Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
File: b4bc5ce4-db80-4527-b720-60a744036322.roa (raw, json)
Hash identifier: B1gqPR7QDWso1rpGAAliAivHF2tOySyBIO5xT74g3bE=
Subject key identifier: 35:23:91:0D:33:77:BC:FE:29:5C:C7:E9:0E:57:BD:BD:9E:15:E7:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4031ADB0B0CF2B4EFE0653A3A407FB5816675CBB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
Signing time: Fri 11 Jul 2025 20:11:38 +0000
ROA not before: Fri 11 Jul 2025 20:11:38 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:31:ad:b0:b0:cf:2b:4e:fe:06:53:a3:a4:07:fb:58:16:67:5c:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:11:38 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=c328c0277492f2a6016cfc591e6a67c0aff017612d2c4f0428edeb5dd3ce5ea4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e8:cb:33:4f:4f:9d:57:35:8a:76:90:59:7b:
39:82:e3:98:42:a6:2e:98:0d:7b:1d:19:98:73:cb:
15:c1:db:40:c7:c4:a0:6f:40:0f:c3:67:86:d3:1b:
14:12:f6:67:ee:06:78:bd:74:ca:34:1d:57:88:85:
26:b5:97:6a:65:90:d6:2a:76:03:82:65:a5:cd:d1:
20:95:2f:3d:5e:fd:29:e1:4c:14:fc:d4:a7:9f:27:
3d:d0:f0:c6:bb:96:32:a2:76:1b:75:7a:00:3b:09:
9b:7b:bd:74:e8:39:42:0c:d3:8a:e5:f3:bc:52:96:
e2:bf:64:09:ba:6f:48:51:42:07:48:cc:42:f1:5d:
8b:1b:a4:96:72:ed:35:bb:42:d3:45:49:ac:cf:a4:
86:8f:bb:f7:5c:05:dd:49:46:dc:61:f9:20:f8:d8:
4d:40:13:b0:6c:eb:fa:ba:76:1b:03:43:14:fa:64:
f0:f0:56:6f:ca:8a:ee:ff:b5:89:6f:b2:6d:97:d5:
25:51:ca:0e:5c:72:a2:da:da:20:2a:3b:c9:85:f1:
2a:ca:4c:46:f2:5d:47:e2:31:7f:dc:66:e0:30:f6:
ca:b0:03:4e:cd:6a:2e:c7:c4:4d:dd:bc:c0:11:53:
6e:4e:17:e3:b6:c3:29:78:1c:65:5c:d4:78:15:bb:
01:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:23:91:0D:33:77:BC:FE:29:5C:C7:E9:0E:57:BD:BD:9E:15:E7:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:b000::/40
Signature Algorithm: sha256WithRSAEncryption
7a:cc:cc:a0:b2:61:65:10:b1:99:81:73:48:7f:31:8c:68:0e:
9d:a8:41:61:99:0a:7c:b2:10:10:ab:be:dd:f9:20:2f:19:e5:
dc:ce:31:1a:aa:df:fa:5b:83:77:a8:ff:9a:a6:6a:b4:fa:ec:
cb:26:36:6a:45:3a:d0:cc:6f:ce:d7:01:62:44:eb:2e:63:bf:
c8:e0:a6:b5:e1:33:4c:08:41:c1:f8:ca:84:cc:3c:f8:fe:89:
c8:cf:7a:3d:37:c0:da:27:11:8f:07:b4:dc:2b:46:43:95:22:
ac:a0:18:76:b8:b0:3c:cb:82:5f:a6:bb:ae:d5:d5:c2:eb:2d:
16:a7:d3:26:36:7a:b1:2d:74:d2:dd:3c:5f:80:08:bd:7d:06:
8b:b0:a1:d6:2e:9e:83:5d:76:53:24:fa:84:75:49:bf:18:75:
ae:e0:44:df:38:c1:07:f9:d0:da:6f:57:7c:ea:d4:65:e8:ef:
25:e9:ea:76:64:2e:81:3f:8f:b1:01:c3:18:72:f9:bb:95:79:
0b:53:0b:57:50:f7:31:9e:11:a5:55:86:6c:88:db:0b:d3:17:
53:b6:84:17:bf:10:ee:e4:c2:77:5d:00:d7:d3:c1:64:b4:bc:
30:b3:bd:9c:75:e3:3a:be:a6:b5:81:05:80:6a:90:29:6f:d4:
68:4f:3a:97
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQDGtsLDPK07+BlOjpAf7WBZnXLswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDExMzhaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzMjhjMDI3NzQ5MmYyYTYwMTZjZmM1OTFlNmE2N2MwYWZmMDE3NjEyZDJj
NGYwNDI4ZWRlYjVkZDNjZTVlYTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKToyzNPT51XNYp2kFl7OYLjmEKmLpgNex0ZmHPLFcHbQMfEoG9AD8NnhtMb
FBL2Z+4GeL10yjQdV4iFJrWXamWQ1ip2A4Jlpc3RIJUvPV79KeFMFPzUp58nPdDw
xruWMqJ2G3V6ADsJm3u9dOg5QgzTiuXzvFKW4r9kCbpvSFFCB0jMQvFdixuklnLt
NbtC00VJrM+kho+791wF3UlG3GH5IPjYTUATsGzr+rp2GwNDFPpk8PBWb8qK7v+1
iW+ybZfVJVHKDlxyotraICo7yYXxKspMRvJdR+Ixf9xm4DD2yrADTs1qLsfETd28
wBFTbk4X47bDKXgcZVzUeBW7AR0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ1I5EN
M3e8/ilcx+kOV729nhXnpzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjRiYzVjZTQtZGI4MC00NTI3LWI3MjAtNjBhNzQ0MDM2MzIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6w
MA0GCSqGSIb3DQEBCwUAA4IBAQB6zMygsmFlELGZgXNIfzGMaA6dqEFhmQp8shAQ
q77d+SAvGeXczjEaqt/6W4N3qP+apmq0+uzLJjZqRTrQzG/O1wFiROsuY7/I4Ka1
4TNMCEHB+MqEzDz4/onIz3o9N8DaJxGPB7TcK0ZDlSKsoBh2uLA8y4Jfpruu1dXC
6y0Wp9MmNnqxLXTS3TxfgAi9fQaLsKHWLp6DXXZTJPqEdUm/GHWu4ETfOMEH+dDa
b1d86tRl6O8l6ep2ZC6BP4+xAcMYcvm7lXkLUwtXUPcxnhGlVYZsiNsL0xdTtoQX
vxDu5MJ3XQDX08FktLwws72cdeM6vqa1gQWAapApb9RoTzqX
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:47 2025 by rpki-client