Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
File: b01a5a70-e8bc-4c88-8f86-597d891eae77.roa (raw, json)
Hash identifier: ol/yektZnl3FiBRejEmsE6ENdvETkh6vrU5tDSGs5fA=
Subject key identifier: 26:FF:56:33:BE:2A:33:D2:5B:CB:6B:B2:8D:77:0D:FB:CD:69:7D:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 26DD623BFCC7339E60D850395CC41C767E18BD79
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
Signing time: Fri 11 Jul 2025 19:20:11 +0000
ROA not before: Fri 11 Jul 2025 19:20:11 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:dd:62:3b:fc:c7:33:9e:60:d8:50:39:5c:c4:1c:76:7e:18:bd:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:20:11 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=ffa864a9be67260a6294d5ec6980a57efd075376fd9f29fe9aba59a7250b751e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0f:be:6e:f3:ff:b8:6b:0d:94:68:fc:2c:78:
05:f0:ce:e3:8c:71:64:47:5c:e4:04:c3:28:03:47:
21:28:4c:33:3b:57:09:cb:cb:1c:38:b3:6e:e4:54:
cd:a0:d6:36:8c:27:bf:5c:28:71:16:8b:c9:de:1a:
eb:28:87:f3:4a:c6:63:2e:5e:fa:2d:46:68:9a:81:
23:a2:25:e9:97:a7:70:c6:58:ac:9e:da:f0:87:be:
36:0f:e2:e4:a1:a6:91:be:28:a7:3a:d1:00:59:d7:
aa:3a:b7:50:71:3d:75:6e:a4:f8:4b:e3:da:87:af:
07:c2:bc:22:69:6e:52:89:68:1b:ac:9e:02:64:84:
49:83:15:b7:6d:9a:10:e0:93:1d:4c:2e:5d:a1:1b:
1c:e5:d9:f4:87:6b:00:c4:02:40:fd:1a:5e:43:28:
e2:6b:57:02:85:fe:0e:9e:18:9a:d6:4b:f3:29:c7:
ea:e0:b8:76:95:f2:4b:59:b1:cf:e4:83:a8:df:da:
52:cf:42:44:fe:c1:56:14:88:59:0d:af:83:0e:2e:
ab:d1:1d:14:6c:2e:c0:12:bc:2e:48:2e:b8:2a:e4:
08:1c:92:b8:ee:ed:74:ca:08:c1:ad:c8:f9:07:99:
75:65:fe:6e:cb:2b:54:4e:81:df:d3:e0:bf:5f:e1:
e4:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:FF:56:33:BE:2A:33:D2:5B:CB:6B:B2:8D:77:0D:FB:CD:69:7D:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2080::/48
Signature Algorithm: sha256WithRSAEncryption
c3:63:1a:68:d6:1d:f9:c1:55:9a:c3:42:f1:19:61:0d:98:77:
93:c4:fc:33:dd:a4:de:98:c2:7d:ad:d3:f3:4d:11:1b:b5:44:
51:44:06:d7:bc:51:54:81:63:82:9e:81:f3:35:fa:e6:be:d1:
5f:10:59:ed:ca:59:61:bb:c2:eb:70:ea:96:10:72:11:0f:8f:
84:5f:2f:65:26:4b:00:55:c1:c4:45:b3:4b:01:80:3d:05:c4:
f2:fc:cf:cd:f7:2f:63:3d:c5:8f:4a:93:59:48:96:2c:15:7a:
d8:48:56:ef:78:13:56:6f:ed:85:b2:bf:46:b2:e5:80:f0:4f:
2a:91:fa:c6:7b:08:ca:f8:71:aa:2d:43:e7:5d:c5:46:b7:10:
c0:01:5c:9d:54:00:8f:75:fc:4a:58:fe:2f:fd:4f:1b:3b:05:
d1:53:66:f9:c6:1e:69:18:81:56:ab:57:b1:54:d1:43:f4:d3:
ea:78:8c:c2:52:af:66:ee:ec:6d:75:4c:23:7b:30:85:35:50:
77:a5:ce:97:12:16:74:77:9f:a1:a6:7f:4a:b1:91:ed:c1:9c:
6c:0f:08:2f:d8:50:c3:4c:e0:02:5f:0a:15:23:c6:cb:6d:d0:
69:87:57:7e:4d:d6:26:22:70:85:23:2c:5c:8f:f0:2b:af:2f:
71:fb:bf:53
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJt1iO/zHM55g2FA5XMQcdn4YvXkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIwMTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmYTg2NGE5YmU2NzI2MGE2Mjk0ZDVlYzY5ODBhNTdlZmQwNzUzNzZmZDlm
MjlmZTlhYmE1OWE3MjUwYjc1MWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMPvm7z/7hrDZRo/Cx4BfDO44xxZEdc5ATDKANHIShMMztXCcvLHDizbuRU
zaDWNownv1wocRaLyd4a6yiH80rGYy5e+i1GaJqBI6Il6ZencMZYrJ7a8Ie+Ng/i
5KGmkb4opzrRAFnXqjq3UHE9dW6k+Evj2oevB8K8ImluUoloG6yeAmSESYMVt22a
EOCTHUwuXaEbHOXZ9IdrAMQCQP0aXkMo4mtXAoX+Dp4YmtZL8ynH6uC4dpXyS1mx
z+SDqN/aUs9CRP7BVhSIWQ2vgw4uq9EdFGwuwBK8LkguuCrkCBySuO7tdMoIwa3I
+QeZdWX+bssrVE6B39Pgv1/h5MMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQm/1Yz
vioz0lvLa7KNdw37zWl9mzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjAxYTVhNzAtZThiYy00Yzg4LThmODYtNTk3ZDg5MWVhZTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
gDANBgkqhkiG9w0BAQsFAAOCAQEAw2MaaNYd+cFVmsNC8RlhDZh3k8T8M92k3pjC
fa3T800RG7VEUUQG17xRVIFjgp6B8zX65r7RXxBZ7cpZYbvC63DqlhByEQ+PhF8v
ZSZLAFXBxEWzSwGAPQXE8vzPzfcvYz3Fj0qTWUiWLBV62EhW73gTVm/thbK/RrLl
gPBPKpH6xnsIyvhxqi1D513FRrcQwAFcnVQAj3X8Slj+L/1PGzsF0VNm+cYeaRiB
VqtXsVTRQ/TT6niMwlKvZu7sbXVMI3swhTVQd6XOlxIWdHefoaZ/SrGR7cGcbA8I
L9hQw0zgAl8KFSPGy23QaYdXfk3WJiJwhSMsXI/wK68vcfu/Uw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:44:00 2025 by rpki-client