Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af44b98c-fcdc-4a0d-b9ac-dbcbc7685c49.roa
File: af44b98c-fcdc-4a0d-b9ac-dbcbc7685c49.roa (raw, json)
Hash identifier: ZcdLMOG1aLNEkXfWA9xse87TRBycoCTdb/Z4Y9TaFk0=
Subject key identifier: 05:C7:92:E1:B3:95:D6:A5:18:AE:20:1F:46:BB:3B:03:16:60:01:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 142B92CCDE0DA9CB682C0B20F47782F73EF5DC98
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af44b98c-fcdc-4a0d-b9ac-dbcbc7685c49.roa
Signing time: Fri 11 Jul 2025 19:30:14 +0000
ROA not before: Fri 11 Jul 2025 19:30:14 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:c0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:2b:92:cc:de:0d:a9:cb:68:2c:0b:20:f4:77:82:f7:3e:f5:dc:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:30:14 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=8a178e76dbfcca21b77000e11eaeaf25d1692ceb231aa99366507eccf40e8801, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b0:a7:97:fb:f6:13:f7:bd:3e:96:d9:b5:0b:
63:f6:38:18:7b:46:db:a5:07:36:be:cc:4f:b4:ab:
89:cc:d8:83:8b:aa:a6:96:5e:4b:fb:be:bd:d2:0b:
cf:19:09:73:14:f7:c6:00:39:e6:d1:87:84:1d:0a:
34:26:d9:fe:8a:da:db:7a:5d:e5:c4:70:0f:0b:95:
a0:8a:53:29:3e:31:39:90:7c:7f:d7:23:ad:d6:3a:
87:ad:63:ef:52:08:2f:19:0e:23:04:74:b1:6c:ce:
44:1a:b9:f0:cf:6a:77:49:12:d1:2c:84:48:33:b2:
10:7b:37:ea:ef:66:5e:fc:25:1b:3f:fe:80:8e:fe:
cf:ad:62:45:4f:6e:22:16:83:81:8b:ca:e5:e6:e6:
16:24:89:b7:9f:0d:15:4d:bb:ea:58:5f:c0:a1:13:
fb:e0:7a:5d:ba:a4:33:eb:79:cc:68:8e:b5:29:01:
50:e9:23:53:fd:f5:3f:ae:51:f7:83:13:9f:d1:b2:
13:ce:00:a8:a8:53:af:3d:2d:ed:0f:65:42:12:2e:
f8:a9:c3:c2:d9:be:cc:2f:68:69:a8:60:d6:bd:8a:
a5:35:8f:e7:9c:fd:49:01:08:f6:fb:89:a7:a9:22:
e7:6d:0c:e6:52:7a:1f:5a:bc:c6:b8:0c:e8:93:76:
19:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:C7:92:E1:B3:95:D6:A5:18:AE:20:1F:46:BB:3B:03:16:60:01:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/af44b98c-fcdc-4a0d-b9ac-dbcbc7685c49.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:c0c0::/46
Signature Algorithm: sha256WithRSAEncryption
38:da:a5:59:25:41:19:3c:04:99:4a:85:61:2e:c8:a0:03:d6:
54:5a:dd:d2:09:47:a4:b2:e8:fd:fc:7c:55:aa:df:aa:e0:08:
94:b2:fa:cc:db:2b:5a:8d:e1:19:0f:02:1a:36:5b:46:96:63:
87:66:8a:f6:99:69:d6:83:6f:ab:c3:a5:46:97:8e:75:3e:8c:
b7:55:39:24:fe:37:1e:37:ba:0c:0b:ff:99:0d:73:91:96:40:
de:eb:ad:9e:eb:53:cd:c9:81:29:cf:1e:35:3c:b0:ff:5b:30:
23:9a:ad:37:aa:88:91:9e:63:b5:f6:61:1b:59:00:b7:ba:be:
1f:3f:91:36:1a:92:fb:6f:78:52:52:13:e6:4b:63:a1:03:01:
26:54:36:cd:16:df:ea:d9:81:0d:1d:c7:ca:7b:bb:08:29:39:
4d:dc:8d:7b:0d:98:b5:b4:71:f5:1d:ec:de:b3:15:98:78:be:
50:67:09:88:82:e3:c1:c8:61:ce:85:cf:2f:ce:c7:0d:84:a9:
69:6b:cd:d3:f3:0e:5b:70:ec:fa:b0:ba:26:b9:d7:b0:2f:ea:
00:84:f4:be:1b:87:a3:13:79:6a:f8:80:98:dd:e7:d9:28:fe:
8d:5e:7c:9e:8d:4f:fe:59:c0:b9:ea:b2:36:09:66:83:0d:c6:
98:44:1c:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFCuSzN4NqctoLAsg9HeC9z713JgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMwMTRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhMTc4ZTc2ZGJmY2NhMjFiNzcwMDBlMTFlYWVhZjI1ZDE2OTJjZWIyMzFh
YTk5MzY2NTA3ZWNjZjQwZTg4MDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKqwp5f79hP3vT6W2bULY/Y4GHtG26UHNr7MT7SriczYg4uqppZeS/u+vdIL
zxkJcxT3xgA55tGHhB0KNCbZ/ora23pd5cRwDwuVoIpTKT4xOZB8f9cjrdY6h61j
71IILxkOIwR0sWzORBq58M9qd0kS0SyESDOyEHs36u9mXvwlGz/+gI7+z61iRU9u
IhaDgYvK5ebmFiSJt58NFU276lhfwKET++B6XbqkM+t5zGiOtSkBUOkjU/31P65R
94MTn9GyE84AqKhTrz0t7Q9lQhIu+KnDwtm+zC9oaahg1r2KpTWP55z9SQEI9vuJ
p6ki520M5lJ6H1q8xrgM6JN2GQUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQFx5Lh
s5XWpRiuIB9GuzsDFmABFDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWY0NGI5OGMtZmNkYy00YTBkLWI5YWMtZGJjYmM3Njg1YzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DXA
wDANBgkqhkiG9w0BAQsFAAOCAQEAONqlWSVBGTwEmUqFYS7IoAPWVFrd0glHpLLo
/fx8VarfquAIlLL6zNsrWo3hGQ8CGjZbRpZjh2aK9plp1oNvq8OlRpeOdT6Mt1U5
JP43Hje6DAv/mQ1zkZZA3uutnutTzcmBKc8eNTyw/1swI5qtN6qIkZ5jtfZhG1kA
t7q+Hz+RNhqS+294UlIT5ktjoQMBJlQ2zRbf6tmBDR3Hynu7CCk5TdyNew2YtbRx
9R3s3rMVmHi+UGcJiILjwchhzoXPL87HDYSpaWvN0/MOW3Ds+rC6JrnXsC/qAIT0
vhuHoxN5aviAmN3n2Sj+jV58no1P/lnAueqyNglmgw3GmEQcjw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:32:55 2025 by rpki-client