Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8af18fc-ae06-42ae-9533-a5516ea722d4.roa
File: c8af18fc-ae06-42ae-9533-a5516ea722d4.roa (raw, json)
Hash identifier: nrK4z54nPwbOuIcBb3/tv0RSKkbWwm/F14cms5GpqAs=
Subject key identifier: 40:61:F8:9E:DD:67:6F:09:99:8A:61:E0:BF:31:B8:C5:DA:0D:48:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 720AC92CEF6CABB43E951F77B3045C7D5C89824D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8af18fc-ae06-42ae-9533-a5516ea722d4.roa
Signing time: Fri 11 Jul 2025 19:10:10 +0000
ROA not before: Fri 11 Jul 2025 19:10:10 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:0a:c9:2c:ef:6c:ab:b4:3e:95:1f:77:b3:04:5c:7d:5c:89:82:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:10:10 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a2dd81ff6d7232264d685e14d4bdfece2cc26d8830e17fe70b2630ce407fc126, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d9:e0:8e:62:e8:6f:20:31:68:a0:9f:fe:2b:
60:b9:11:f6:62:78:47:54:f5:4f:c6:1c:24:e4:f6:
e3:cc:79:f7:aa:0e:56:b0:e8:dd:f1:db:94:6b:cd:
97:26:b6:3e:25:78:1d:1c:07:30:11:69:1c:65:76:
37:72:35:a9:54:84:9c:f1:70:fd:62:f2:49:4d:87:
51:b7:08:fb:97:02:14:00:79:b0:82:66:bd:25:ac:
03:04:5e:5f:d1:9d:43:ed:b3:9e:9d:65:64:4b:ca:
70:01:6b:32:91:51:f2:59:6e:18:b2:15:c4:c4:d2:
6b:7d:bb:a7:24:5b:12:f6:5d:d9:04:f9:cf:82:a3:
71:6c:cc:29:2d:a5:8b:a9:3e:d8:9a:a4:9c:c0:d5:
a3:50:a0:d2:22:73:91:62:f0:80:36:c4:c1:e3:1d:
29:7a:9b:13:c3:90:f5:ed:07:af:ad:c5:ec:4b:37:
3b:f3:c0:f2:13:b2:d6:23:92:6c:0d:ea:95:06:73:
b5:90:be:0f:d0:6b:75:09:4c:8d:55:97:7c:9b:fa:
f9:1d:41:b3:7b:60:5d:78:27:aa:1c:45:b2:a6:62:
ed:54:86:7a:40:ab:88:2e:03:f8:95:ae:e9:21:37:
ea:e0:be:e3:c1:0b:ec:9d:47:31:4e:c8:92:e0:e5:
62:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:61:F8:9E:DD:67:6F:09:99:8A:61:E0:BF:31:B8:C5:DA:0D:48:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8af18fc-ae06-42ae-9533-a5516ea722d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9080::/48
Signature Algorithm: sha256WithRSAEncryption
8f:27:c6:d9:19:4c:1d:1b:95:b8:15:fa:af:4d:94:a6:f8:d4:
dc:f5:66:9f:7a:51:ee:ba:1f:91:11:af:40:bd:fe:6f:e1:f6:
56:b2:6e:d8:6c:c0:e8:d2:8d:d1:8e:61:1b:31:85:7c:0d:54:
76:37:6c:57:36:f3:35:85:80:f0:30:a9:d2:60:e7:2d:89:04:
7b:d8:dd:8b:2f:03:6d:0b:00:0d:ce:53:d2:d4:e6:f0:27:9a:
4d:95:9d:02:f1:f5:31:d9:b0:d3:ff:d1:a2:e0:56:53:b6:99:
80:eb:ce:b3:11:22:02:a5:0f:c5:4c:d3:89:3a:45:cd:b3:f3:
f2:2f:50:af:8e:00:02:7a:25:cf:c1:51:de:5a:87:2a:6f:13:
5d:18:91:e3:6e:9b:8e:d5:09:83:47:e8:2d:4f:de:c0:3d:8e:
32:b1:12:6f:41:39:24:20:30:8c:07:b2:9f:aa:51:25:41:8f:
60:71:fb:36:96:e0:07:7b:ce:74:b7:1a:89:d7:d9:98:f1:78:
61:8a:ab:67:e5:d7:bf:3f:db:23:0a:fe:ce:d1:0f:29:2b:be:
34:20:a8:2b:b5:e2:ca:81:40:7e:24:5d:ad:45:8c:11:f2:56:
5f:68:bd:9b:a3:7c:39:b1:4c:f3:06:56:cd:44:7f:94:95:b5:
74:ce:e4:bb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcgrJLO9sq7Q+lR93swRcfVyJgk0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTEwMTBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyZGQ4MWZmNmQ3MjMyMjY0ZDY4NWUxNGQ0YmRmZWNlMmNjMjZkODgzMGUx
N2ZlNzBiMjYzMGNlNDA3ZmMxMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfZ4I5i6G8gMWign/4rYLkR9mJ4R1T1T8YcJOT248x596oOVrDo3fHblGvN
lya2PiV4HRwHMBFpHGV2N3I1qVSEnPFw/WLySU2HUbcI+5cCFAB5sIJmvSWsAwRe
X9GdQ+2znp1lZEvKcAFrMpFR8lluGLIVxMTSa327pyRbEvZd2QT5z4KjcWzMKS2l
i6k+2JqknMDVo1Cg0iJzkWLwgDbEweMdKXqbE8OQ9e0Hr63F7Es3O/PA8hOy1iOS
bA3qlQZztZC+D9BrdQlMjVWXfJv6+R1Bs3tgXXgnqhxFsqZi7VSGekCriC4D+JWu
6SE36uC+48EL7J1HMU7IkuDlYlMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRAYfie
3WdvCZmKYeC/MbjF2g1ItzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzhhZjE4ZmMtYWUwNi00MmFlLTk1MzMtYTU1MTZlYTcyMmQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAjyfG2RlMHRuVuBX6r02UpvjU3PVmn3pR7rof
kRGvQL3+b+H2VrJu2GzA6NKN0Y5hGzGFfA1UdjdsVzbzNYWA8DCp0mDnLYkEe9jd
iy8DbQsADc5T0tTm8CeaTZWdAvH1Mdmw0//RouBWU7aZgOvOsxEiAqUPxUzTiTpF
zbPz8i9Qr44AAnolz8FR3lqHKm8TXRiR426bjtUJg0foLU/ewD2OMrESb0E5JCAw
jAeyn6pRJUGPYHH7NpbgB3vOdLcaidfZmPF4YYqrZ+XXvz/bIwr+ztEPKSu+NCCo
K7XiyoFAfiRdrUWMEfJWX2i9m6N8ObFM8wZWzUR/lJW1dM7kuw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:25 2025 by rpki-client