Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
File: b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa (raw, json)
Hash identifier: ALwLz8nHjAyaBvp7ZvH4hC8RV0fov0jfno4pYO4VSaU=
Subject key identifier: 2B:45:CD:3F:DD:04:42:3E:4E:B4:64:11:9F:48:09:91:10:13:62:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1702467550C898F68A5CB3592CA030EBD5C29822
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
Signing time: Fri 11 Jul 2025 20:31:08 +0000
ROA not before: Fri 11 Jul 2025 20:31:08 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:02:46:75:50:c8:98:f6:8a:5c:b3:59:2c:a0:30:eb:d5:c2:98:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:31:08 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=ff37ccaa18140d010a62719080aa304a15ee178fe8dbf2083ab40dd2885de960, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:9d:80:ce:17:74:38:d6:fa:0f:3f:15:af:29:
63:f2:3c:9c:4a:b2:b4:94:98:6c:9a:69:2a:50:10:
d8:fb:a1:ec:61:e7:5a:f5:90:3e:cc:57:ea:b4:8b:
ab:bd:d5:60:2a:bc:fa:17:f8:47:3e:a1:e9:93:19:
00:34:15:fe:bf:1e:a3:60:0a:08:d6:a9:ae:7d:5b:
63:39:09:13:35:28:68:67:3a:8b:88:b1:82:24:28:
0c:ac:37:d9:10:ed:b4:89:cb:6a:76:c5:77:78:b4:
2f:25:85:7e:ff:f9:e7:ab:8b:c0:a3:f3:35:10:94:
4e:9d:dc:e0:ce:60:50:09:1a:d5:03:92:ce:2c:cd:
ee:ba:f3:07:eb:a2:88:bd:1b:e0:ea:5c:ab:94:af:
9b:ec:24:80:5f:03:b7:35:0f:cb:27:2e:6b:63:c5:
d1:86:0b:29:0e:06:5e:46:f6:d8:ef:03:b1:43:bb:
b0:51:6a:0b:88:3a:86:88:b0:71:14:bc:ad:20:42:
5b:d7:b9:69:19:0c:85:9d:94:4e:15:78:6e:4a:1a:
4a:a8:1d:a0:e1:e5:fe:dd:9e:a9:94:ab:37:3f:06:
f3:6c:7b:17:a2:a5:c2:4f:07:83:66:1a:f6:a6:1a:
7c:4e:7a:5f:85:aa:6c:2c:5c:e1:01:30:63:86:0b:
95:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:45:CD:3F:DD:04:42:3E:4E:B4:64:11:9F:48:09:91:10:13:62:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:800::/38
Signature Algorithm: sha256WithRSAEncryption
5e:8f:af:c0:87:82:e4:9b:2f:2b:62:bb:08:0a:5b:d6:6c:31:
c3:fe:10:b0:16:e4:52:2a:e1:e6:80:10:f4:6c:fc:9c:9f:be:
ed:f4:ea:02:1e:6c:a7:94:fd:45:04:27:3e:39:36:1c:80:3f:
96:79:7f:72:f1:5f:bd:a1:d7:2a:82:6f:1c:98:a9:3f:7f:52:
f1:b8:67:e1:8d:67:9d:4b:47:1c:cd:b0:6c:7f:d6:0f:b3:ca:
13:c9:d3:3c:af:f0:dd:f4:df:f4:a3:43:a8:d2:38:43:1f:77:
89:c3:b2:72:d5:99:a1:a6:b0:5b:35:33:24:c4:77:63:8c:94:
aa:0f:9f:41:9a:f6:13:1c:a9:ee:4b:e3:46:11:95:e2:b4:78:
f9:06:47:a7:a2:8c:5e:60:9e:55:32:5f:2e:3e:d1:ee:44:3e:
95:9f:60:3f:48:b1:eb:e8:8e:cd:6e:12:d4:3e:46:e3:2b:34:
5a:0f:f9:5c:7c:84:72:ed:66:a2:09:f9:4e:93:9c:f8:df:a9:
e4:26:9b:cd:a3:d6:70:3b:f0:60:e5:79:8f:2e:70:b2:d4:a3:
e2:b1:34:c0:e6:66:ae:08:fa:6c:ab:93:c7:af:07:89:79:8e:
80:88:33:f5:37:b9:60:50:ee:69:78:cc:81:26:94:2e:d9:6f:
0b:41:95:b5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFwJGdVDImPaKXLNZLKAw69XCmCIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMxMDhaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmMzdjY2FhMTgxNDBkMDEwYTYyNzE5MDgwYWEzMDRhMTVlZTE3OGZlOGRi
ZjIwODNhYjQwZGQyODg1ZGU5NjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMSdgM4XdDjW+g8/Fa8pY/I8nEqytJSYbJppKlAQ2Puh7GHnWvWQPsxX6rSL
q73VYCq8+hf4Rz6h6ZMZADQV/r8eo2AKCNaprn1bYzkJEzUoaGc6i4ixgiQoDKw3
2RDttInLanbFd3i0LyWFfv/556uLwKPzNRCUTp3c4M5gUAka1QOSzizN7rrzB+ui
iL0b4Opcq5Svm+wkgF8DtzUPyycua2PF0YYLKQ4GXkb22O8DsUO7sFFqC4g6hoiw
cRS8rSBCW9e5aRkMhZ2UThV4bkoaSqgdoOHl/t2eqZSrNz8G82x7F6Klwk8Hg2Ya
9qYafE56X4WqbCxc4QEwY4YLlR0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQrRc0/
3QRCPk60ZBGfSAmREBNizjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yjc2NjgzZmItZDQxZi00YmZkLWJhNzgtYjRiMjQ5MmFjZDFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4I
MA0GCSqGSIb3DQEBCwUAA4IBAQBej6/Ah4Lkmy8rYrsIClvWbDHD/hCwFuRSKuHm
gBD0bPycn77t9OoCHmynlP1FBCc+OTYcgD+WeX9y8V+9odcqgm8cmKk/f1LxuGfh
jWedS0cczbBsf9YPs8oTydM8r/Dd9N/0o0Oo0jhDH3eJw7Jy1ZmhprBbNTMkxHdj
jJSqD59BmvYTHKnuS+NGEZXitHj5BkenooxeYJ5VMl8uPtHuRD6Vn2A/SLHr6I7N
bhLUPkbjKzRaD/lcfIRy7WaiCflOk5z436nkJpvNo9ZwO/Bg5XmPLnCy1KPisTTA
5mauCPpsq5PHrweJeY6AiDP1N7lgUO5peMyBJpQu2W8LQZW1
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:35:10 2025 by rpki-client