Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
File: b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa (raw, json)
Hash identifier: 4/1JqvQF8xRwH9V4fY4PQjCZZ8Z9tjaquQea90zIon0=
Subject key identifier: AD:BB:4F:81:50:49:F2:21:42:8A:51:E6:68:50:40:78:26:A7:2E:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0DD967794960E2E42780E655E1AE671B270595BE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
Signing time: Fri 11 Jul 2025 19:30:49 +0000
ROA not before: Fri 11 Jul 2025 19:30:49 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:d9:67:79:49:60:e2:e4:27:80:e6:55:e1:ae:67:1b:27:05:95:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:30:49 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a63f12fd0c6cc3e4f0efd51ef5c5c7a7a2a30a5b268f509ece32e48f5e80c4ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f3:e5:6a:ea:f2:a2:79:05:87:8c:f5:7c:b5:
69:73:85:de:d1:86:0f:52:58:10:4c:21:b5:b5:9f:
6a:54:4b:97:a6:91:7d:91:48:44:c9:4f:40:8c:66:
bc:f1:fb:95:6e:8d:09:c3:d9:3b:71:50:2e:41:e0:
65:dd:90:21:d1:01:f5:88:b5:9f:5a:3c:d4:64:ee:
48:cd:11:b6:9e:a3:b1:4b:8a:72:0c:7a:28:f5:79:
ec:24:ac:5c:65:7b:a7:c7:72:57:9d:95:33:91:28:
de:0d:04:b1:c3:0c:76:64:db:3f:c9:db:fb:2f:41:
cb:e2:11:b9:72:0c:7e:9d:96:0c:6c:f6:8b:43:1f:
32:34:65:5c:50:46:85:8f:92:0b:e1:1d:75:3c:da:
15:f7:4b:39:75:e1:3a:5b:80:b7:6d:6e:5c:5e:62:
10:b5:7f:0f:54:3b:0a:1a:18:50:df:cb:45:4b:45:
18:85:16:54:22:24:54:66:2c:ed:28:1f:26:81:33:
f5:14:17:f2:0b:9a:a2:fb:31:54:c0:01:6f:55:eb:
1a:9f:0b:f4:a7:7b:db:0f:5e:76:71:37:8a:cb:96:
4b:e4:48:e3:07:c9:d3:d6:82:5f:0e:31:20:2c:ba:
bb:6b:13:81:02:75:75:bf:f1:29:e5:15:7b:7d:61:
14:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:BB:4F:81:50:49:F2:21:42:8A:51:E6:68:50:40:78:26:A7:2E:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
76:4b:39:55:e5:9a:04:51:db:03:91:fa:74:ae:1e:27:f5:96:
95:17:3c:71:8e:d6:cf:5b:0e:50:c4:be:49:3c:14:60:b7:66:
c2:3d:3b:ac:dd:8b:50:14:77:d5:c0:9d:02:e9:f4:ed:af:62:
b3:47:bc:9d:69:e4:34:2b:56:cb:3c:16:20:e6:da:22:26:b7:
bd:b3:ef:04:ea:6f:88:7c:48:85:b0:3c:04:6e:ff:cb:6d:91:
de:08:b1:ee:91:b3:ef:79:3b:f5:ec:ab:5c:93:5f:9b:2d:e0:
b0:8b:1e:50:31:32:24:50:52:f9:e2:97:33:e7:70:12:26:3d:
39:04:86:4f:84:33:85:12:a7:8c:ce:f4:2c:48:c9:88:78:6a:
3b:6b:bc:25:44:00:f1:9f:87:fa:e8:6a:65:e0:a6:c7:06:1e:
a7:0c:0e:59:b8:70:5e:1c:6b:5b:a8:90:ec:c2:08:d7:59:f0:
35:98:87:dc:e6:19:86:0e:8c:f8:34:8f:e9:f8:81:76:d7:b6:
61:49:df:0c:2d:7e:e4:12:30:02:f4:1a:d8:ab:ab:09:c9:03:
8c:6d:61:65:b9:fe:76:cc:4a:5b:fb:1b:91:c1:67:60:25:30:
2c:9f:7b:66:f5:d3:82:b0:1b:f6:f6:71:6a:aa:df:c8:77:8b:
2b:e6:ce:bb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDdlneUlg4uQngOZV4a5nGycFlb4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMwNDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2M2YxMmZkMGM2Y2MzZTRmMGVmZDUxZWY1YzVjN2E3YTJhMzBhNWIyNjhm
NTA5ZWNlMzJlNDhmNWU4MGM0ZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMnz5Wrq8qJ5BYeM9Xy1aXOF3tGGD1JYEEwhtbWfalRLl6aRfZFIRMlPQIxm
vPH7lW6NCcPZO3FQLkHgZd2QIdEB9Yi1n1o81GTuSM0Rtp6jsUuKcgx6KPV57CSs
XGV7p8dyV52VM5Eo3g0EscMMdmTbP8nb+y9By+IRuXIMfp2WDGz2i0MfMjRlXFBG
hY+SC+EddTzaFfdLOXXhOluAt21uXF5iELV/D1Q7ChoYUN/LRUtFGIUWVCIkVGYs
7SgfJoEz9RQX8guaovsxVMABb1XrGp8L9Kd72w9ednE3isuWS+RI4wfJ09aCXw4x
ICy6u2sTgQJ1db/xKeUVe31hFOUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBStu0+B
UEnyIUKKUeZoUEB4JqcurDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjYxZjg1OGEtMzFiMS00ODVhLThjZWQtMGMzMjhjZTljNGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9A
MA0GCSqGSIb3DQEBCwUAA4IBAQB2SzlV5ZoEUdsDkfp0rh4n9ZaVFzxxjtbPWw5Q
xL5JPBRgt2bCPTus3YtQFHfVwJ0C6fTtr2KzR7ydaeQ0K1bLPBYg5toiJre9s+8E
6m+IfEiFsDwEbv/LbZHeCLHukbPveTv17Ktck1+bLeCwix5QMTIkUFL54pcz53AS
Jj05BIZPhDOFEqeMzvQsSMmIeGo7a7wlRADxn4f66Gpl4KbHBh6nDA5ZuHBeHGtb
qJDswgjXWfA1mIfc5hmGDoz4NI/p+IF217ZhSd8MLX7kEjAC9BrYq6sJyQOMbWFl
uf52zEpb+xuRwWdgJTAsn3tm9dOCsBv29nFqqt/Id4sr5s67
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:18 2025 by rpki-client