Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a75e35f5-c55c-41e8-b026-54c892c68ea2.roa
File: a75e35f5-c55c-41e8-b026-54c892c68ea2.roa (raw, json)
Hash identifier: qYhnTsMSi4OtCy1qZdDR1AT6H2v+NuEvlbIKILHi5Rw=
Subject key identifier: 2A:EC:61:5C:AC:C4:96:47:71:23:51:1E:93:38:66:EB:C5:E1:24:2A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C2F6F85A11F2492E1C1FDCC5AA74EC987BF8131
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a75e35f5-c55c-41e8-b026-54c892c68ea2.roa
Signing time: Fri 11 Jul 2025 18:41:08 +0000
ROA not before: Fri 11 Jul 2025 18:41:08 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:2f:6f:85:a1:1f:24:92:e1:c1:fd:cc:5a:a7:4e:c9:87:bf:81:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:41:08 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=172ce24e7079605157cc0738097cbf9736a6c0868aa304443e1d527bbaf6266a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d1:30:df:4a:a1:33:02:70:e0:fb:44:51:62:
0c:88:0d:ca:1a:48:d4:5b:e9:9f:16:7f:bf:be:b5:
1a:6d:60:ae:af:0a:4f:b5:03:b5:0c:75:fc:cd:21:
17:36:95:0d:8f:c9:40:b7:ea:1f:d6:a9:8c:c6:a7:
53:5f:f0:c2:7c:d5:f2:f7:30:10:a4:fe:a7:16:bb:
f8:af:7d:4d:07:eb:89:79:a7:18:92:0b:4f:f2:a1:
82:28:b6:a2:be:b7:75:1e:d2:6c:65:fb:aa:68:f3:
68:c5:0b:32:8c:5f:49:b1:d1:71:0f:00:e2:d1:a9:
aa:f5:50:8b:12:b1:a8:d1:84:d0:25:30:e7:f8:53:
01:ba:2c:19:0f:be:b1:3f:47:91:98:6d:5c:9d:f1:
c2:6c:76:37:83:7d:63:0c:7f:55:ae:1b:03:3c:d1:
34:ff:14:0d:36:af:6c:14:5e:d6:f4:aa:c9:f8:8e:
25:3e:f4:7a:e6:f7:3b:ef:de:ca:a1:64:33:22:98:
9f:52:34:17:e9:4f:91:85:97:bf:c5:a7:36:81:29:
f3:d1:4c:f8:20:32:32:2c:72:7f:96:e4:37:93:c8:
e3:50:1a:70:a8:e5:7b:f0:0d:48:96:09:0e:4f:36:
64:b6:25:24:d9:6c:a1:52:4a:77:09:b3:80:55:76:
12:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:EC:61:5C:AC:C4:96:47:71:23:51:1E:93:38:66:EB:C5:E1:24:2A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a75e35f5-c55c-41e8-b026-54c892c68ea2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
4f:25:10:5c:ac:80:4f:42:aa:cc:79:3c:94:6d:21:94:6b:93:
6a:91:8b:09:ce:02:3f:84:8c:d0:de:0d:47:a7:b9:79:59:96:
a9:9c:f2:37:22:3a:81:3f:3b:7f:e6:e7:b3:63:8b:f2:b6:22:
d8:74:6f:47:1d:81:8f:6a:03:38:af:34:bd:88:2e:6e:27:15:
1a:65:30:55:29:0b:83:1a:86:9e:ca:1b:7a:38:11:9a:af:aa:
63:25:fc:b0:d0:75:d8:58:61:4b:9e:d5:30:b3:93:b0:6c:d2:
2e:f5:9b:e2:3a:88:14:42:ec:11:ec:a5:75:53:64:b8:cd:4d:
41:38:0e:6d:2d:ce:0a:c9:c1:ba:5e:81:40:e4:a2:eb:2f:d1:
dd:36:0b:81:e8:6f:ea:28:97:fa:26:b4:2c:18:4b:5e:3a:c1:
06:8f:c5:a1:c8:b1:34:54:a4:55:19:f9:47:6d:ed:af:63:74:
b4:72:7e:a3:fb:c6:0a:73:96:6b:5c:3a:fb:ce:fc:4a:79:7e:
6e:8c:05:b0:7a:2f:3a:51:71:e0:98:f8:bd:25:b1:7b:06:2a:
de:f8:b5:09:f1:4d:f2:09:5c:6a:02:24:be:fc:15:b6:e8:c8:
51:29:69:dc:ef:b9:67:57:d2:4e:d3:8d:28:da:4b:e0:5a:69:
06:5b:89:a3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPC9vhaEfJJLhwf3MWqdOyYe/gTEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQxMDhaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3MmNlMjRlNzA3OTYwNTE1N2NjMDczODA5N2NiZjk3MzZhNmMwODY4YWEz
MDQ0NDNlMWQ1MjdiYmFmNjI2NmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDRMN9KoTMCcOD7RFFiDIgNyhpI1FvpnxZ/v761Gm1grq8KT7UDtQx1/M0h
FzaVDY/JQLfqH9apjManU1/wwnzV8vcwEKT+pxa7+K99TQfriXmnGJILT/Khgii2
or63dR7SbGX7qmjzaMULMoxfSbHRcQ8A4tGpqvVQixKxqNGE0CUw5/hTAbosGQ++
sT9HkZhtXJ3xwmx2N4N9Ywx/Va4bAzzRNP8UDTavbBRe1vSqyfiOJT70eub3O+/e
yqFkMyKYn1I0F+lPkYWXv8WnNoEp89FM+CAyMixyf5bkN5PI41AacKjle/ANSJYJ
Dk82ZLYlJNlsoVJKdwmzgFV2EpUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQq7GFc
rMSWR3EjUR6TOGbrxeEkKjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc1ZTM1ZjUtYzU1Yy00MWU4LWIwMjYtNTRjODkyYzY4ZWEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKQ
wDANBgkqhkiG9w0BAQsFAAOCAQEATyUQXKyAT0KqzHk8lG0hlGuTapGLCc4CP4SM
0N4NR6e5eVmWqZzyNyI6gT87f+bns2OL8rYi2HRvRx2Bj2oDOK80vYgubicVGmUw
VSkLgxqGnsobejgRmq+qYyX8sNB12FhhS57VMLOTsGzSLvWb4jqIFELsEeyldVNk
uM1NQTgObS3OCsnBul6BQOSi6y/R3TYLgehv6iiX+ia0LBhLXjrBBo/FocixNFSk
VRn5R23tr2N0tHJ+o/vGCnOWa1w6+878Snl+bowFsHovOlFx4Jj4vSWxewYq3vi1
CfFN8glcagIkvvwVtujIUSlp3O+5Z1fSTtONKNpL4FppBluJow==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:33:04 2025 by rpki-client