Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd2e1e8c-032c-4ce2-be27-6b9391bd9722.roa
File: bd2e1e8c-032c-4ce2-be27-6b9391bd9722.roa (raw, json)
Hash identifier: 10KZkAKQoGmZBdx7HD4xXmvHRub5q5M/jArnazFvb2Q=
Subject key identifier: 3F:D9:5B:A0:1E:6C:0C:AE:96:B8:36:A4:29:23:08:22:03:B1:77:EF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1002A2BD294376775C41705DB314ED51BB830BD0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd2e1e8c-032c-4ce2-be27-6b9391bd9722.roa
Signing time: Fri 11 Jul 2025 19:51:23 +0000
ROA not before: Fri 11 Jul 2025 19:51:23 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:c0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:02:a2:bd:29:43:76:77:5c:41:70:5d:b3:14:ed:51:bb:83:0b:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:51:23 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=6496af2f86f54a9432aaaa7d894574f940ce3cc54a3e32ae6516172718a548d7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:eb:f4:14:70:e4:6a:9a:e1:f8:95:67:34:59:
60:10:f7:cd:da:16:aa:c8:80:0b:b0:5d:46:26:79:
4a:88:bd:c3:3c:32:66:3c:ff:e7:43:36:85:19:eb:
e5:f3:a2:2a:4f:2e:0d:f6:a9:02:9f:54:11:e6:2e:
72:e8:53:00:75:2c:26:2c:94:e5:a2:35:7f:84:17:
1f:38:91:87:f8:46:63:9a:20:24:d3:fe:ee:99:a4:
c1:86:b3:68:81:60:5b:80:4d:da:11:63:21:63:7d:
b8:c8:73:23:89:4b:dd:5a:7f:28:f8:2f:fa:6c:19:
c4:03:ac:f4:9f:38:20:fd:01:d7:08:f6:27:cd:7e:
ce:89:fd:5e:aa:55:33:5f:db:df:88:31:43:4b:1a:
55:9a:ec:ee:a7:9a:38:98:82:29:f4:93:18:50:e6:
2b:43:14:35:4c:05:03:84:32:03:18:f3:a6:69:3e:
55:f3:24:53:be:60:88:39:54:66:e9:d2:4d:4e:9b:
f1:e2:d0:57:b7:96:1b:c0:19:15:e6:c8:be:c9:ef:
3b:c2:99:e5:53:51:01:60:35:44:0f:81:43:68:8b:
29:23:4c:4d:fd:ec:ef:c2:03:66:50:a9:fe:2e:a6:
fd:d0:1c:5a:3e:0e:db:e1:ab:c6:b9:89:51:27:8b:
a7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:D9:5B:A0:1E:6C:0C:AE:96:B8:36:A4:29:23:08:22:03:B1:77:EF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd2e1e8c-032c-4ce2-be27-6b9391bd9722.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:c0c0::/46
Signature Algorithm: sha256WithRSAEncryption
b1:7c:09:0e:6f:2d:3f:b9:16:92:71:33:14:a6:a2:06:85:7b:
18:c7:a9:2e:68:56:63:a2:23:5e:d9:df:48:bf:44:d4:c2:0e:
5e:41:29:81:9b:e7:1d:f9:5f:ad:54:78:1b:ba:47:a3:1e:cb:
60:42:d4:84:eb:9e:41:98:90:a2:dc:ac:fb:c9:5a:2b:19:fc:
a8:2b:d6:c9:29:d5:9a:3b:96:26:b2:71:b5:ea:b8:d5:0b:a7:
8c:50:71:4d:c3:8a:58:17:eb:0f:db:f3:e7:a1:fc:7a:5b:61:
6a:5e:50:89:ad:61:20:47:66:ab:85:09:47:43:a0:9c:7e:bc:
e2:38:80:0c:f3:e9:4b:2b:63:cb:ff:94:32:4f:c4:36:5e:05:
96:e6:2d:82:f5:86:21:8b:68:c8:ea:52:d1:60:ec:c7:20:1c:
4c:28:79:64:32:94:89:14:a7:fb:b7:1f:98:89:d2:44:4e:e2:
74:bc:a9:85:1d:dd:af:f0:ad:9c:f6:6d:09:39:47:8d:68:17:
ef:ff:a1:06:4c:3e:4d:5f:10:05:0c:f2:4d:ee:b9:25:e7:55:
6a:42:f7:5c:38:dc:6b:2f:81:e7:25:ee:7a:02:3e:bf:15:82:
ee:0d:f3:ca:e1:76:28:59:69:eb:0b:62:8a:e1:b9:ec:bc:e3:
c3:83:39:53
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEAKivSlDdndcQXBdsxTtUbuDC9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUxMjNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0OTZhZjJmODZmNTRhOTQzMmFhYWE3ZDg5NDU3NGY5NDBjZTNjYzU0YTNl
MzJhZTY1MTYxNzI3MThhNTQ4ZDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOPr9BRw5Gqa4fiVZzRZYBD3zdoWqsiAC7BdRiZ5Soi9wzwyZjz/50M2hRnr
5fOiKk8uDfapAp9UEeYucuhTAHUsJiyU5aI1f4QXHziRh/hGY5ogJNP+7pmkwYaz
aIFgW4BN2hFjIWN9uMhzI4lL3Vp/KPgv+mwZxAOs9J84IP0B1wj2J81+zon9XqpV
M1/b34gxQ0saVZrs7qeaOJiCKfSTGFDmK0MUNUwFA4QyAxjzpmk+VfMkU75giDlU
ZunSTU6b8eLQV7eWG8AZFebIvsnvO8KZ5VNRAWA1RA+BQ2iLKSNMTf3s78IDZlCp
/i6m/dAcWj4O2+GrxrmJUSeLp/sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ/2Vug
HmwMrpa4NqQpIwgiA7F37zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmQyZTFlOGMtMDMyYy00Y2UyLWJlMjctNmI5MzkxYmQ5NzIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HvA
wDANBgkqhkiG9w0BAQsFAAOCAQEAsXwJDm8tP7kWknEzFKaiBoV7GMepLmhWY6Ij
XtnfSL9E1MIOXkEpgZvnHflfrVR4G7pHox7LYELUhOueQZiQotys+8laKxn8qCvW
ySnVmjuWJrJxteq41QunjFBxTcOKWBfrD9vz56H8elthal5Qia1hIEdmq4UJR0Og
nH684jiADPPpSytjy/+UMk/ENl4FluYtgvWGIYtoyOpS0WDsxyAcTCh5ZDKUiRSn
+7cfmInSRE7idLyphR3dr/CtnPZtCTlHjWgX7/+hBkw+TV8QBQzyTe65JedVakL3
XDjcay+B5yXuegI+vxWC7g3zyuF2KFlp6wtiiuG57Lzjw4M5Uw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:34:24 2025 by rpki-client