Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
File: a84526d7-5029-439b-9e16-14cd601eb5a1.roa (raw, json)
Hash identifier: 9AH3PUta9E2pJ5mpujbgQnKX52+VC8QshhwioR7E7VU=
Subject key identifier: A4:6C:B9:FB:7A:EB:0B:F4:40:4A:0C:03:A7:CF:2F:B1:50:08:F6:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F7721E94096707E1E55F26C86B307CCC5331F3F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
Signing time: Fri 11 Jul 2025 19:30:46 +0000
ROA not before: Fri 11 Jul 2025 19:30:46 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:77:21:e9:40:96:70:7e:1e:55:f2:6c:86:b3:07:cc:c5:33:1f:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:30:46 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=b5f1347ac1744111a79503bc91f6208f957f39142e735ee7b3c5e2bacb8e01bb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:99:87:3d:40:75:35:ed:ca:a3:fb:45:93:c2:
f8:21:e8:66:6b:d9:f9:3a:93:33:a2:42:38:74:c5:
93:9e:49:32:b0:25:2d:11:6b:57:f5:7c:b0:a0:fa:
de:b4:ae:d9:af:c7:54:06:54:c5:af:a2:7b:68:0d:
13:96:a7:73:f3:ec:f4:26:71:52:c5:ed:4e:d7:54:
e8:16:a6:b9:79:6a:c0:2e:96:88:99:d2:32:04:75:
66:16:ba:dd:26:60:4d:ab:f7:da:e7:bf:6e:aa:9a:
c7:8e:68:53:c5:0d:79:5b:2f:31:4a:39:31:2a:df:
fc:e8:1d:fa:26:0d:81:8c:f4:80:4c:ef:74:c9:62:
db:46:12:89:ec:46:1a:cb:f6:dc:e5:33:e7:82:aa:
a0:ba:65:4a:c1:f9:81:f3:b5:af:e2:27:78:d9:24:
fc:c7:cb:cb:13:13:07:e6:80:1a:5c:35:48:c5:18:
c4:b2:14:fb:52:69:8d:c2:83:dc:33:21:f2:c8:e3:
13:a2:ce:fc:38:b0:64:01:2c:9b:65:51:76:f3:52:
12:cb:b3:d3:b0:f9:05:6a:e6:86:e2:c7:7f:1e:80:
8c:84:e2:62:20:5d:ce:ab:c8:40:2e:7e:90:e5:1a:
f0:54:35:64:fa:f7:ef:cf:f1:45:58:be:af:07:a7:
49:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6C:B9:FB:7A:EB:0B:F4:40:4A:0C:03:A7:CF:2F:B1:50:08:F6:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6080::/48
Signature Algorithm: sha256WithRSAEncryption
42:d0:46:57:ce:a9:bb:84:e0:b5:86:f4:de:2a:4e:1e:c2:98:
b0:95:1f:12:73:33:f9:4f:6b:7d:7a:50:44:9e:50:76:a1:1c:
24:1b:72:99:d6:34:f8:02:a7:f5:a9:dd:83:35:a9:c1:b9:64:
4b:09:51:e9:89:05:76:63:3b:0d:d5:a1:63:ab:da:49:8e:41:
00:43:d7:6a:cb:fe:28:f0:25:9e:97:1b:e0:5c:d2:96:47:88:
a3:20:05:03:5e:b6:5e:e9:f0:fe:f5:1a:d8:c9:61:bb:76:7a:
fb:ea:e9:bf:0b:07:8c:ff:36:ce:b6:17:5b:81:2c:9b:5a:24:
1c:00:2f:88:b1:19:ae:66:a9:1f:ed:2a:39:72:8d:50:5d:58:
93:30:76:cf:b9:99:31:2f:c6:a6:d3:9a:7e:93:50:0c:16:e8:
89:72:41:f7:fe:96:36:c2:e9:c6:7e:93:89:dc:d0:83:2a:0a:
81:3e:73:88:fb:e4:80:ef:38:8e:d6:c4:d4:de:93:b7:ae:83:
01:f6:31:7e:56:74:76:0c:0b:f4:6b:33:b1:03:5a:76:22:7f:
f3:72:cf:5d:37:06:19:6b:c8:63:d0:65:ba:4b:2b:4b:70:f1:
f8:37:93:4d:f2:fc:d2:67:8c:77:05:8b:ac:93:fc:4f:91:9f:
c6:28:11:ed
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUD3ch6UCWcH4eVfJshrMHzMUzHz8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMwNDZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1ZjEzNDdhYzE3NDQxMTFhNzk1MDNiYzkxZjYyMDhmOTU3ZjM5MTQyZTcz
NWVlN2IzYzVlMmJhY2I4ZTAxYmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuZhz1AdTXtyqP7RZPC+CHoZmvZ+TqTM6JCOHTFk55JMrAlLRFrV/V8sKD6
3rSu2a/HVAZUxa+ie2gNE5anc/Ps9CZxUsXtTtdU6BamuXlqwC6WiJnSMgR1Zha6
3SZgTav32ue/bqqax45oU8UNeVsvMUo5MSrf/Ogd+iYNgYz0gEzvdMli20YSiexG
Gsv23OUz54KqoLplSsH5gfO1r+IneNkk/MfLyxMTB+aAGlw1SMUYxLIU+1JpjcKD
3DMh8sjjE6LO/DiwZAEsm2VRdvNSEsuz07D5BWrmhuLHfx6AjITiYiBdzqvIQC5+
kOUa8FQ1ZPr378/xRVi+rwenSYsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSkbLn7
eusL9EBKDAOnzy+xUAj2ZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTg0NTI2ZDctNTAyOS00MzliLTllMTYtMTRjZDYwMWViNWExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
gDANBgkqhkiG9w0BAQsFAAOCAQEAQtBGV86pu4TgtYb03ipOHsKYsJUfEnMz+U9r
fXpQRJ5QdqEcJBtymdY0+AKn9andgzWpwblkSwlR6YkFdmM7DdWhY6vaSY5BAEPX
asv+KPAlnpcb4FzSlkeIoyAFA162Xunw/vUa2Mlhu3Z6++rpvwsHjP82zrYXW4Es
m1okHAAviLEZrmapH+0qOXKNUF1YkzB2z7mZMS/GptOafpNQDBboiXJB9/6WNsLp
xn6TidzQgyoKgT5ziPvkgO84jtbE1N6Tt66DAfYxflZ0dgwL9GszsQNadiJ/83LP
XTcGGWvIY9BluksrS3Dx+DeTTfL80meMdwWLrJP8T5GfxigR7Q==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:43 2025 by rpki-client