Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be610cc2-170e-494b-b1f3-db73bc5ff027.roa
File: be610cc2-170e-494b-b1f3-db73bc5ff027.roa (raw, json)
Hash identifier: WqQpUC31p8ipv6vwyGGZRiDh9SXnNAahiH/yqCSQ0ic=
Subject key identifier: 31:F6:D6:2B:DF:E8:79:53:27:18:9A:D5:D1:79:B4:C9:69:0C:3C:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 547DEE2C6B1B9B02C898CB48C55968C9A73D7523
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be610cc2-170e-494b-b1f3-db73bc5ff027.roa
Signing time: Fri 11 Jul 2025 19:11:19 +0000
ROA not before: Fri 11 Jul 2025 19:11:19 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:7d:ee:2c:6b:1b:9b:02:c8:98:cb:48:c5:59:68:c9:a7:3d:75:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:11:19 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=9813fead48ac2e64d8624e22445423ad33c576d928f418635521512033a6e748, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:67:8e:05:93:61:90:37:95:93:e0:f3:eb:0f:
6a:86:19:09:1b:a6:8a:76:72:11:65:8d:3a:3d:19:
47:c0:d0:4b:3c:c7:8d:f0:f2:a0:4d:57:ce:37:c2:
6d:b8:76:78:0a:fa:d0:f3:b7:09:1b:3d:0e:e6:ab:
ac:b7:da:99:58:8f:fe:37:69:e2:9a:79:fc:26:c5:
66:5a:97:68:fa:77:f2:06:fa:34:f5:23:cd:80:4b:
74:e5:5a:a0:34:4b:a7:e5:10:85:e5:13:d1:57:2e:
05:cf:32:e5:88:79:13:03:fd:dd:74:ba:a7:5c:b4:
8a:80:59:d9:e1:ae:1c:aa:f9:da:9d:0f:06:f2:93:
d0:50:15:61:ed:60:3d:57:2b:db:51:a7:ab:ed:8e:
fa:14:b0:82:cd:6f:0e:44:14:3b:b1:ac:0c:9e:5f:
d2:e4:33:af:5e:6a:08:1a:14:e0:53:6e:9f:0c:b0:
a3:62:2e:6a:be:3d:00:8a:fc:10:be:e7:5c:0e:2c:
a4:f6:5a:5a:19:46:8c:79:53:09:aa:cb:5c:c3:f7:
f5:ab:f3:52:b1:e7:e3:5c:02:0f:4c:af:52:af:07:
39:d6:ee:a5:0d:43:c4:c8:be:6c:53:ed:74:fd:ce:
74:52:7e:c3:e4:37:bb:df:d1:01:1c:74:a4:29:46:
34:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F6:D6:2B:DF:E8:79:53:27:18:9A:D5:D1:79:B4:C9:69:0C:3C:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be610cc2-170e-494b-b1f3-db73bc5ff027.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:6080::/48
Signature Algorithm: sha256WithRSAEncryption
5a:73:9f:c1:cd:69:ba:8a:76:0f:8b:76:4d:de:ad:82:02:17:
50:17:17:8e:6c:88:5c:1d:d5:1c:76:ae:d8:55:76:e1:12:5b:
74:13:40:bb:aa:81:eb:f1:bb:e0:fd:23:e3:38:86:b2:59:40:
e1:d6:d3:de:58:4a:fa:2d:5e:50:97:2e:06:41:58:38:d0:71:
9c:4a:f0:74:cb:b7:09:6d:b3:51:79:85:71:18:d1:c1:49:54:
f1:ea:da:7f:b3:bf:75:35:55:3b:81:f4:b8:0b:d3:e6:0f:b5:
d9:cc:f8:e9:d9:3e:37:c9:cf:6c:39:b6:d2:c0:3c:50:9b:fc:
6b:ff:c2:c8:7c:52:93:aa:d7:5a:c6:54:90:4a:8c:04:e2:bb:
6e:1c:7a:7c:06:c3:4f:00:ca:5c:f5:e0:e3:17:46:8b:da:8f:
e0:00:b0:bf:de:58:ca:ec:ab:68:ae:72:34:87:48:99:00:6a:
38:6f:b3:af:ff:9b:f9:92:35:59:88:45:67:d7:66:e6:be:81:
ed:b5:b1:b4:29:07:84:4a:eb:49:51:ec:a6:c7:e0:15:34:f9:
f2:67:fd:93:aa:2a:39:2c:bd:8d:a6:ba:6d:91:e3:66:ee:b9:
39:d0:29:ad:1b:19:fd:98:98:c6:3e:e3:02:f3:f5:e0:09:c1:
1d:3c:d4:3e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVH3uLGsbmwLImMtIxVloyac9dSMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTExMTlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4MTNmZWFkNDhhYzJlNjRkODYyNGUyMjQ0NTQyM2FkMzNjNTc2ZDkyOGY0
MTg2MzU1MjE1MTIwMzNhNmU3NDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOBnjgWTYZA3lZPg8+sPaoYZCRuminZyEWWNOj0ZR8DQSzzHjfDyoE1XzjfC
bbh2eAr60PO3CRs9DuarrLfamViP/jdp4pp5/CbFZlqXaPp38gb6NPUjzYBLdOVa
oDRLp+UQheUT0VcuBc8y5Yh5EwP93XS6p1y0ioBZ2eGuHKr52p0PBvKT0FAVYe1g
PVcr21Gnq+2O+hSwgs1vDkQUO7GsDJ5f0uQzr15qCBoU4FNunwywo2Iuar49AIr8
EL7nXA4spPZaWhlGjHlTCarLXMP39avzUrHn41wCD0yvUq8HOdbupQ1DxMi+bFPt
dP3OdFJ+w+Q3u9/RARx0pClGNGcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQx9tYr
3+h5UycYmtXRebTJaQw8/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2MTBjYzItMTcwZS00OTRiLWIxZjMtZGI3M2JjNWZmMDI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9g
gDANBgkqhkiG9w0BAQsFAAOCAQEAWnOfwc1puop2D4t2Td6tggIXUBcXjmyIXB3V
HHau2FV24RJbdBNAu6qB6/G74P0j4ziGsllA4dbT3lhK+i1eUJcuBkFYONBxnErw
dMu3CW2zUXmFcRjRwUlU8eraf7O/dTVVO4H0uAvT5g+12cz46dk+N8nPbDm20sA8
UJv8a//CyHxSk6rXWsZUkEqMBOK7bhx6fAbDTwDKXPXg4xdGi9qP4ACwv95Yyuyr
aK5yNIdImQBqOG+zr/+b+ZI1WYhFZ9dm5r6B7bWxtCkHhErrSVHspsfgFTT58mf9
k6oqOSy9jaa6bZHjZu65OdAprRsZ/ZiYxj7jAvP14AnBHTzUPg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:34:00 2025 by rpki-client