Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
File: c02bd597-170b-4eec-b8d1-18d678b065fa.roa (raw, json)
Hash identifier: /6MmQdgYFurR/KRDW8XPmdunNbYleWIjAkj7pgbjh80=
Subject key identifier: 4D:9D:4C:3E:22:9F:A8:B7:27:EE:4D:5F:69:06:47:9C:F5:79:7D:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2709555ABE403D3C6DEBA488C4A6972BB2DBB22B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
Signing time: Fri 11 Jul 2025 19:01:43 +0000
ROA not before: Fri 11 Jul 2025 19:01:43 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:09:55:5a:be:40:3d:3c:6d:eb:a4:88:c4:a6:97:2b:b2:db:b2:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:01:43 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=4a4c27e7171aae3496fe0e1f32439dd480a88db35b3fba3ea7c2c26ad71c2312, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:99:e5:17:51:68:3a:85:f3:1d:fb:3e:dd:32:
f9:b6:1e:21:a7:5a:46:75:8a:f5:70:10:94:43:5d:
cd:08:23:5a:c5:5c:77:54:fe:59:70:5d:d9:25:b1:
eb:67:1e:a3:a2:69:41:41:39:22:c1:44:c8:1a:6a:
c1:f4:a0:ca:be:cc:67:37:d8:5b:7a:5c:30:1d:8d:
93:7e:11:82:36:3f:1d:e7:c3:8c:fb:b7:3a:a6:bd:
99:76:a7:51:ef:85:a6:47:20:bc:8c:3f:6e:d5:1e:
29:ea:c7:7a:54:57:82:6c:ef:a3:b8:96:0d:30:5b:
62:a7:e8:a9:c2:37:ea:e2:64:f7:d5:93:a2:aa:6e:
a2:a8:31:36:ad:26:ce:47:b0:ef:5c:fa:b2:fc:8b:
4c:e4:db:a0:02:b2:cb:5a:21:08:84:3f:93:6e:b9:
fd:93:de:fd:4f:38:da:1c:bc:9d:7d:9f:f5:93:d9:
e6:80:2d:88:02:b0:e8:ef:af:c7:df:fb:7b:2c:43:
88:d4:1a:1d:ee:4e:db:c5:50:a7:a8:22:86:cf:93:
8d:36:42:05:19:8a:b7:f4:d6:ef:9a:5d:ca:38:58:
24:22:77:65:ee:25:4d:a1:dd:23:32:d2:be:b7:07:
2c:b3:e5:2a:8f:e2:9a:74:e9:cf:eb:87:00:9d:91:
e7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:9D:4C:3E:22:9F:A8:B7:27:EE:4D:5F:69:06:47:9C:F5:79:7D:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8010::/48
Signature Algorithm: sha256WithRSAEncryption
a7:5a:40:29:fc:d6:45:d4:fa:e8:d2:aa:40:70:07:97:ed:fd:
4c:25:7a:0d:54:7b:cb:2e:d7:f5:2a:93:cf:96:38:f3:96:69:
5a:2c:d7:63:91:88:07:11:b7:2b:0b:c2:4a:86:bd:6e:a4:5a:
ef:b2:6d:bb:49:10:c1:e5:8f:0b:f9:e3:c3:70:73:7b:a5:82:
2b:2b:fe:87:25:ce:15:b3:df:88:c5:c1:4e:23:e2:91:ee:20:
99:dd:10:8c:b7:ec:67:59:3f:f0:b1:c9:74:a1:e1:2c:1a:f9:
10:06:f4:cf:84:6d:ac:52:6c:b9:d3:af:9d:ba:d8:85:9e:43:
6a:14:a4:fc:81:fe:e7:bd:67:88:e7:e0:96:24:79:6e:64:31:
bf:a5:df:ad:0a:f3:2c:b4:0a:4e:7b:08:5a:b4:42:69:d7:5f:
2f:d9:65:3b:16:d8:e2:8e:79:4a:67:6f:77:6c:28:60:cb:8e:
ef:8f:13:64:e2:01:cb:80:e4:ad:5c:fb:e5:9f:b5:65:1a:ac:
cd:98:fb:33:26:f7:03:a7:fa:02:2a:9e:b3:4d:6b:58:51:fe:
80:bd:f0:1d:22:01:13:c2:78:80:d8:32:26:ed:1b:bf:c4:a7:
a1:06:4b:99:7f:98:02:e7:bb:34:58:13:e0:fc:2f:fc:94:77:
d0:09:c1:bd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJwlVWr5APTxt66SIxKaXK7LbsiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTAxNDNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhNGMyN2U3MTcxYWFlMzQ5NmZlMGUxZjMyNDM5ZGQ0ODBhODhkYjM1YjNm
YmEzZWE3YzJjMjZhZDcxYzIzMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSZ5RdRaDqF8x37Pt0y+bYeIadaRnWK9XAQlENdzQgjWsVcd1T+WXBd2SWx
62ceo6JpQUE5IsFEyBpqwfSgyr7MZzfYW3pcMB2Nk34RgjY/HefDjPu3Oqa9mXan
Ue+FpkcgvIw/btUeKerHelRXgmzvo7iWDTBbYqfoqcI36uJk99WToqpuoqgxNq0m
zkew71z6svyLTOTboAKyy1ohCIQ/k265/ZPe/U842hy8nX2f9ZPZ5oAtiAKw6O+v
x9/7eyxDiNQaHe5O28VQp6gihs+TjTZCBRmKt/TW75pdyjhYJCJ3Ze4lTaHdIzLS
vrcHLLPlKo/imnTpz+uHAJ2R58sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRNnUw+
Ip+otyfuTV9pBkec9Xl94TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzAyYmQ1OTctMTcwYi00ZWVjLWI4ZDEtMThkNjc4YjA2NWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
EDANBgkqhkiG9w0BAQsFAAOCAQEAp1pAKfzWRdT66NKqQHAHl+39TCV6DVR7yy7X
9SqTz5Y485ZpWizXY5GIBxG3KwvCSoa9bqRa77Jtu0kQweWPC/njw3Bze6WCKyv+
hyXOFbPfiMXBTiPike4gmd0QjLfsZ1k/8LHJdKHhLBr5EAb0z4RtrFJsudOvnbrY
hZ5DahSk/IH+571niOfgliR5bmQxv6XfrQrzLLQKTnsIWrRCaddfL9llOxbY4o55
Smdvd2woYMuO748TZOIBy4DkrVz75Z+1ZRqszZj7Myb3A6f6Aiqes01rWFH+gL3w
HSIBE8J4gNgyJu0bv8SnoQZLmX+YAue7NFgT4Pwv/JR30AnBvQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:49 2025 by rpki-client