Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ea62d6-dce3-4c74-b931-0cca87ccadea.roa
File: b9ea62d6-dce3-4c74-b931-0cca87ccadea.roa (raw, json)
Hash identifier: rkPZNKKyT5GD9aFRy9h6bqSb7rT5MmW5M/pnBc15/4g=
Subject key identifier: 25:D6:C0:01:EF:52:2E:32:B9:5E:BF:A5:8B:72:60:10:F2:9B:B9:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38EA5501983E514FE5189DCE403B61E2E5A5DC2C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ea62d6-dce3-4c74-b931-0cca87ccadea.roa
Signing time: Fri 11 Jul 2025 19:11:29 +0000
ROA not before: Fri 11 Jul 2025 19:11:29 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:ea:55:01:98:3e:51:4f:e5:18:9d:ce:40:3b:61:e2:e5:a5:dc:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:11:29 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=b38732b82318378a5c5a797bd05d791031a73bda05c2ec43e5440d934476940f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:71:af:80:4f:c7:60:ea:99:0f:85:27:8f:2c:
71:71:b2:a4:52:e6:bd:12:29:92:cc:d2:ec:d5:e6:
46:78:30:5a:36:8d:12:e1:de:d0:f2:39:4c:1b:94:
c3:6d:1d:3c:f4:5a:1e:66:f6:9c:8e:67:13:d7:24:
4d:41:da:d0:af:ce:bc:5a:41:89:e0:5a:81:a2:fd:
24:61:a5:30:8f:e5:8a:ff:ed:57:03:e0:ae:f9:9e:
87:f3:68:34:e7:cf:ad:0a:31:62:8b:fb:cf:ae:34:
1e:a9:98:ff:f6:0b:1d:f8:2a:79:e1:c7:4d:88:53:
5a:41:a5:d9:d2:b6:35:47:c8:25:59:64:bd:15:2f:
ae:5b:6b:38:5f:c4:18:df:40:bd:bb:75:60:88:ec:
d6:93:fd:02:2f:3f:47:f8:73:e0:cd:48:ac:f7:71:
26:84:e2:27:12:28:79:0d:8e:56:89:4c:56:83:88:
b5:eb:dc:ec:69:8f:4d:63:79:56:ad:97:2d:dd:5e:
2e:63:e8:8e:7d:3d:12:12:ad:56:fc:a7:07:29:32:
bd:a1:64:9b:60:64:de:bd:30:35:3e:a4:43:22:09:
f6:93:d4:b2:da:69:af:64:03:76:4b:11:10:80:d4:
99:84:71:3d:a4:ff:c8:0d:8a:fe:60:d3:47:83:a9:
86:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D6:C0:01:EF:52:2E:32:B9:5E:BF:A5:8B:72:60:10:F2:9B:B9:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ea62d6-dce3-4c74-b931-0cca87ccadea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c080::/48
Signature Algorithm: sha256WithRSAEncryption
78:9a:16:7a:eb:f0:75:6a:76:a6:c9:78:2a:dc:ba:a4:c9:1c:
8a:c8:cc:4d:7c:3d:89:be:85:55:29:be:34:88:4c:72:40:20:
13:96:90:dd:f9:9e:e2:26:51:1a:c9:7b:8c:a0:89:a1:f4:c9:
13:68:0b:d6:2f:b9:78:f4:74:43:89:ab:47:e2:d8:89:4d:0b:
0f:07:26:75:b6:ab:58:49:16:86:57:8d:4b:ec:0c:ed:11:19:
bb:f0:f8:bc:ce:78:72:f0:2a:3b:b6:51:fa:5f:a7:af:24:d3:
b6:a3:eb:d6:e4:9a:ec:bd:83:fb:de:be:cd:38:29:d7:59:75:
0f:8c:69:b6:ea:06:1c:bf:97:be:4c:8d:81:0d:74:34:c3:88:
70:b8:e7:e6:81:55:64:0a:f6:e3:12:cc:b8:45:87:14:60:b3:
da:2e:7b:65:eb:82:af:92:fd:7d:e7:22:9e:ac:e1:79:5a:1b:
b9:a0:85:20:4c:91:90:23:25:ba:a4:f3:f0:1b:41:dd:27:4d:
cc:f8:3e:15:82:97:ed:29:41:a4:92:2a:5d:44:e5:af:59:ec:
31:8e:e6:5d:7d:43:c6:51:4c:0d:47:07:57:e5:a3:e3:3f:81:
08:aa:1a:0d:64:eb:8f:e2:84:27:fd:fc:5b:a4:b6:ec:03:a4:
a5:05:5d:2e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOOpVAZg+UU/lGJ3OQDth4uWl3CwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTExMjlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzODczMmI4MjMxODM3OGE1YzVhNzk3YmQwNWQ3OTEwMzFhNzNiZGEwNWMy
ZWM0M2U1NDQwZDkzNDQ3Njk0MGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxxr4BPx2DqmQ+FJ48scXGypFLmvRIpkszS7NXmRngwWjaNEuHe0PI5TBuU
w20dPPRaHmb2nI5nE9ckTUHa0K/OvFpBieBagaL9JGGlMI/liv/tVwPgrvmeh/No
NOfPrQoxYov7z640HqmY//YLHfgqeeHHTYhTWkGl2dK2NUfIJVlkvRUvrltrOF/E
GN9Avbt1YIjs1pP9Ai8/R/hz4M1IrPdxJoTiJxIoeQ2OVolMVoOItevc7GmPTWN5
Vq2XLd1eLmPojn09EhKtVvynBykyvaFkm2Bk3r0wNT6kQyIJ9pPUstppr2QDdksR
EIDUmYRxPaT/yA2K/mDTR4OphpkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQl1sAB
71IuMrlev6WLcmAQ8pu5SzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjllYTYyZDYtZGNlMy00Yzc0LWI5MzEtMGNjYTg3Y2NhZGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
gDANBgkqhkiG9w0BAQsFAAOCAQEAeJoWeuvwdWp2psl4Kty6pMkcisjMTXw9ib6F
VSm+NIhMckAgE5aQ3fme4iZRGsl7jKCJofTJE2gL1i+5ePR0Q4mrR+LYiU0LDwcm
dbarWEkWhleNS+wM7REZu/D4vM54cvAqO7ZR+l+nryTTtqPr1uSa7L2D+96+zTgp
11l1D4xptuoGHL+XvkyNgQ10NMOIcLjn5oFVZAr24xLMuEWHFGCz2i57ZeuCr5L9
fecinqzheVobuaCFIEyRkCMluqTz8BtB3SdNzPg+FYKX7SlBpJIqXUTlr1nsMY7m
XX1DxlFMDUcHV+Wj4z+BCKoaDWTrj+KEJ/38W6S27AOkpQVdLg==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:50 2025 by rpki-client