Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
File: bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa (raw, json)
Hash identifier: 4ph7HJYGvVZuu77L39iffpLEVamOhwL1kkDIdbfSj/M=
Subject key identifier: D4:0F:7D:9D:B0:19:9C:5B:47:07:A7:8A:5A:94:83:13:73:BE:1B:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20A62E7E42550D87626D95D750246F1E7123424B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
Signing time: Tue 01 Jul 2025 15:10:19 +0000
ROA not before: Tue 01 Jul 2025 15:10:19 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:a6:2e:7e:42:55:0d:87:62:6d:95:d7:50:24:6f:1e:71:23:42:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:10:19 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=00155d0909c768ce9af32598a3f30539418342b2f4c0bf90dad28e9d761a84e6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:bc:6d:ce:23:26:66:fd:0c:f0:0f:d1:8a:e3:
1c:f9:57:dd:8e:b8:f6:be:64:3e:00:e1:40:35:b2:
9e:5d:35:e4:9e:d9:a8:20:17:2a:3b:d9:d0:85:77:
32:90:c2:25:57:3d:6c:99:9d:c2:05:58:07:f9:e9:
f6:c4:4f:be:7a:88:6a:ce:8a:d2:27:94:59:d5:32:
68:f6:b2:15:89:6c:08:26:8d:0a:52:e6:22:cd:a0:
c5:d0:8b:ca:d1:cd:fc:76:0e:0e:88:a7:ef:0a:8d:
ef:52:bf:32:95:57:b8:d4:cc:e9:96:8c:b8:f5:49:
87:99:a7:eb:b0:4e:c7:d2:35:f7:bc:19:09:0b:b0:
5d:15:79:cc:f1:1d:5d:89:96:78:5e:50:19:f1:6b:
7e:f6:c2:2d:6e:fd:a3:7a:3c:03:03:b8:a7:5a:5b:
79:d2:69:1e:75:37:ce:5e:4c:f2:8a:62:df:2d:65:
5e:e8:88:1e:79:65:ac:2f:a2:e5:72:05:97:28:73:
cd:f6:42:93:2c:7e:d8:30:47:6b:9d:dc:1f:1c:25:
e6:e8:1c:ea:d7:2a:a1:fb:54:fd:cd:0c:ce:c9:c0:
00:c9:db:90:e3:d0:fe:d4:a8:63:b7:1e:a8:5a:33:
41:dc:09:62:b1:64:48:aa:f8:e1:53:d0:77:d8:00:
02:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:0F:7D:9D:B0:19:9C:5B:47:07:A7:8A:5A:94:83:13:73:BE:1B:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:b000::/40
Signature Algorithm: sha256WithRSAEncryption
08:cd:35:bf:5c:9c:73:0c:76:46:95:79:47:47:1c:12:6b:21:
0e:d1:58:a8:72:46:d1:7a:ce:a6:3a:e3:ea:ce:40:28:83:68:
04:44:c9:2a:75:88:08:c8:19:14:ff:6d:09:92:55:bf:00:c0:
f3:44:a2:4e:66:b9:96:14:dc:10:4c:fa:77:ef:db:ab:a6:e5:
e5:0f:70:44:82:da:62:87:1a:c9:a5:5a:c8:89:cc:f5:f4:b2:
75:39:93:03:42:86:34:a3:89:8b:d6:6f:c6:b7:51:d9:fb:83:
9b:4a:20:9b:d6:78:e2:79:32:bb:dd:bc:c1:0d:e5:c9:8a:68:
0f:bb:84:ca:fe:cd:ee:8f:7c:95:30:25:f7:8d:fc:d1:52:fa:
8a:04:3d:a1:22:8d:5b:a8:9a:46:5c:09:8d:b1:da:ad:07:f0:
bc:39:c9:3d:52:56:07:9b:bd:ec:43:ca:7b:02:b5:a0:29:95:
d4:ad:d6:0c:e5:95:30:b2:e0:ff:5c:9d:40:7b:6f:db:87:9d:
88:1e:bf:9b:a6:35:92:16:85:9b:cf:2f:1c:b7:8b:d9:90:c2:
b4:e2:f2:89:23:4a:70:74:71:ce:64:b1:f2:d9:cc:31:de:94:
55:b6:ba:9c:cb:0e:58:e3:d5:e8:a5:53:5f:e9:dc:b8:3b:19:
14:6b:35:b1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIKYufkJVDYdibZXXUCRvHnEjQkswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTEwMTlaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwMTU1ZDA5MDljNzY4Y2U5YWYzMjU5OGEzZjMwNTM5NDE4MzQyYjJmNGMw
YmY5MGRhZDI4ZTlkNzYxYTg0ZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJm8bc4jJmb9DPAP0YrjHPlX3Y649r5kPgDhQDWynl015J7ZqCAXKjvZ0IV3
MpDCJVc9bJmdwgVYB/np9sRPvnqIas6K0ieUWdUyaPayFYlsCCaNClLmIs2gxdCL
ytHN/HYODoin7wqN71K/MpVXuNTM6ZaMuPVJh5mn67BOx9I197wZCQuwXRV5zPEd
XYmWeF5QGfFrfvbCLW79o3o8AwO4p1pbedJpHnU3zl5M8opi3y1lXuiIHnllrC+i
5XIFlyhzzfZCkyx+2DBHa53cHxwl5ugc6tcqoftU/c0MzsnAAMnbkOPQ/tSoY7ce
qFozQdwJYrFkSKr44VPQd9gAAhsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTUD32d
sBmcW0cHp4palIMTc74bpzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRhYTZkZTYtMDBkMy00ZDE4LThhYTAtMGJmODI4ODhkMzZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCw
MA0GCSqGSIb3DQEBCwUAA4IBAQAIzTW/XJxzDHZGlXlHRxwSayEO0ViockbRes6m
OuPqzkAog2gERMkqdYgIyBkU/20JklW/AMDzRKJOZrmWFNwQTPp379urpuXlD3BE
gtpihxrJpVrIicz19LJ1OZMDQoY0o4mL1m/Gt1HZ+4ObSiCb1njieTK73bzBDeXJ
imgPu4TK/s3uj3yVMCX3jfzRUvqKBD2hIo1bqJpGXAmNsdqtB/C8Ock9UlYHm73s
Q8p7ArWgKZXUrdYM5ZUwsuD/XJ1Ae2/bh52IHr+bpjWSFoWbzy8ct4vZkMK04vKJ
I0pwdHHOZLHy2cwx3pRVtrqcyw5Y49XopVNf6dy4OxkUazWx
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:15 2025 by rpki-client