Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4acf4ba-05c5-4e0a-9dfd-70cf32218bb4.roa
File: c4acf4ba-05c5-4e0a-9dfd-70cf32218bb4.roa (raw, json)
Hash identifier: PTjq2aER4lsFeNPUF5D0BkxEY8zNp6S76vfrWUYyss4=
Subject key identifier: EE:6A:1A:67:15:88:09:54:C3:37:C3:B8:4F:2E:15:D1:7D:B9:DD:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72C5A106FADC19D210FF2ACE6F9417316012B44A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4acf4ba-05c5-4e0a-9dfd-70cf32218bb4.roa
Signing time: Fri 11 Jul 2025 18:50:10 +0000
ROA not before: Fri 11 Jul 2025 18:50:10 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:40e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:c5:a1:06:fa:dc:19:d2:10:ff:2a:ce:6f:94:17:31:60:12:b4:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:50:10 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=ac40a81f0448de2830af99294b7a25fde4cacca9ac5333e334829f489cab6d1c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:90:41:99:fc:17:32:e3:df:ec:bb:e6:4b:cc:
6d:cf:7b:67:e5:c6:e7:c7:0e:18:32:e3:50:09:00:
f2:86:ab:b2:dc:c3:0f:ce:29:86:2f:84:bc:0c:b1:
cd:16:da:21:53:58:af:16:d4:e6:8d:7b:b4:17:5c:
7b:cb:30:5d:de:06:47:2f:f1:22:cb:fc:53:e6:8f:
4b:ba:f2:8c:de:7d:b4:db:3e:8e:64:52:12:51:39:
95:aa:a3:73:a9:05:2c:8e:67:da:48:e5:f1:bf:e6:
6b:07:6c:98:ad:1e:41:6e:bb:0c:9a:96:6d:ac:8f:
02:38:2b:2e:bb:f4:ce:40:7d:e2:04:f5:d0:56:95:
6e:de:62:c9:8e:9a:d7:8f:3f:c7:39:40:72:7f:ad:
3e:b3:0d:45:ea:86:bb:3c:25:b2:f9:3e:b9:a1:5a:
de:1b:54:26:b9:36:5c:27:f4:c8:a2:81:63:80:91:
6a:7d:5d:18:09:28:ce:ad:0b:6b:57:07:ee:fe:f3:
39:48:82:58:91:23:f9:21:99:1f:9a:a4:50:1b:b0:
67:2c:7b:d7:a5:b4:14:02:e7:c0:be:d7:85:33:72:
f5:36:a7:d9:60:e9:63:66:37:f6:c2:04:3d:e6:a4:
37:3d:2b:48:bc:ec:c0:a6:bd:a0:3b:b5:7b:e1:94:
66:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:6A:1A:67:15:88:09:54:C3:37:C3:B8:4F:2E:15:D1:7D:B9:DD:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4acf4ba-05c5-4e0a-9dfd-70cf32218bb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:40e0::/48
Signature Algorithm: sha256WithRSAEncryption
2c:a0:ab:78:43:0a:42:1d:d7:9b:8f:5c:f0:d8:bf:1a:da:52:
d4:c1:79:87:f5:ff:86:8f:49:32:ae:89:f0:01:c3:6b:d9:00:
6d:2e:24:2b:97:1f:4b:35:68:59:9e:6e:94:f2:3d:e4:20:89:
41:a9:18:6d:ec:ff:1c:1e:e5:c4:61:c4:17:66:da:58:48:69:
76:f5:c5:0d:21:a2:eb:30:ef:02:ce:df:ae:67:32:14:2c:3f:
5d:16:25:83:6b:d6:0c:12:af:b6:12:84:e2:b6:f8:e4:8f:de:
de:df:bc:27:19:62:5b:79:45:98:00:10:75:7d:cf:97:9d:20:
18:cb:ea:59:2c:70:53:15:96:5e:09:ba:5a:9a:27:00:0b:39:
4a:5c:69:80:3a:95:7a:98:d3:ab:13:be:a5:58:16:7f:2a:f7:
f6:2c:38:e1:78:eb:05:cc:4c:67:26:c6:0f:c6:85:23:12:de:
78:45:29:8c:d2:a1:f3:ee:3a:72:e3:c7:86:9d:01:6c:d8:d3:
b9:8c:d3:58:13:67:15:e4:e2:6c:a2:9c:33:db:9c:58:fa:8d:
8e:00:1b:73:e8:ed:a5:c0:dc:76:fa:e3:1a:3e:29:d5:f3:8b:
8d:f0:0b:4c:a3:80:ab:af:88:22:4c:64:f1:e0:a4:bd:18:df:
cd:15:17:0b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcsWhBvrcGdIQ/yrOb5QXMWAStEowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODUwMTBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjNDBhODFmMDQ0OGRlMjgzMGFmOTkyOTRiN2EyNWZkZTRjYWNjYTlhYzUz
MzNlMzM0ODI5ZjQ4OWNhYjZkMWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeQQZn8FzLj3+y75kvMbc97Z+XG58cOGDLjUAkA8oarstzDD84phi+EvAyx
zRbaIVNYrxbU5o17tBdce8swXd4GRy/xIsv8U+aPS7ryjN59tNs+jmRSElE5laqj
c6kFLI5n2kjl8b/mawdsmK0eQW67DJqWbayPAjgrLrv0zkB94gT10FaVbt5iyY6a
148/xzlAcn+tPrMNReqGuzwlsvk+uaFa3htUJrk2XCf0yKKBY4CRan1dGAkozq0L
a1cH7v7zOUiCWJEj+SGZH5qkUBuwZyx716W0FALnwL7XhTNy9Tan2WDpY2Y39sIE
PeakNz0rSLzswKa9oDu1e+GUZmsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTuahpn
FYgJVMM3w7hPLhXRfbndJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzRhY2Y0YmEtMDVjNS00ZTBhLTlkZmQtNzBjZjMyMjE4YmI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
4DANBgkqhkiG9w0BAQsFAAOCAQEALKCreEMKQh3Xm49c8Ni/GtpS1MF5h/X/ho9J
Mq6J8AHDa9kAbS4kK5cfSzVoWZ5ulPI95CCJQakYbez/HB7lxGHEF2baWEhpdvXF
DSGi6zDvAs7frmcyFCw/XRYlg2vWDBKvthKE4rb45I/e3t+8JxliW3lFmAAQdX3P
l50gGMvqWSxwUxWWXgm6WponAAs5SlxpgDqVepjTqxO+pVgWfyr39iw44XjrBcxM
ZybGD8aFIxLeeEUpjNKh8+46cuPHhp0BbNjTuYzTWBNnFeTibKKcM9ucWPqNjgAb
c+jtpcDcdvrjGj4p1fOLjfALTKOAq6+IIkxk8eCkvRjfzRUXCw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:46 2025 by rpki-client