Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
File: af189eff-34de-4652-a029-d682c90d1fc5.roa (raw, json)
Hash identifier: w29QR7y4si1EHvG50gpdgTtqVueMjK2n644TvZ4vyKQ=
Subject key identifier: 7E:50:61:BC:41:9A:81:6D:A5:56:A7:AF:24:8F:79:7F:DD:1D:45:94
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14676813C0C1D82A8F70D431EB5F55059E0A0ED5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
Signing time: Fri 11 Jul 2025 19:30:45 +0000
ROA not before: Fri 11 Jul 2025 19:30:45 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:67:68:13:c0:c1:d8:2a:8f:70:d4:31:eb:5f:55:05:9e:0a:0e:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:30:45 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=1cc7b7222c12c0363f8c46a395a189801ac21d7ffe409b8e0c59161092f9d85b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:91:66:7f:b2:bb:67:2a:d5:32:f2:d4:cd:71:
63:0c:b0:35:12:f9:62:60:91:74:70:1f:ef:c1:b9:
50:68:4f:38:53:ed:57:d3:17:84:b4:a9:a8:a2:27:
ae:0e:fd:65:b5:96:4c:d9:78:01:0a:0c:c5:96:02:
53:3d:ba:22:64:f0:e6:42:f5:98:77:52:c6:1a:18:
b9:16:63:eb:10:0f:af:d7:cd:76:e4:33:9b:0e:74:
87:1d:77:97:4c:62:ae:04:7d:73:de:5f:1e:b3:f6:
64:b2:4d:73:62:c0:16:c1:c0:32:b7:6c:c2:8f:5d:
10:b7:e4:3a:6c:1c:c6:ec:ee:47:c1:f5:fd:4a:b8:
73:ba:d3:3d:cd:5e:bc:da:d4:3b:9e:82:44:54:d7:
65:37:e7:4d:2f:88:01:ef:62:4d:b2:ae:cd:fd:cc:
2e:61:3c:cb:8b:6c:80:d4:87:4f:cf:52:d5:36:be:
1a:bb:b2:79:fe:51:7d:3a:42:17:16:47:ba:ab:c2:
f4:35:70:13:e1:c6:13:51:8d:67:fb:8d:24:79:25:
50:0e:7e:93:40:8f:62:92:c5:80:31:70:fa:e4:93:
35:08:84:9e:94:48:92:aa:90:9a:f8:3a:04:5e:90:
38:04:11:7d:de:60:e8:af:73:5f:f8:29:77:71:ec:
6a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:50:61:BC:41:9A:81:6D:A5:56:A7:AF:24:8F:79:7F:DD:1D:45:94
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af189eff-34de-4652-a029-d682c90d1fc5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
41:2e:43:a9:d9:e7:6e:90:88:fb:30:f2:90:95:4e:e9:e1:59:
b5:42:3c:4e:34:c7:8a:cb:df:1e:bf:8f:12:de:bc:14:3b:9b:
b1:d8:90:b1:7a:d3:30:75:c7:dc:2b:9f:ac:95:41:68:ff:1c:
e0:ea:6d:30:53:b2:e8:f4:40:eb:aa:8e:4a:d0:5a:c0:5d:79:
0d:86:a2:5b:a3:a9:1e:19:33:48:79:3d:ca:10:ff:38:72:7d:
05:5b:39:54:a6:01:70:df:18:ff:ee:4b:b9:7d:be:04:9d:aa:
6a:1b:01:07:f4:1c:b4:e3:f8:6a:93:ae:c3:51:0c:38:dc:69:
1f:1e:b8:20:77:ae:df:ef:1d:c7:b3:86:3f:71:9f:97:51:72:
dd:63:10:c0:24:38:86:6b:f0:94:80:82:24:34:60:48:d6:63:
b8:c4:5d:fa:81:7d:a5:fe:48:68:d1:82:bc:7b:b6:8f:3a:4e:
0b:55:6d:f9:a5:ed:fa:ba:27:f3:67:07:03:0d:b4:fc:7b:79:
50:ec:9d:e9:1c:fd:c1:d6:39:50:a4:c0:bc:5a:81:30:3c:5c:
38:e0:cc:d1:68:f9:76:94:d7:d8:4b:79:f6:3b:c4:18:62:ed:
55:8b:7e:67:30:b4:43:b9:bd:5f:62:93:ad:fa:76:d1:25:22:
a4:f2:93:2e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFGdoE8DB2CqPcNQx619VBZ4KDtUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMwNDVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjYzdiNzIyMmMxMmMwMzYzZjhjNDZhMzk1YTE4OTgwMWFjMjFkN2ZmZTQw
OWI4ZTBjNTkxNjEwOTJmOWQ4NWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqRZn+yu2cq1TLy1M1xYwywNRL5YmCRdHAf78G5UGhPOFPtV9MXhLSpqKIn
rg79ZbWWTNl4AQoMxZYCUz26ImTw5kL1mHdSxhoYuRZj6xAPr9fNduQzmw50hx13
l0xirgR9c95fHrP2ZLJNc2LAFsHAMrdswo9dELfkOmwcxuzuR8H1/Uq4c7rTPc1e
vNrUO56CRFTXZTfnTS+IAe9iTbKuzf3MLmE8y4tsgNSHT89S1Ta+Gruyef5RfTpC
FxZHuqvC9DVwE+HGE1GNZ/uNJHklUA5+k0CPYpLFgDFw+uSTNQiEnpRIkqqQmvg6
BF6QOAQRfd5g6K9zX/gpd3HsaiMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR+UGG8
QZqBbaVWp68kj3l/3R1FlDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWYxODllZmYtMzRkZS00NjUyLWEwMjktZDY4MmM5MGQxZmM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
wDANBgkqhkiG9w0BAQsFAAOCAQEAQS5DqdnnbpCI+zDykJVO6eFZtUI8TjTHisvf
Hr+PEt68FDubsdiQsXrTMHXH3CufrJVBaP8c4OptMFOy6PRA66qOStBawF15DYai
W6OpHhkzSHk9yhD/OHJ9BVs5VKYBcN8Y/+5LuX2+BJ2qahsBB/QctOP4apOuw1EM
ONxpHx64IHeu3+8dx7OGP3Gfl1Fy3WMQwCQ4hmvwlICCJDRgSNZjuMRd+oF9pf5I
aNGCvHu2jzpOC1Vt+aXt+ron82cHAw20/Ht5UOyd6Rz9wdY5UKTAvFqBMDxcOODM
0Wj5dpTX2Et59jvEGGLtVYt+ZzC0Q7m9X2KTrfp20SUipPKTLg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:30 2025 by rpki-client