Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9177cdc-4634-4d34-9814-46c0484fcddb.roa
File: c9177cdc-4634-4d34-9814-46c0484fcddb.roa (raw, json)
Hash identifier: 0xV0b25yEEi7nFzzP1pydidu4qga2BpHKRbYp91jM+o=
Subject key identifier: 45:76:A8:B7:16:ED:65:CD:2D:FA:2B:07:6B:C9:B3:29:11:BB:2D:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 319BBBF6B1A48329B69B0BFAC97121F504290DCE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9177cdc-4634-4d34-9814-46c0484fcddb.roa
Signing time: Mon 07 Jul 2025 18:20:11 +0000
ROA not before: Mon 07 Jul 2025 18:20:11 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:8c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:9b:bb:f6:b1:a4:83:29:b6:9b:0b:fa:c9:71:21:f5:04:29:0d:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:20:11 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=85652b2058af4e1a2370470e724d149c3bb313675d2ce8159d57c392c996d01d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:be:ec:8e:06:b4:3d:4d:66:54:65:fa:9f:c9:
e7:d6:84:ec:80:ff:ba:0b:14:1c:d6:88:41:9e:5a:
77:9e:55:49:c1:a4:89:bc:a5:f4:62:d1:f0:61:90:
3d:29:d5:7c:73:d4:f6:ea:cf:cf:a2:57:57:69:bf:
bf:f2:3b:ea:20:e3:75:a9:dd:38:4a:b2:b3:43:0d:
cc:aa:ae:4e:4f:06:e6:22:b8:8f:4c:13:19:9b:f3:
3a:c0:e8:ff:ba:55:05:3f:12:fe:04:f3:15:c3:47:
2f:06:14:cb:90:d1:f1:a3:f0:b8:9a:e1:72:a2:03:
95:63:cc:71:0d:4c:3d:e9:7f:e2:7e:3e:33:c1:aa:
4e:61:e7:9a:bf:39:70:c7:9e:aa:8f:ec:ad:df:03:
e8:79:f2:27:7a:a8:16:53:6c:7e:4e:77:ac:c7:39:
cf:47:ce:64:17:de:c6:64:c2:e5:2e:ab:f1:cf:58:
b6:95:6f:4d:d6:36:0f:69:a0:71:1b:4c:23:95:30:
24:7d:f8:f3:60:2d:24:57:b4:c2:db:27:02:ba:6b:
2b:4a:22:7b:bc:83:a8:45:73:37:1c:06:03:8d:43:
21:0f:e7:e4:96:c8:27:78:dd:36:8c:4f:bb:a0:95:
22:3f:73:ae:9c:01:ca:c8:de:09:8e:52:57:99:61:
4e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:76:A8:B7:16:ED:65:CD:2D:FA:2B:07:6B:C9:B3:29:11:BB:2D:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9177cdc-4634-4d34-9814-46c0484fcddb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:8c0::/46
Signature Algorithm: sha256WithRSAEncryption
c8:4f:56:b0:6d:b5:4f:52:35:c2:62:d8:eb:55:42:66:cc:6e:
49:ee:8e:4d:d3:8a:bb:70:20:5a:98:2a:13:77:b5:82:69:8d:
42:e2:5c:d8:65:59:44:16:1c:f0:14:5a:04:dc:54:df:6d:bb:
1e:dd:eb:cd:83:d3:39:fd:0e:c3:82:94:1c:ce:84:93:e0:52:
2d:39:ac:cf:16:77:84:8c:6c:1f:67:21:6f:17:74:23:dd:62:
27:da:c2:36:1f:2f:56:b7:3e:9e:a9:a7:07:1e:ed:8c:8d:d6:
6a:c7:b0:88:1c:3e:1f:39:0d:bf:f2:58:a2:46:53:ca:0c:71:
3b:3e:90:88:be:05:5c:4b:bb:fc:f0:f7:c5:02:0b:18:d5:6f:
2f:52:6a:98:9b:d2:d0:af:17:f8:ad:0f:40:ec:0d:62:72:d9:
5c:75:d1:94:7a:3e:c7:7b:63:6e:8b:df:38:12:a4:8a:2c:af:
14:41:59:9e:8f:b4:4b:f0:cb:e1:c2:23:d1:5e:21:47:36:b4:
be:40:56:45:b9:e6:2f:a9:dc:ef:92:4f:13:0f:c0:8b:75:df:
2a:c8:bf:48:52:7d:95:fd:18:ee:b3:b9:12:46:a3:0b:58:50:
1a:e4:10:9b:12:ec:5c:07:6b:66:2f:a8:39:25:28:18:95:33:
c2:0f:2a:f9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMZu79rGkgym2mwv6yXEh9QQpDc4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIwMTFaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1NjUyYjIwNThhZjRlMWEyMzcwNDcwZTcyNGQxNDljM2JiMzEzNjc1ZDJj
ZTgxNTlkNTdjMzkyYzk5NmQwMWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKu+7I4GtD1NZlRl+p/J59aE7ID/ugsUHNaIQZ5ad55VScGkibyl9GLR8GGQ
PSnVfHPU9urPz6JXV2m/v/I76iDjdandOEqys0MNzKquTk8G5iK4j0wTGZvzOsDo
/7pVBT8S/gTzFcNHLwYUy5DR8aPwuJrhcqIDlWPMcQ1MPel/4n4+M8GqTmHnmr85
cMeeqo/srd8D6HnyJ3qoFlNsfk53rMc5z0fOZBfexmTC5S6r8c9YtpVvTdY2D2mg
cRtMI5UwJH3482AtJFe0wtsnArprK0oie7yDqEVzNxwGA41DIQ/n5JbIJ3jdNoxP
u6CVIj9zrpwBysjeCY5SV5lhTiUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRFdqi3
Fu1lzS36KwdrybMpEbstjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzkxNzdjZGMtNDYzNC00ZDM0LTk4MTQtNDZjMDQ4NGZjZGRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HsI
wDANBgkqhkiG9w0BAQsFAAOCAQEAyE9WsG21T1I1wmLY61VCZsxuSe6OTdOKu3Ag
WpgqE3e1gmmNQuJc2GVZRBYc8BRaBNxU3227Ht3rzYPTOf0Ow4KUHM6Ek+BSLTms
zxZ3hIxsH2chbxd0I91iJ9rCNh8vVrc+nqmnBx7tjI3WasewiBw+HzkNv/JYokZT
ygxxOz6QiL4FXEu7/PD3xQILGNVvL1JqmJvS0K8X+K0PQOwNYnLZXHXRlHo+x3tj
bovfOBKkiiyvFEFZno+0S/DL4cIj0V4hRza0vkBWRbnmL6nc75JPEw/Ai3XfKsi/
SFJ9lf0Y7rO5EkajC1hQGuQQmxLsXAdrZi+oOSUoGJUzwg8q+Q==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:16 2025 by rpki-client