Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4a89105-f1c3-44cd-b2bf-287ed68055e9.roa
File: c4a89105-f1c3-44cd-b2bf-287ed68055e9.roa (raw, json)
Hash identifier: QybFRPPjZvXwU2uOCEGVOmsneL7nezgtyUdTguvn6GY=
Subject key identifier: 86:2A:FF:1E:3E:78:E7:C5:9E:7F:6C:19:80:37:65:68:E7:A5:AD:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C82BC0649A5F4BD5A5F77BEEF70BE726F32D359
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4a89105-f1c3-44cd-b2bf-287ed68055e9.roa
Signing time: Mon 14 Jul 2025 16:54:13 +0000
ROA not before: Mon 14 Jul 2025 16:54:13 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:82:bc:06:49:a5:f4:bd:5a:5f:77:be:ef:70:be:72:6f:32:d3:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 14 16:54:13 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=d43eff2f769d786c523b2554e4d5e274fedbc3a7ccf82199836ff46f55da42e2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:07:32:f1:1b:ad:0f:90:c0:70:c0:4b:00:6c:
8d:21:21:f7:d4:78:3b:80:da:ad:85:b9:3b:9d:c5:
25:bf:bb:b8:a2:78:af:2f:63:4e:df:98:96:00:70:
52:aa:f5:17:f4:03:c9:db:17:ca:fd:e6:01:2c:21:
53:ad:86:2a:90:dd:96:03:f5:e6:79:c3:1e:6f:24:
2f:72:51:b5:7f:8e:c1:42:03:0f:13:c8:c2:75:1b:
8b:1c:ea:a9:93:06:5f:af:70:11:60:d4:df:75:85:
69:e8:63:80:75:fc:7d:53:8d:8b:97:25:f6:4c:8d:
8c:8d:21:e4:d3:34:d2:43:07:d6:7c:2c:d7:f5:29:
5b:a9:e8:66:9c:6d:cc:ed:b1:06:2e:3d:e8:7a:ac:
8b:37:6e:40:7b:0e:e4:b2:7c:d1:50:77:ec:da:e4:
3f:38:84:65:cd:da:81:cd:08:fa:71:4b:31:b6:07:
b1:29:34:43:72:e2:55:c7:1f:e5:9a:9d:74:56:5f:
5e:4a:0a:94:79:9e:f6:f2:79:33:96:ff:51:93:bc:
d2:30:28:8a:c1:36:f5:7d:8d:70:41:41:af:00:9a:
39:69:ba:d0:a0:b4:92:ac:7c:ed:8b:45:30:63:d6:
e8:31:96:e4:29:e8:b7:cf:0a:fd:28:66:f2:88:db:
75:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:2A:FF:1E:3E:78:E7:C5:9E:7F:6C:19:80:37:65:68:E7:A5:AD:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4a89105-f1c3-44cd-b2bf-287ed68055e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:c000::/40
Signature Algorithm: sha256WithRSAEncryption
92:5a:4d:43:85:5a:f3:96:85:c1:9c:de:1a:bd:5c:ef:b2:a2:
a1:3d:17:65:b1:fc:f0:e8:61:f7:20:d8:5f:85:74:b5:c8:34:
cf:27:a8:98:ab:f6:9e:f8:e3:b5:f6:24:15:6b:2a:99:24:3c:
a8:43:9b:95:8f:1d:12:1b:b4:28:fc:95:db:82:9a:93:77:39:
ef:ca:6a:1a:88:bf:0a:5a:b8:39:66:b8:35:5a:75:e9:f4:70:
43:95:cc:ba:9b:b3:94:6e:34:37:b9:04:fa:87:65:a1:8a:f5:
0e:50:da:e7:b3:c8:a6:84:26:1e:eb:07:bc:a9:10:b9:3d:f0:
ca:b1:6c:b4:20:06:55:3b:54:8e:fb:ad:39:76:2a:3b:a9:df:
1a:06:67:e3:45:c5:32:33:81:8d:97:02:44:29:b5:fa:00:24:
71:f7:6b:07:cc:fe:84:25:21:ca:46:f6:fb:3d:75:72:96:e5:
df:8f:ee:f8:61:69:8b:7a:f5:40:e4:31:87:73:f0:44:b3:ba:
13:2c:d8:c1:47:73:19:3d:68:e0:47:6a:7b:94:88:b0:1f:96:
0c:a0:a6:2c:a1:7a:c9:8f:8c:23:2f:0b:6c:33:8d:49:e6:76:
7c:b9:65:c6:8e:09:bd:1d:d1:6e:3d:73:21:de:6f:2c:55:fe:
1d:d7:58:46
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDIK8Bkml9L1aX3e+73C+cm8y01kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTQxNjU0MTNaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0M2VmZjJmNzY5ZDc4NmM1MjNiMjU1NGU0ZDVlMjc0ZmVkYmMzYTdjY2Y4
MjE5OTgzNmZmNDZmNTVkYTQyZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI4HMvEbrQ+QwHDASwBsjSEh99R4O4DarYW5O53FJb+7uKJ4ry9jTt+YlgBw
Uqr1F/QDydsXyv3mASwhU62GKpDdlgP15nnDHm8kL3JRtX+OwUIDDxPIwnUbixzq
qZMGX69wEWDU33WFaehjgHX8fVONi5cl9kyNjI0h5NM00kMH1nws1/UpW6noZpxt
zO2xBi496HqsizduQHsO5LJ80VB37NrkPziEZc3agc0I+nFLMbYHsSk0Q3LiVccf
5ZqddFZfXkoKlHme9vJ5M5b/UZO80jAoisE29X2NcEFBrwCaOWm60KC0kqx87YtF
MGPW6DGW5Cnot88K/Shm8ojbdXECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSGKv8e
PnjnxZ5/bBmAN2Vo56WtxjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzRhODkxMDUtZjFjMy00NGNkLWIyYmYtMjg3ZWQ2ODA1NWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FnA
MA0GCSqGSIb3DQEBCwUAA4IBAQCSWk1DhVrzloXBnN4avVzvsqKhPRdlsfzw6GH3
INhfhXS1yDTPJ6iYq/ae+OO19iQVayqZJDyoQ5uVjx0SG7Qo/JXbgpqTdznvymoa
iL8KWrg5Zrg1WnXp9HBDlcy6m7OUbjQ3uQT6h2WhivUOUNrns8imhCYe6we8qRC5
PfDKsWy0IAZVO1SO+605dio7qd8aBmfjRcUyM4GNlwJEKbX6ACRx92sHzP6EJSHK
Rvb7PXVyluXfj+74YWmLevVA5DGHc/BEs7oTLNjBR3MZPWjgR2p7lIiwH5YMoKYs
oXrJj4wjLwtsM41J5nZ8uWXGjgm9HdFuPXMh3m8sVf4d11hG
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:15 2025 by rpki-client