Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf1db0f3-6cad-4fcc-96c5-ddde700e6264.roa
File: bf1db0f3-6cad-4fcc-96c5-ddde700e6264.roa (raw, json)
Hash identifier: panl/8mIumyfaGWYtKvO2DQuOsnHaZX7CXLzCUwSHd8=
Subject key identifier: 8B:FB:E0:70:58:C1:48:C7:81:2A:64:9C:48:86:BF:C0:06:10:F7:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0DB23CB0D486014B031C83DC964F2CA867BC92B0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf1db0f3-6cad-4fcc-96c5-ddde700e6264.roa
Signing time: Fri 11 Jul 2025 20:21:58 +0000
ROA not before: Fri 11 Jul 2025 20:21:58 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:b2:3c:b0:d4:86:01:4b:03:1c:83:dc:96:4f:2c:a8:67:bc:92:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:21:58 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=7608b0be3caa8a30fdb495c0c5299449e4e0d4148ec4182867a6c8396f528eab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d6:72:2d:c6:1b:5c:57:61:75:8f:d1:35:a4:
4a:2e:bd:36:7e:f7:3b:5f:d2:8c:3f:c2:24:0b:e7:
77:84:1c:69:53:6e:b4:ae:e5:fe:bb:91:61:65:aa:
10:cf:27:03:ea:3a:fb:9f:e7:ea:9d:1f:a1:f9:d0:
81:a0:27:e0:45:82:47:59:f8:df:15:f3:13:93:c9:
2b:9f:98:b9:64:9a:f4:a8:bc:f1:9e:f8:be:eb:1b:
dc:1f:e3:6b:f0:a8:8a:d4:ad:f1:bf:fd:0d:22:4b:
e8:cc:76:74:ff:d1:c7:44:10:0e:18:22:3f:da:21:
f2:e8:01:7a:d4:4f:78:56:07:ed:85:da:aa:0a:6f:
43:95:11:b8:40:20:9a:60:1e:46:d2:a3:01:11:c2:
06:f3:85:a4:85:a5:ba:78:d6:55:d4:af:be:96:cb:
61:8f:9f:6c:77:ed:2c:8c:14:01:d1:36:a5:33:5a:
14:7e:c7:a3:5c:e9:3e:87:77:56:e5:83:cb:de:8a:
61:91:e7:1a:5c:8a:02:58:a6:77:5a:5e:18:58:58:
f7:51:9d:ff:e6:14:4f:c4:1e:89:34:0f:79:3a:97:
0b:b3:ba:38:91:b8:5f:22:37:de:e1:0c:92:54:f4:
ef:7f:7f:9d:45:fa:68:b4:89:bc:d2:9b:bd:b5:8f:
11:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:FB:E0:70:58:C1:48:C7:81:2A:64:9C:48:86:BF:C0:06:10:F7:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf1db0f3-6cad-4fcc-96c5-ddde700e6264.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:b000::/40
Signature Algorithm: sha256WithRSAEncryption
ab:13:1b:d8:52:7c:31:0c:2c:d4:71:99:db:e4:84:54:62:2f:
27:b0:95:e2:c9:d0:bb:bb:62:79:1b:bd:ea:c0:3d:52:da:c4:
a2:75:f1:bb:27:27:03:fc:fe:21:a8:7e:20:1d:93:4b:8b:90:
7e:3b:71:5f:bd:fd:b6:8f:67:36:db:60:a9:58:19:f2:e3:05:
05:67:05:a3:f2:ca:61:0d:d1:c6:76:c5:ad:ec:aa:d2:fd:d4:
cf:c1:2b:de:02:52:f7:e2:70:73:fb:95:85:cd:79:2d:91:7d:
ba:7f:c1:88:07:12:51:47:ac:7a:84:b6:a5:63:95:f2:df:81:
d4:0a:53:f5:89:60:d3:57:7d:ad:b4:9a:c7:46:42:59:ec:12:
29:77:fd:bf:d7:07:ca:dc:5f:39:e6:78:ba:3d:67:c9:15:23:
2b:ba:6a:d9:8c:0d:99:6c:e0:32:3b:9a:b0:33:04:69:ef:a3:
0b:57:96:e1:ae:28:0f:eb:d8:3d:7a:1d:7d:82:0c:d1:64:46:
d1:dd:05:d3:d8:72:fc:41:f3:8d:ef:98:dd:29:6c:0a:96:22:
3f:7d:f2:39:a9:1e:1d:66:ef:93:4e:5d:26:b4:ef:dc:c7:cd:
04:c1:40:ee:ed:c1:6a:d9:d6:b1:e9:4e:1a:30:24:fc:05:4a:
f5:ce:41:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDbI8sNSGAUsDHIPclk8sqGe8krAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDIxNThaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2MDhiMGJlM2NhYThhMzBmZGI0OTVjMGM1Mjk5NDQ5ZTRlMGQ0MTQ4ZWM0
MTgyODY3YTZjODM5NmY1MjhlYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN7Wci3GG1xXYXWP0TWkSi69Nn73O1/SjD/CJAvnd4QcaVNutK7l/ruRYWWq
EM8nA+o6+5/n6p0fofnQgaAn4EWCR1n43xXzE5PJK5+YuWSa9Ki88Z74vusb3B/j
a/CoitSt8b/9DSJL6Mx2dP/Rx0QQDhgiP9oh8ugBetRPeFYH7YXaqgpvQ5URuEAg
mmAeRtKjARHCBvOFpIWlunjWVdSvvpbLYY+fbHftLIwUAdE2pTNaFH7Ho1zpPod3
VuWDy96KYZHnGlyKAlimd1peGFhY91Gd/+YUT8QeiTQPeTqXC7O6OJG4XyI33uEM
klT0739/nUX6aLSJvNKbvbWPER8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSL++Bw
WMFIx4EqZJxIhr/ABhD3mzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmYxZGIwZjMtNmNhZC00ZmNjLTk2YzUtZGRkZTcwMGU2MjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWw
MA0GCSqGSIb3DQEBCwUAA4IBAQCrExvYUnwxDCzUcZnb5IRUYi8nsJXiydC7u2J5
G73qwD1S2sSidfG7JycD/P4hqH4gHZNLi5B+O3Ffvf22j2c222CpWBny4wUFZwWj
8sphDdHGdsWt7KrS/dTPwSveAlL34nBz+5WFzXktkX26f8GIBxJRR6x6hLalY5Xy
34HUClP1iWDTV32ttJrHRkJZ7BIpd/2/1wfK3F855ni6PWfJFSMrumrZjA2ZbOAy
O5qwMwRp76MLV5bhrigP69g9eh19ggzRZEbR3QXT2HL8QfON75jdKWwKliI/ffI5
qR4dZu+TTl0mtO/cx80EwUDu7cFq2dax6U4aMCT8BUr1zkFZ
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:49:33 2025 by rpki-client