Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5baa4ff-ac5d-476f-a428-fb66fb294867.roa
File: b5baa4ff-ac5d-476f-a428-fb66fb294867.roa (raw, json)
Hash identifier: xguZ+DxWVbp2IDYh82vnHwyHN85W/4kD5GxTADShf+E=
Subject key identifier: 4E:58:E0:2D:AD:39:CD:12:24:25:5E:7E:32:1D:6E:07:82:D3:9E:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1EEB6E5B9D6F0423DF1D6881A6253127E3AFB8D5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5baa4ff-ac5d-476f-a428-fb66fb294867.roa
Signing time: Mon 21 Jul 2025 16:51:06 +0000
ROA not before: Mon 21 Jul 2025 16:51:06 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:eb:6e:5b:9d:6f:04:23:df:1d:68:81:a6:25:31:27:e3:af:b8:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:51:06 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=90c4e31b940e6acefd3773e49558572e168eefd8cc257ccce5310ea29620caaa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:01:e3:ca:09:64:3a:d2:74:d5:01:dd:7d:39:
f9:49:29:41:f3:29:5f:dc:8c:69:7e:0c:7e:bb:a2:
25:2e:31:1c:a0:31:6a:6f:26:38:dc:31:8a:7e:b6:
29:b6:d3:56:93:52:0f:f8:96:92:a6:5d:1c:50:1d:
4d:5d:06:26:5d:7a:3b:bd:70:1f:90:35:8d:7b:c3:
48:98:5f:e3:3c:75:e2:70:46:90:90:da:61:1c:37:
6f:68:1e:c0:d3:42:4a:37:93:a7:65:34:52:af:8e:
ac:af:b6:3e:b5:2d:4b:a8:e2:21:25:da:0b:4d:b0:
88:e1:37:7f:d8:b2:e7:76:3a:1b:de:26:6e:49:46:
51:f3:81:57:2a:84:ae:15:4c:bc:d9:02:b1:bf:57:
4b:e2:8a:f9:7f:9c:75:f2:38:8d:62:78:bb:59:7f:
e7:70:60:67:92:5f:27:51:94:fa:fb:27:f2:c7:d2:
bc:07:f8:e6:9d:88:0c:26:d1:95:8f:54:3f:80:77:
b0:7f:89:cc:46:84:e6:5c:7d:1e:67:14:d3:97:64:
36:7d:50:60:c4:6e:9c:c3:cf:9c:62:21:89:22:da:
4b:b3:9d:95:4c:0c:d2:04:dc:bc:5b:84:7e:71:65:
d4:66:33:49:c0:70:99:15:13:58:38:c7:67:25:85:
43:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:58:E0:2D:AD:39:CD:12:24:25:5E:7E:32:1D:6E:07:82:D3:9E:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5baa4ff-ac5d-476f-a428-fb66fb294867.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:4000::/40
Signature Algorithm: sha256WithRSAEncryption
72:70:e8:b9:92:ee:c0:49:3f:d7:3c:28:6b:01:6f:03:5d:33:
a0:f1:db:71:53:66:73:5a:9e:a9:76:77:99:eb:b7:a4:40:49:
ad:12:77:2c:61:1e:d0:43:8a:df:d8:7b:91:ac:49:26:9b:e9:
e5:d2:f2:ad:a8:25:22:fa:9c:b7:04:7c:22:b6:cc:cd:ed:8e:
71:01:f9:6f:9a:ee:b8:1a:f7:ab:a1:0b:3c:54:35:c6:e0:4b:
f0:ee:19:9f:5e:cc:ff:bb:7f:20:72:b3:1d:cb:bb:9f:02:86:
0b:41:07:47:8c:de:cf:7f:ce:ed:1c:90:02:6c:7d:41:f6:f7:
aa:e9:51:ef:5a:45:c3:db:62:c1:cb:56:5c:21:d2:a5:95:11:
c6:fc:48:c6:31:43:1a:9a:5c:45:d3:cc:2c:56:9f:de:11:dc:
d8:42:f8:bc:48:7b:4d:7d:0c:53:60:7c:26:49:50:41:f6:69:
66:43:6b:9f:59:18:1f:77:ed:01:c0:37:e7:ed:47:4a:25:75:
f6:ac:90:15:82:8c:7c:1f:de:7e:fe:15:1e:a5:21:da:b9:5d:
fe:a7:a9:2a:06:d5:09:b4:76:39:5f:a7:92:48:6e:cd:21:da:
d2:90:0d:d7:10:86:43:c9:61:cb:4b:32:6a:3f:42:72:01:aa:
7f:5e:90:e2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHutuW51vBCPfHWiBpiUxJ+OvuNUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjUxMDZaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwYzRlMzFiOTQwZTZhY2VmZDM3NzNlNDk1NTg1NzJlMTY4ZWVmZDhjYzI1
N2NjY2U1MzEwZWEyOTYyMGNhYWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsB48oJZDrSdNUB3X05+UkpQfMpX9yMaX4MfruiJS4xHKAxam8mONwxin62
KbbTVpNSD/iWkqZdHFAdTV0GJl16O71wH5A1jXvDSJhf4zx14nBGkJDaYRw3b2ge
wNNCSjeTp2U0Uq+OrK+2PrUtS6jiISXaC02wiOE3f9iy53Y6G94mbklGUfOBVyqE
rhVMvNkCsb9XS+KK+X+cdfI4jWJ4u1l/53BgZ5JfJ1GU+vsn8sfSvAf45p2IDCbR
lY9UP4B3sH+JzEaE5lx9HmcU05dkNn1QYMRunMPPnGIhiSLaS7OdlUwM0gTcvFuE
fnFl1GYzScBwmRUTWDjHZyWFQ2UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBROWOAt
rTnNEiQlXn4yHW4HgtOeBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjViYWE0ZmYtYWM1ZC00NzZmLWE0MjgtZmI2NmZiMjk0ODY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HdA
MA0GCSqGSIb3DQEBCwUAA4IBAQBycOi5ku7AST/XPChrAW8DXTOg8dtxU2ZzWp6p
dneZ67ekQEmtEncsYR7QQ4rf2HuRrEkmm+nl0vKtqCUi+py3BHwitszN7Y5xAflv
mu64GveroQs8VDXG4Evw7hmfXsz/u38gcrMdy7ufAoYLQQdHjN7Pf87tHJACbH1B
9veq6VHvWkXD22LBy1ZcIdKllRHG/EjGMUMamlxF08wsVp/eEdzYQvi8SHtNfQxT
YHwmSVBB9mlmQ2ufWRgfd+0BwDfn7UdKJXX2rJAVgox8H95+/hUepSHauV3+p6kq
BtUJtHY5X6eSSG7NIdrSkA3XEIZDyWHLSzJqP0JyAap/XpDi
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:07 2025 by rpki-client