Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa
File: b8a24699-2493-4e45-8227-bd2ec32f88ab.roa (raw, json)
Hash identifier: MYP2afcyZhaG5AE8v14mfmsJY8ywhcdz7a7IcWk/0Jk=
Subject key identifier: 31:FD:ED:14:49:70:CB:54:D6:C7:60:BA:9C:14:C2:67:FD:37:5A:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4FDA689D82E3A8AEEA53A8A11B468517A7E7A716
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa
Signing time: Fri 11 Jul 2025 19:20:49 +0000
ROA not before: Fri 11 Jul 2025 19:20:49 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:da:68:9d:82:e3:a8:ae:ea:53:a8:a1:1b:46:85:17:a7:e7:a7:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:20:49 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=4a192727957c847be1b026b6cabce7b45a7a174a1474c6f4f177c2fa5f0776d2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ce:01:3a:fe:53:2d:9c:ba:aa:00:24:29:a5:
80:9d:0b:b5:68:9e:91:95:76:9f:7b:cd:c7:16:43:
1b:26:f1:42:d6:10:80:28:bf:b8:66:2c:ad:71:c4:
ac:de:2b:7b:72:7b:f4:ea:6b:7f:eb:94:64:2e:4e:
86:30:5d:aa:94:62:70:20:12:e6:03:4c:2d:2f:7f:
80:14:b7:e1:3b:5e:55:25:e2:a5:95:71:e0:c8:2c:
c3:41:d7:31:6c:3c:df:c3:7e:39:e0:ac:a3:ab:65:
24:b8:c7:21:f8:31:cc:b2:99:7c:7d:35:94:b9:0a:
34:33:3c:14:42:00:1c:22:3c:4c:2e:c8:ef:2a:66:
b1:7e:5a:d3:d7:66:da:40:86:f2:d3:c5:99:2b:62:
c8:b4:78:f3:7a:6f:9f:b0:f8:59:07:b8:33:a9:13:
05:ba:82:60:9f:f0:f0:58:57:43:c7:47:c8:c8:9f:
14:5f:16:a2:fc:40:3e:6e:84:32:43:90:2f:b3:10:
fb:c2:95:85:a5:52:3e:c5:59:37:9f:37:5e:1b:04:
34:fb:29:16:33:4b:24:2e:7c:04:00:3f:dc:71:5f:
78:13:b9:ab:e3:53:e3:56:49:f9:85:56:cc:53:12:
d0:ed:91:8a:f8:25:ab:d1:20:73:1c:79:86:22:e2:
7b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:FD:ED:14:49:70:CB:54:D6:C7:60:BA:9C:14:C2:67:FD:37:5A:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
15:df:ab:2d:d1:f4:6e:85:97:20:74:57:54:3d:12:a3:b8:89:
2d:0a:e9:79:78:df:b3:5d:5a:b3:bc:73:00:d7:20:b4:67:39:
da:83:45:df:2b:7d:9c:57:56:60:13:32:71:74:86:27:8a:d8:
0d:99:d1:1d:e9:3f:3a:e9:82:91:ff:7e:95:cd:5b:44:dd:ca:
68:b3:95:c7:1a:69:d7:b0:66:68:00:34:e2:6b:4b:09:5d:0e:
65:8e:eb:b2:10:3a:bf:e9:44:c4:3e:6c:0d:7b:4e:78:be:ea:
36:36:f9:b1:39:4d:00:9b:ab:7a:18:7c:1d:ea:f4:3f:b9:4e:
8d:12:8a:b7:a2:13:26:b3:a8:50:68:fd:ce:29:5a:0c:19:24:
67:b5:66:b2:d2:0c:93:ef:9f:94:ac:ce:59:0d:79:03:66:ad:
2a:5c:4c:c5:f7:9d:38:33:c2:03:58:6d:04:88:f2:17:13:d4:
2a:48:fb:be:67:b1:3f:47:e6:17:82:41:93:63:ca:d6:58:53:
c2:5c:b9:91:4e:63:2d:de:fe:6b:9b:8e:9b:a6:0a:c7:ed:09:
63:b8:d8:f8:3d:3d:af:22:e8:48:97:cf:c2:f0:64:bb:57:23:
18:0b:07:cf:87:93:42:75:0c:97:25:67:af:88:8d:63:52:e0:
53:52:24:14
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUT9ponYLjqK7qU6ihG0aFF6fnpxYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIwNDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhMTkyNzI3OTU3Yzg0N2JlMWIwMjZiNmNhYmNlN2I0NWE3YTE3NGExNDc0
YzZmNGYxNzdjMmZhNWYwNzc2ZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANzOATr+Uy2cuqoAJCmlgJ0LtWiekZV2n3vNxxZDGybxQtYQgCi/uGYsrXHE
rN4re3J79Oprf+uUZC5OhjBdqpRicCAS5gNMLS9/gBS34TteVSXipZVx4Mgsw0HX
MWw838N+OeCso6tlJLjHIfgxzLKZfH01lLkKNDM8FEIAHCI8TC7I7ypmsX5a09dm
2kCG8tPFmStiyLR483pvn7D4WQe4M6kTBbqCYJ/w8FhXQ8dHyMifFF8WovxAPm6E
MkOQL7MQ+8KVhaVSPsVZN583XhsENPspFjNLJC58BAA/3HFfeBO5q+NT41ZJ+YVW
zFMS0O2Rivglq9Egcxx5hiLie98CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQx/e0U
SXDLVNbHYLqcFMJn/TdavTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjhhMjQ2OTktMjQ5My00ZTQ1LTgyMjctYmQyZWMzMmY4OGFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
wDANBgkqhkiG9w0BAQsFAAOCAQEAFd+rLdH0boWXIHRXVD0So7iJLQrpeXjfs11a
s7xzANcgtGc52oNF3yt9nFdWYBMycXSGJ4rYDZnRHek/OumCkf9+lc1bRN3KaLOV
xxpp17BmaAA04mtLCV0OZY7rshA6v+lExD5sDXtOeL7qNjb5sTlNAJurehh8Her0
P7lOjRKKt6ITJrOoUGj9zilaDBkkZ7VmstIMk++flKzOWQ15A2atKlxMxfedODPC
A1htBIjyFxPUKkj7vmexP0fmF4JBk2PK1lhTwly5kU5jLd7+a5uOm6YKx+0JY7jY
+D09ryLoSJfPwvBku1cjGAsHz4eTQnUMlyVnr4iNY1LgU1IkFA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:45 2025 by rpki-client