Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
File: b7d242ad-482b-4700-888a-b677a178a4bf.roa (raw, json)
Hash identifier: ghoL5BdIotafv1SnLUNZaAuGN/7Lzltz9Hgbf9fC6HQ=
Subject key identifier: 9C:E1:04:6C:F5:F5:88:57:D0:55:DC:4D:5E:DE:EB:07:6F:E9:AB:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F1B58F390B1FF25F7E28B23F9D31440A0CCB87F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
Signing time: Fri 11 Jul 2025 19:21:24 +0000
ROA not before: Fri 11 Jul 2025 19:21:24 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:1b:58:f3:90:b1:ff:25:f7:e2:8b:23:f9:d3:14:40:a0:cc:b8:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:21:24 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=f4ee453fac696ec670aa44a284079f0dd81fbd4c35279f5c58e1bceffe091b13, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a3:19:50:32:2f:68:50:2b:64:94:3c:e1:7c:
a7:9e:e4:a2:b2:6b:d7:43:85:20:11:40:71:2c:73:
80:be:fd:20:5c:0e:de:95:44:80:ad:3a:38:43:15:
d2:f4:00:60:64:1b:8b:e7:83:df:5a:e4:5a:77:60:
b6:17:17:27:5a:13:70:11:b4:b6:dd:a7:8c:fe:e4:
e2:2e:b2:26:85:bb:fd:73:8a:75:38:41:0a:ec:70:
d8:ca:7a:b1:6d:85:bb:f7:be:c0:53:11:f5:0e:54:
5b:46:b8:3d:64:d0:e3:3d:d0:d1:be:e8:54:7b:56:
ba:54:82:8b:bf:18:8a:ae:2f:f2:c9:7e:67:33:a5:
84:9f:3c:35:19:6d:57:ac:5d:33:b0:c1:66:77:fa:
89:8c:8b:4c:65:fa:66:5e:40:e5:47:41:a7:ea:2c:
ab:1e:51:75:3f:65:e3:6c:df:f0:04:8d:03:b1:d4:
59:62:cd:56:d1:c5:1d:79:d3:41:85:0f:7e:01:ce:
2b:1e:88:28:06:de:00:47:f6:59:6a:01:85:f6:99:
b9:82:1a:45:07:3f:a5:4e:54:9f:e1:a0:ff:ee:85:
ef:99:66:cc:30:b4:fb:fe:07:ac:d9:72:7f:ad:0d:
e9:f0:6d:02:14:5d:5e:57:00:69:84:92:49:de:ec:
ae:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:E1:04:6C:F5:F5:88:57:D0:55:DC:4D:5E:DE:EB:07:6F:E9:AB:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6080::/48
Signature Algorithm: sha256WithRSAEncryption
5b:15:ed:d1:8c:bc:b7:8c:40:2e:8a:77:18:5a:a5:5a:4d:df:
a3:71:d6:58:05:08:32:c2:5b:6d:a7:4e:13:74:94:e8:cb:02:
1f:e6:18:8c:84:ff:33:b3:88:8e:47:59:93:38:80:31:9e:3b:
46:65:ad:35:ca:65:a9:57:fc:e3:90:63:17:f7:2b:fd:c3:db:
f4:0c:ef:2c:6f:74:5e:62:5a:58:9f:0f:e1:cb:61:ed:48:3b:
9e:8e:41:32:4e:65:af:bb:62:5c:7b:09:58:05:cc:ae:a0:ff:
0d:38:d2:81:3b:61:5a:d4:88:af:33:54:9a:ae:02:53:2d:ee:
26:dc:de:1e:ac:7d:7c:d4:53:73:7e:5c:9a:02:2f:17:41:a7:
01:98:fc:e8:91:aa:d7:12:21:b6:0f:63:d3:03:23:24:c9:f5:
80:6f:a8:b7:8e:c6:30:ea:1f:d7:41:27:9a:53:eb:76:1e:34:
b7:7d:82:2f:dd:29:63:c6:f7:e6:c1:14:39:12:68:b5:94:f2:
6b:09:9d:9f:4e:ec:71:0b:ad:cb:a6:53:4a:92:64:99:d4:31:
60:9f:b7:d6:59:97:6e:ce:0c:87:1b:ad:f0:ec:90:8f:77:d2:
0f:9d:57:4d:07:8a:74:63:ac:4b:05:8c:26:1a:15:62:8f:d6:
b2:69:9f:2e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXxtY85Cx/yX34osj+dMUQKDMuH8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIxMjRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0ZWU0NTNmYWM2OTZlYzY3MGFhNDRhMjg0MDc5ZjBkZDgxZmJkNGMzNTI3
OWY1YzU4ZTFiY2VmZmUwOTFiMTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKijGVAyL2hQK2SUPOF8p57korJr10OFIBFAcSxzgL79IFwO3pVEgK06OEMV
0vQAYGQbi+eD31rkWndgthcXJ1oTcBG0tt2njP7k4i6yJoW7/XOKdThBCuxw2Mp6
sW2Fu/e+wFMR9Q5UW0a4PWTQ4z3Q0b7oVHtWulSCi78Yiq4v8sl+ZzOlhJ88NRlt
V6xdM7DBZnf6iYyLTGX6Zl5A5UdBp+osqx5RdT9l42zf8ASNA7HUWWLNVtHFHXnT
QYUPfgHOKx6IKAbeAEf2WWoBhfaZuYIaRQc/pU5Un+Gg/+6F75lmzDC0+/4HrNly
f60N6fBtAhRdXlcAaYSSSd7sri0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSc4QRs
9fWIV9BV3E1e3usHb+mrVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjdkMjQyYWQtNDgyYi00NzAwLTg4OGEtYjY3N2ExNzhhNGJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJg
gDANBgkqhkiG9w0BAQsFAAOCAQEAWxXt0Yy8t4xALop3GFqlWk3fo3HWWAUIMsJb
badOE3SU6MsCH+YYjIT/M7OIjkdZkziAMZ47RmWtNcplqVf845BjF/cr/cPb9Azv
LG90XmJaWJ8P4cth7Ug7no5BMk5lr7tiXHsJWAXMrqD/DTjSgTthWtSIrzNUmq4C
Uy3uJtzeHqx9fNRTc35cmgIvF0GnAZj86JGq1xIhtg9j0wMjJMn1gG+ot47GMOof
10EnmlPrdh40t32CL90pY8b35sEUORJotZTyawmdn07scQuty6ZTSpJkmdQxYJ+3
1lmXbs4Mhxut8OyQj3fSD51XTQeKdGOsSwWMJhoVYo/WsmmfLg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:37 2025 by rpki-client