53:03:73:0d:b3:c1:11:42:4f:9a:e2:
7b:95:02:5c:9c:74:32:25:10:1c:6b:25:d8:23:b1:
a6:77:43:81:ef:8d:52:ca:93:96:ed:92:13:0b:fd:
51:69:5b:cc:87:ac:0b:12:dc:8f:34:e9:03:02:64:
4a:a4:14:ce:0d:29:22:84:e0:9a:dc:dd:03:da:4b:
b8:53:dd:00:f0:2b:b9:c8:00:08:e3:45:7e:77:58:
63:61:3c:62:ec:2b:90:a3:0c:ce:22:8d:30:a5:56:
41:49:68:ad:98:8e:54:94:04:47:ed:63:2d:58:9f:
ad:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:87:F1:3B:49:6D:6D:A4:BD:BB:A7:75:2A:90:F0:EA:7D:DA:A5:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a626735f-cb4b-4dff-992e-95390a4e2eea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:2000::/40
Signature Algorithm: sha256WithRSAEncryption
37:61:40:02:75:42:ac:40:b1:83:42:c3:b4:e0:a3:4a:a6:ff:
55:38:75:d2:dc:84:3b:7d:32:06:8e:e6:d8:cd:55:0d:dd:ec:
42:a9:86:cc:82:ff:8a:5f:02:19:e2:7a:17:2c:fc:a9:4b:9e:
44:f7:23:7b:41:4c:47:d9:42:4b:cd:9d:a9:06:f3:03:0b:53:
d8:5e:cd:b1:16:0a:67:7d:7e:d8:0c:43:61:19:59:ab:f1:65:
a2:17:c7:f4:4c:70:17:93:d8:7a:fa:67:b5:00:d1:92:51:99:
c1:f6:7f:65:e0:4b:86:6b:46:0b:a8:37:df:d9:f1:1b:97:8d:
15:99:ed:e4:2b:b4:d6:99:76:da:f4:54:ed:2b:91:7a:58:20:
05:47:47:ef:b9:6a:55:97:be:f7:78:b8:88:28:22:0c:34:19:
8d:f7:18:37:cf:87:e5:dd:82:3a:f0:08:fd:82:80:88:32:90:
57:c6:c2:0c:1c:98:d7:54:e6:fd:e0:66:f2:77:68:70:9b:3b:
76:8e:0e:87:02:65:9c:17:7d:d4:43:d4:38:e2:df:56:3b:0b:
b9:66:ec:20:85:5c:95:9b:be:1a:64:29:90:94:a6:55:76:09:
fb:e2:cf:b1:7d:65:a0:d0:dd:86:8c:30:e4:b8:b2:d8:8f:6c:
ed:d1:b8:56
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUco+RPZOqavDdNXVc11SpF236dUswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUwMTFaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhNGNhN2RjOTJiNTRkYWU3OTRjNGE2OWMzNWI2NGM0MmY5ZDdmYmZmZTMy
NTM3YmY4OGU0M2NhMTExMDI5NWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOSmyOEdXBysDra6k6aItCBTAGRAR7CjcvPHzQDCVrhUhzgx96n+xcGxQleG
C46BcfcWHQUTXc3eSwyr7OsQi7sFVQ9RtiXiiFrO5kCSb4Hwd7XnRdH7Mvn3Bu/o
8rZDe4OVuX1XKPMZqCW2TjqV1C8jGdNWquNlqQdigBoWRGSNY7gg8ACAsOo4jVMD
cw2zwRFCT5rie5UCXJx0MiUQHGsl2COxpndDge+NUsqTlu2SEwv9UWlbzIesCxLc
jzTpAwJkSqQUzg0pIoTgmtzdA9pLuFPdAPArucgACONFfndYY2E8YuwrkKMMziKN
MKVWQUlorZiOVJQER+1jLVifrSUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSnh/E7
SW1tpL27p3UqkPDqfdqlYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTYyNjczNWYtY2I0Yi00ZGZmLTk5MmUtOTUzOTBhNGUyZWVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fkg
MA0GCSqGSIb3DQEBCwUAA4IBAQA3YUACdUKsQLGDQsO04KNKpv9VOHXS3IQ7fTIG
jubYzVUN3exCqYbMgv+KXwIZ4noXLPypS55E9yN7QUxH2UJLzZ2pBvMDC1PYXs2x
FgpnfX7YDENhGVmr8WWiF8f0THAXk9h6+me1ANGSUZnB9n9l4EuGa0YLqDff2fEb
l40Vme3kK7TWmXba9FTtK5F6WCAFR0fvuWpVl773eLiIKCIMNBmN9xg3z4fl3YI6
8Aj9goCIMpBXxsIMHJjXVOb94Gbyd2hwmzt2jg6HAmWcF33UQ9Q44t9WOwu5Zuwg
hVyVm74aZCmQlKZVdgn74s+xfWWg0N2GjDDkuLLYj2zt0bhW
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:15 2025 by rpki-client