Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aeb942d1-e5f2-47dd-bd26-7b99f70267ad.roa
File: aeb942d1-e5f2-47dd-bd26-7b99f70267ad.roa (raw, json)
Hash identifier: cgJR6WOoP08SoWJsAzzob41Gqro4Kf9PTp83DcyfyEY=
Subject key identifier: C0:C5:26:F5:47:EC:B7:1B:43:88:35:C9:CE:31:14:31:D5:05:03:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 505FE9A741425147B68FD3E3FEB1456E46FE3FC6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aeb942d1-e5f2-47dd-bd26-7b99f70267ad.roa
Signing time: Fri 11 Jul 2025 19:50:15 +0000
ROA not before: Fri 11 Jul 2025 19:50:15 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:1080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:5f:e9:a7:41:42:51:47:b6:8f:d3:e3:fe:b1:45:6e:46:fe:3f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:50:15 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=96cd735a7cc5dbeb137cf712b67236742eda29a4352344acb165cb78e653934f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cc:8b:45:cf:86:54:d1:8a:ea:be:7a:10:44:
4a:7e:eb:26:54:d9:2a:32:0a:96:a2:63:39:ab:e0:
89:f1:6e:2e:7f:c4:8d:de:de:79:12:40:8e:c5:d6:
10:1b:f4:b3:cf:a5:86:dd:b1:5c:00:cb:ca:3f:08:
c7:c2:bb:5e:73:94:44:84:f5:6c:65:48:8c:10:04:
50:96:1c:dd:be:12:db:c6:00:96:a5:fe:61:ae:5e:
26:ca:e2:cd:79:c8:61:95:a4:4f:35:a9:19:83:45:
7d:3a:ab:ec:8b:9e:9f:63:31:aa:61:fb:d3:23:4a:
04:a2:ca:e9:cb:0d:a9:65:a8:69:76:69:9f:27:79:
2d:01:ec:c7:99:86:83:09:1a:86:64:79:cc:a1:9f:
59:b4:0b:93:20:c7:c7:97:e5:34:83:29:ca:56:9d:
c0:15:8c:50:49:0f:be:06:5b:01:ee:a1:ff:97:9c:
ee:87:f9:87:83:58:03:16:7c:65:74:37:0e:98:8a:
ba:4d:03:1d:d6:70:ae:e0:12:99:24:0e:f2:71:f0:
16:4b:7f:e9:a5:52:02:28:bd:9c:f4:f5:8e:83:72:
4c:d9:e5:8f:d9:3f:3c:0f:b4:6a:7a:de:1f:ba:ea:
f8:dc:e4:e5:f3:5e:fb:f2:b9:d2:87:d2:e3:75:75:
cb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:C5:26:F5:47:EC:B7:1B:43:88:35:C9:CE:31:14:31:D5:05:03:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aeb942d1-e5f2-47dd-bd26-7b99f70267ad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:1080::/46
Signature Algorithm: sha256WithRSAEncryption
53:b1:74:06:44:a9:18:2f:fc:d0:5f:30:5b:13:20:02:25:e0:
19:87:50:cc:30:ce:ce:96:b0:3b:fa:2f:4e:97:ae:fc:37:dc:
5c:ed:98:75:96:86:5a:f5:89:fb:f8:7d:a1:25:8e:40:77:b8:
82:44:a2:8b:da:08:e8:eb:e9:3e:ea:ac:f8:ed:79:e7:56:07:
52:ee:ff:dd:76:fe:79:48:6e:af:fd:55:16:27:47:8b:ee:dd:
ab:1f:1e:f5:45:53:b6:27:40:90:9f:68:09:56:c1:ef:66:62:
86:77:be:ea:4d:0d:68:94:d2:90:96:85:de:ae:40:fc:34:d5:
56:e4:f4:02:0f:c3:25:69:23:f6:bc:6c:04:63:86:cc:27:88:
a6:79:15:1d:ae:a4:88:cc:42:3f:44:29:8e:c7:83:84:0a:a0:
d5:11:b4:ed:d2:07:53:b1:8e:a7:a2:13:0b:d4:29:80:28:94:
70:37:79:de:b9:ee:8b:3d:fb:1e:d6:e9:73:12:a8:29:6e:f4:
f5:4e:f2:b9:1d:81:ab:da:ff:af:2b:28:3b:2d:02:f2:66:9b:
bc:97:50:4d:50:09:c7:41:32:c5:bd:89:fa:3c:6e:d4:e0:fe:
b7:55:6b:68:e3:fb:3a:77:61:42:c6:ec:fb:72:d0:b3:23:c6:
2c:4f:5e:b8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUF/pp0FCUUe2j9Pj/rFFbkb+P8YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUwMTVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2Y2Q3MzVhN2NjNWRiZWIxMzdjZjcxMmI2NzIzNjc0MmVkYTI5YTQzNTIz
NDRhY2IxNjVjYjc4ZTY1MzkzNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3Mi0XPhlTRiuq+ehBESn7rJlTZKjIKlqJjOavgifFuLn/Ejd7eeRJAjsXW
EBv0s8+lht2xXADLyj8Ix8K7XnOURIT1bGVIjBAEUJYc3b4S28YAlqX+Ya5eJsri
zXnIYZWkTzWpGYNFfTqr7Iuen2MxqmH70yNKBKLK6csNqWWoaXZpnyd5LQHsx5mG
gwkahmR5zKGfWbQLkyDHx5flNIMpyladwBWMUEkPvgZbAe6h/5ec7of5h4NYAxZ8
ZXQ3DpiKuk0DHdZwruASmSQO8nHwFkt/6aVSAii9nPT1joNyTNnlj9k/PA+0anre
H7rq+Nzk5fNe+/K50ofS43V1ywECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTAxSb1
R+y3G0OINcnOMRQx1QUDqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWViOTQyZDEtZTVmMi00N2RkLWJkMjYtN2I5OWY3MDI2N2FkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DUQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAU7F0BkSpGC/80F8wWxMgAiXgGYdQzDDOzpaw
O/ovTpeu/DfcXO2YdZaGWvWJ+/h9oSWOQHe4gkSii9oI6OvpPuqs+O1551YHUu7/
3Xb+eUhur/1VFidHi+7dqx8e9UVTtidAkJ9oCVbB72Zihne+6k0NaJTSkJaF3q5A
/DTVVuT0Ag/DJWkj9rxsBGOGzCeIpnkVHa6kiMxCP0QpjseDhAqg1RG07dIHU7GO
p6ITC9QpgCiUcDd53rnuiz37HtbpcxKoKW709U7yuR2Bq9r/rysoOy0C8mabvJdQ
TVAJx0Eyxb2J+jxu1OD+t1VraOP7OndhQsbs+3LQsyPGLE9euA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:33:47 2025 by rpki-client