Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
File: b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa (raw, json)
Hash identifier: tmXXHuTzMZRKJFSiAcJU8HY4RdXGFuICmULZ1E8xh6Q=
Subject key identifier: E6:B2:C9:BB:06:53:9B:6E:4B:CF:AF:C4:67:4C:7C:E4:D9:B2:BC:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22EFE1E46323B1AD7A31F6C1D389C3E2CE0B2AC7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
Signing time: Fri 11 Jul 2025 20:41:25 +0000
ROA not before: Fri 11 Jul 2025 20:41:25 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:ef:e1:e4:63:23:b1:ad:7a:31:f6:c1:d3:89:c3:e2:ce:0b:2a:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:41:25 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=266cb9aae0c7be8f82600ab8a4e9068542340371208b4cf88026e8fb73fac8be, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f9:a8:7f:3c:76:73:67:e3:d1:ac:df:3f:30:
28:24:7b:f1:16:6a:c2:55:47:11:18:07:84:38:13:
d4:ae:38:cd:b8:19:fc:9b:50:f1:a1:b0:36:90:88:
55:b5:da:da:65:35:de:65:cf:37:9a:36:0f:ef:83:
cb:0b:43:c4:d9:7c:fe:c7:9b:1a:0c:2d:07:96:a9:
80:27:cb:f6:02:be:08:ee:51:9d:a1:25:b0:3a:4d:
75:3a:ad:2b:d8:8f:28:b3:1c:15:1b:c8:50:99:46:
64:64:31:6c:09:36:f8:92:3b:66:67:27:22:17:99:
58:96:17:0d:a5:b7:44:63:45:35:f8:65:43:8e:94:
67:76:5c:f1:91:70:a3:d0:3c:af:3c:77:a6:ff:77:
59:f8:6c:f4:e2:60:e5:a0:62:20:75:55:9c:83:17:
b6:52:b4:96:1d:47:92:b8:17:72:20:71:aa:e8:01:
3d:bd:a5:a8:4d:61:17:9e:2e:b6:63:ba:c1:02:aa:
cf:54:7a:cb:7e:ca:bc:12:80:ad:0c:be:48:24:b3:
3a:50:64:e1:a4:dc:a1:63:a9:78:ab:9e:d8:28:ec:
94:b5:a2:ee:78:07:dc:02:26:59:0b:8e:83:ac:a3:
2f:c2:73:dd:6c:bc:f3:80:62:ec:c8:82:b2:fb:b5:
70:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:B2:C9:BB:06:53:9B:6E:4B:CF:AF:C4:67:4C:7C:E4:D9:B2:BC:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:400::/38
Signature Algorithm: sha256WithRSAEncryption
50:a8:bf:4d:f5:b5:33:c6:35:f7:66:8e:cd:01:c9:20:4e:f4:
e5:73:67:7c:0d:9b:52:1a:39:4e:c1:32:09:3d:4b:53:3c:90:
17:7d:44:44:03:27:b6:99:82:ba:58:1d:c1:fc:53:2b:ff:fb:
35:94:a7:a2:d7:bd:5f:6e:75:4a:62:9b:ba:15:b6:c9:10:c3:
5a:d0:1a:c8:57:ec:f2:7b:ec:b8:47:52:49:92:cd:ca:80:fe:
d5:cd:c6:44:4e:d0:11:92:bd:87:00:f1:51:ce:32:2b:7e:41:
95:5c:34:95:41:ac:7d:92:36:0a:ca:da:8c:df:f9:f8:c5:50:
82:7c:20:15:f3:48:23:b2:76:e0:db:82:c3:29:49:3e:b9:44:
70:7f:55:8f:4d:70:0a:fe:1e:fe:c4:44:9f:83:fd:d7:a0:f9:
74:08:14:70:9a:50:fa:7e:cc:e1:11:3a:30:37:15:03:ea:6f:
f3:27:dc:74:d9:4b:97:dd:2f:b0:f2:f9:56:b7:f5:1a:2c:54:
2c:44:be:ba:5c:46:be:0f:4f:2e:cc:c8:47:3a:c6:84:0f:50:
a7:a8:99:14:18:5a:68:e8:6d:61:aa:33:bf:f1:11:da:fd:d8:
3c:d0:50:95:b6:9c:24:ce:58:4a:3e:1e:f0:14:72:14:d5:69:
fe:d2:21:b2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIu/h5GMjsa16MfbB04nD4s4LKscwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQxMjVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2NmNiOWFhZTBjN2JlOGY4MjYwMGFiOGE0ZTkwNjg1NDIzNDAzNzEyMDhi
NGNmODgwMjZlOGZiNzNmYWM4YmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANP5qH88dnNn49Gs3z8wKCR78RZqwlVHERgHhDgT1K44zbgZ/JtQ8aGwNpCI
VbXa2mU13mXPN5o2D++DywtDxNl8/sebGgwtB5apgCfL9gK+CO5RnaElsDpNdTqt
K9iPKLMcFRvIUJlGZGQxbAk2+JI7ZmcnIheZWJYXDaW3RGNFNfhlQ46UZ3Zc8ZFw
o9A8rzx3pv93Wfhs9OJg5aBiIHVVnIMXtlK0lh1HkrgXciBxqugBPb2lqE1hF54u
tmO6wQKqz1R6y37KvBKArQy+SCSzOlBk4aTcoWOpeKue2CjslLWi7ngH3AImWQuO
g6yjL8Jz3Wy884Bi7MiCsvu1cGkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTmssm7
BlObbkvPr8RnTHzk2bK8iDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjcyYTk1NDAtNTFlZi00ZGNjLWE1ZTItMjQxNzI0OWExYWYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIE
MA0GCSqGSIb3DQEBCwUAA4IBAQBQqL9N9bUzxjX3Zo7NAckgTvTlc2d8DZtSGjlO
wTIJPUtTPJAXfUREAye2mYK6WB3B/FMr//s1lKei171fbnVKYpu6FbbJEMNa0BrI
V+zye+y4R1JJks3KgP7VzcZETtARkr2HAPFRzjIrfkGVXDSVQax9kjYKytqM3/n4
xVCCfCAV80gjsnbg24LDKUk+uURwf1WPTXAK/h7+xESfg/3XoPl0CBRwmlD6fszh
ETowNxUD6m/zJ9x02UuX3S+w8vlWt/UaLFQsRL66XEa+D08uzMhHOsaED1CnqJkU
GFpo6G1hqjO/8RHa/dg80FCVtpwkzlhKPh7wFHIU1Wn+0iGy
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:13 2025 by rpki-client