Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba2d5a01-fa17-4fb3-97e7-c21c6e89f9fb.roa
File: ba2d5a01-fa17-4fb3-97e7-c21c6e89f9fb.roa (raw, json)
Hash identifier: n3f9dNdhGJDipPOM+e5Qs47gCHKkwFnAm/8lFRzfsEE=
Subject key identifier: 74:B4:94:8A:FB:EB:CD:08:8F:71:CF:0A:E2:71:82:38:BC:F6:AC:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 48E3DAA445AA34631B73B48890B37790A20A0608
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba2d5a01-fa17-4fb3-97e7-c21c6e89f9fb.roa
Signing time: Sat 12 Jul 2025 00:51:19 +0000
ROA not before: Sat 12 Jul 2025 00:51:19 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:e3:da:a4:45:aa:34:63:1b:73:b4:88:90:b3:77:90:a2:0a:06:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:51:19 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=3a4bc3a9582214d7c9cf703bb839b89dd1f959c189045d8f98477e149044617e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:61:67:b6:0f:84:68:26:ba:c7:f6:24:d3:2f:
73:e8:98:83:ac:30:7d:98:5c:52:2c:e3:10:db:4d:
1a:11:f8:a4:45:05:cf:41:11:14:20:03:bc:9e:db:
ab:ff:58:40:2d:8c:2f:35:03:f8:09:36:46:5f:bf:
6e:38:e9:bf:b3:e1:a1:eb:d3:89:f4:f3:e5:b3:29:
92:aa:47:ce:f3:9c:56:ec:34:0a:43:45:49:f4:43:
b2:6a:6a:8b:28:35:c9:24:01:b5:34:c3:50:cb:38:
6e:93:0e:49:37:b3:79:13:1d:40:33:23:27:d6:75:
3f:40:11:d8:2c:0c:e9:10:e8:1e:05:41:78:56:21:
5c:06:b0:f9:e0:f6:a0:61:9e:14:a1:fe:50:da:e1:
b2:06:bd:82:e0:74:1b:5f:a9:78:07:29:d3:6b:62:
4a:cf:77:73:df:38:23:9b:03:c0:96:61:84:4f:4c:
be:5d:7c:97:52:5d:41:03:d4:b9:17:28:a8:16:7e:
24:52:8f:73:bb:89:cb:0b:77:62:09:b5:eb:22:99:
48:bd:1d:0d:52:d2:af:fc:74:ee:05:4d:50:e7:bb:
03:15:c2:21:22:b3:d9:e6:46:07:c0:c7:75:47:9d:
f2:1c:da:5a:59:26:71:22:e4:f9:13:d4:59:80:4c:
af:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B4:94:8A:FB:EB:CD:08:8F:71:CF:0A:E2:71:82:38:BC:F6:AC:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba2d5a01-fa17-4fb3-97e7-c21c6e89f9fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:1000::/40
Signature Algorithm: sha256WithRSAEncryption
39:b8:58:6c:4a:28:43:94:04:3a:ef:8c:82:df:94:57:d6:9b:
ba:26:9a:db:5e:0d:e1:b7:9f:54:aa:10:86:07:99:63:3e:67:
40:6e:a1:a3:29:35:d0:6c:91:3c:70:61:d2:bf:c1:ec:54:94:
b5:dc:75:ae:ad:fd:3f:24:a6:df:2f:95:07:bb:88:dd:2b:6e:
2c:36:5c:fc:ac:61:f4:12:c0:5d:64:d8:f9:e7:10:a5:f1:45:
33:af:d5:9a:ae:bb:6b:e7:cd:5a:3f:df:b7:cb:18:83:2b:b0:
47:7d:f5:3a:1f:80:91:e2:f2:58:ea:e2:79:2a:e1:e3:ff:23:
7c:e7:bc:ef:d2:e2:50:d1:32:44:1e:45:e7:25:c0:71:7d:b3:
c9:9f:26:a9:54:37:ae:6d:8c:ac:40:96:c2:85:7c:b7:66:bb:
f5:b6:79:ad:b4:d3:12:7e:7b:5e:bb:5f:1d:20:35:59:3b:ca:
14:50:88:25:52:8d:0c:31:9f:23:3b:d1:76:5c:e6:ff:6b:a1:
07:4d:49:dc:1b:ff:dd:61:89:28:cb:28:f5:cc:8b:65:37:98:
dd:97:27:3f:a0:2a:58:98:7a:ac:c3:b1:df:84:96:6c:83:f6:
33:63:17:15:28:7c:07:f2:23:66:5b:65:8c:a9:48:ce:fc:a9:
e9:48:bd:b1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSOPapEWqNGMbc7SIkLN3kKIKBggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUxMTlaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhNGJjM2E5NTgyMjE0ZDdjOWNmNzAzYmI4MzliODlkZDFmOTU5YzE4OTA0
NWQ4Zjk4NDc3ZTE0OTA0NDYxN2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJthZ7YPhGgmusf2JNMvc+iYg6wwfZhcUizjENtNGhH4pEUFz0ERFCADvJ7b
q/9YQC2MLzUD+Ak2Rl+/bjjpv7PhoevTifTz5bMpkqpHzvOcVuw0CkNFSfRDsmpq
iyg1ySQBtTTDUMs4bpMOSTezeRMdQDMjJ9Z1P0AR2CwM6RDoHgVBeFYhXAaw+eD2
oGGeFKH+UNrhsga9guB0G1+peAcp02tiSs93c984I5sDwJZhhE9Mvl18l1JdQQPU
uRcoqBZ+JFKPc7uJywt3Ygm16yKZSL0dDVLSr/x07gVNUOe7AxXCISKz2eZGB8DH
dUed8hzaWlkmcSLk+RPUWYBMr28CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR0tJSK
++vNCI9xzwricYI4vPasUDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmEyZDVhMDEtZmExNy00ZmIzLTk3ZTctYzIxYzZlODlmOWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8Q
MA0GCSqGSIb3DQEBCwUAA4IBAQA5uFhsSihDlAQ674yC35RX1pu6JprbXg3ht59U
qhCGB5ljPmdAbqGjKTXQbJE8cGHSv8HsVJS13HWurf0/JKbfL5UHu4jdK24sNlz8
rGH0EsBdZNj55xCl8UUzr9Warrtr581aP9+3yxiDK7BHffU6H4CR4vJY6uJ5KuHj
/yN857zv0uJQ0TJEHkXnJcBxfbPJnyapVDeubYysQJbChXy3Zrv1tnmttNMSfnte
u18dIDVZO8oUUIglUo0MMZ8jO9F2XOb/a6EHTUncG//dYYkoyyj1zItlN5jdlyc/
oCpYmHqsw7HfhJZsg/YzYxcVKHwH8iNmW2WMqUjO/KnpSL2x
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:32:48 2025 by rpki-client