Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
File: c3736673-707b-4dfc-aca4-88dcbb52a94d.roa (raw, json)
Hash identifier: WEF1vRcQepW9L7ndJ2kHOiafQz4tPlG+ZIOA3BhYyM4=
Subject key identifier: 5A:F4:5B:E4:FF:0A:67:DC:C7:CC:7F:54:11:F2:86:E6:0C:E1:AC:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 499ECC43A56054B0ECA9A1EFD715CBE0410D2814
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
Signing time: Mon 07 Jul 2025 18:21:04 +0000
ROA not before: Mon 07 Jul 2025 18:21:04 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:9e:cc:43:a5:60:54:b0:ec:a9:a1:ef:d7:15:cb:e0:41:0d:28:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:21:04 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=aeeb31d7c954cab4c0d71eed83a1948462a24e7e5cc569f84a83823df9494e8d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b9:c1:f8:08:f9:b6:4b:c9:89:5f:11:71:0e:
e6:a8:c6:fe:aa:22:10:ae:ea:b9:0d:bf:01:c9:5b:
d2:df:b9:60:80:c0:d0:b4:49:dd:0f:b7:60:ce:0f:
8c:cc:d1:a8:2c:e8:14:14:f0:ca:54:37:8d:6f:9c:
28:a3:09:e7:6b:a8:3b:43:08:f3:50:4f:2e:d4:00:
3c:52:a7:13:41:13:d8:5e:c5:56:58:f5:9f:e7:47:
d1:03:02:cb:87:b7:09:bb:41:2c:3d:21:f9:7b:bc:
cf:f8:f2:94:88:b5:50:c3:fe:e1:b0:61:f1:ef:06:
0e:b0:6a:fd:17:f7:d7:12:da:53:f8:40:7e:91:98:
7b:64:8f:ae:52:89:3e:5b:fb:60:59:be:8e:5c:40:
29:80:bd:cd:31:33:3c:f3:e8:a5:1b:59:e7:04:91:
10:0d:a7:42:0a:55:ef:af:64:ad:9b:ec:33:89:41:
97:dc:27:98:74:db:2b:5c:0d:97:e5:d7:8d:fd:22:
8f:a8:37:ca:9d:51:fe:98:fd:ea:7c:3f:1a:0c:93:
b0:ac:fc:f0:fa:e2:20:6d:68:15:7d:f2:88:b7:95:
2f:84:ea:4c:64:d6:fd:4c:74:c5:e9:67:a6:3d:14:
aa:f4:ea:3f:ca:fa:42:37:6f:84:ba:b3:82:81:72:
f1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:F4:5B:E4:FF:0A:67:DC:C7:CC:7F:54:11:F2:86:E6:0C:E1:AC:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:800::/40
Signature Algorithm: sha256WithRSAEncryption
4f:6e:92:0c:b9:db:52:a0:5b:1a:37:6d:54:ea:2b:5c:f2:10:
8d:9e:57:ef:2a:c2:97:4a:85:d0:61:c3:87:41:4f:89:a4:b5:
6a:da:2a:cb:7f:dc:26:bc:48:fe:24:5b:6b:f2:32:37:0e:95:
0a:1f:94:6f:d2:2b:a6:09:36:81:dd:6f:bf:2f:c3:fe:16:ba:
38:8a:3d:7c:ec:f4:52:2f:a8:6c:88:0b:ba:fc:6f:9a:db:b1:
d1:80:ab:cc:dd:af:f0:6c:0b:bc:0b:7c:99:32:b1:85:65:f1:
ea:a8:17:41:31:da:e7:f3:89:94:9d:61:2f:fe:cc:7f:69:3e:
86:cc:b2:54:11:d1:43:43:df:c6:26:95:c7:b7:9e:c4:3f:20:
98:63:f0:b1:1f:b3:80:b8:36:05:83:10:1e:37:0c:cf:32:09:
9f:c7:b7:82:9a:ef:6d:d1:ee:a2:4a:47:5b:ee:f6:a2:d2:f1:
32:cb:1e:cd:c7:1d:84:ed:5e:e1:0d:e5:97:87:71:a2:8a:90:
5d:c1:6e:e8:f0:be:4f:ce:a4:b8:5d:3d:24:d9:fc:c1:9a:a6:
a9:58:5b:fa:dd:cc:af:c6:5d:ca:86:ba:63:f7:2b:8a:03:58:
f2:e9:91:91:52:be:03:e8:38:e0:fd:8c:76:60:69:bb:73:bd:
cf:2d:92:78
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSZ7MQ6VgVLDsqaHv1xXL4EENKBQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIxMDRaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlZWIzMWQ3Yzk1NGNhYjRjMGQ3MWVlZDgzYTE5NDg0NjJhMjRlN2U1Y2M1
NjlmODRhODM4MjNkZjk0OTRlOGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJS5wfgI+bZLyYlfEXEO5qjG/qoiEK7quQ2/Aclb0t+5YIDA0LRJ3Q+3YM4P
jMzRqCzoFBTwylQ3jW+cKKMJ52uoO0MI81BPLtQAPFKnE0ET2F7FVlj1n+dH0QMC
y4e3CbtBLD0h+Xu8z/jylIi1UMP+4bBh8e8GDrBq/Rf31xLaU/hAfpGYe2SPrlKJ
Plv7YFm+jlxAKYC9zTEzPPPopRtZ5wSREA2nQgpV769krZvsM4lBl9wnmHTbK1wN
l+XXjf0ij6g3yp1R/pj96nw/GgyTsKz88PriIG1oFX3yiLeVL4TqTGTW/Ux0xeln
pj0UqvTqP8r6QjdvhLqzgoFy8SECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRa9Fvk
/wpn3MfMf1QR8obmDOGs4TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzM3MzY2NzMtNzA3Yi00ZGZjLWFjYTQtODhkY2JiNTJhOTRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HgI
MA0GCSqGSIb3DQEBCwUAA4IBAQBPbpIMudtSoFsaN21U6itc8hCNnlfvKsKXSoXQ
YcOHQU+JpLVq2irLf9wmvEj+JFtr8jI3DpUKH5Rv0iumCTaB3W+/L8P+Fro4ij18
7PRSL6hsiAu6/G+a27HRgKvM3a/wbAu8C3yZMrGFZfHqqBdBMdrn84mUnWEv/sx/
aT6GzLJUEdFDQ9/GJpXHt57EPyCYY/CxH7OAuDYFgxAeNwzPMgmfx7eCmu9t0e6i
Skdb7vai0vEyyx7Nxx2E7V7hDeWXh3GiipBdwW7o8L5PzqS4XT0k2fzBmqapWFv6
3cyvxl3Khrpj9yuKA1jy6ZGRUr4D6Djg/Yx2YGm7c73PLZJ4
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:35:03 2025 by rpki-client