Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
File: c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa (raw, json)
Hash identifier: pETPMI6NyLIwmPBLm3BQPrWSynfM5vwkLNbJx+QNH5Y=
Subject key identifier: 3D:19:4B:18:AD:0A:FD:8B:36:B5:6C:05:5E:C7:E0:B7:A2:E9:A8:23
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 346DCB2EF1D95B50D316FF071648CF641FDA2860
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
Signing time: Fri 11 Jul 2025 19:11:04 +0000
ROA not before: Fri 11 Jul 2025 19:11:04 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:6d:cb:2e:f1:d9:5b:50:d3:16:ff:07:16:48:cf:64:1f:da:28:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:11:04 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=9cdb5d4c775aa58c6711c2b92cee2f4d274ee3cdeb5503f17c43f8b1e9ccdf95, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5d:bb:9d:36:0c:4f:17:76:83:72:ba:9c:dd:
6e:93:17:de:2b:0e:f4:38:17:a0:3b:7e:54:ac:58:
72:04:d2:68:cf:19:5d:55:1d:78:9c:4d:23:90:ad:
f5:96:13:ec:a4:94:d0:a4:a0:25:7f:b0:39:99:80:
d7:86:1e:9b:09:4e:85:64:78:f5:e8:3a:ee:c8:78:
b1:f5:a4:38:ec:2b:d8:ea:24:e9:df:f8:75:d1:49:
a5:3b:36:3a:a0:c7:5e:73:40:69:76:06:9f:9b:fa:
bb:78:58:98:11:cf:7b:fa:b3:3a:32:a5:8a:c2:fa:
ed:b5:9c:2a:a1:31:85:7e:a5:3d:db:d8:c9:dc:1f:
5e:6e:3d:fe:76:20:5c:46:5c:97:02:ca:51:7a:a6:
73:80:8d:4e:7f:9d:cc:21:9a:78:b6:f6:27:f8:35:
d0:c8:e3:bd:7e:5c:63:88:79:81:8e:33:b4:a1:0e:
01:f6:f0:01:08:73:f1:6d:0a:65:5f:bb:fa:9f:fc:
26:62:54:54:e7:01:f3:ef:58:56:74:f7:ab:61:e5:
f0:c3:22:bb:b8:ff:72:83:ff:50:fb:6f:1b:29:20:
6d:f2:9c:9c:ce:00:2f:6e:38:f2:53:69:ea:22:4b:
33:0d:14:2f:df:91:32:f3:b7:39:fa:57:07:17:c5:
f6:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:19:4B:18:AD:0A:FD:8B:36:B5:6C:05:5E:C7:E0:B7:A2:E9:A8:23
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:c000::/40
Signature Algorithm: sha256WithRSAEncryption
bb:31:4a:f1:42:09:0e:84:f4:08:1b:8d:4a:71:9a:5a:1e:92:
c0:13:53:bf:f4:30:d2:59:6b:ac:3e:91:11:20:72:90:6f:c9:
82:fe:7e:bb:80:96:64:44:f5:8e:f9:4c:ae:18:b0:21:63:9e:
eb:74:06:16:a1:49:75:f2:3e:85:e2:d7:a9:cc:d6:e5:02:00:
db:72:65:2e:f2:81:c0:eb:ef:03:a2:f3:d1:3e:dc:19:06:4e:
bb:e4:27:3f:cf:44:84:20:f7:4e:47:c2:70:7d:27:f6:78:19:
fc:5e:2a:bf:76:ee:1e:6f:fd:b9:95:b2:6c:12:c4:59:d3:e9:
9d:95:a7:8a:be:17:83:2a:56:09:26:1c:3f:e9:c7:97:16:ca:
0f:20:17:8f:ab:06:da:a9:b3:c3:90:6c:fe:7b:bd:9b:e4:b4:
39:a5:71:99:d0:fc:61:a5:f1:f0:26:c2:a1:2e:4e:b8:1f:05:
27:7d:fb:2c:bb:33:9b:e5:34:a1:e9:32:59:ba:28:c9:86:f2:
69:48:c2:19:97:93:4c:03:c5:c6:01:a8:35:a1:35:a0:a8:f0:
c6:16:40:56:ce:f1:d9:1b:47:15:f7:81:38:7d:1b:f5:0e:f7:
5e:15:b2:2b:28:9a:f2:fa:28:77:2d:d1:8f:ce:ac:77:aa:d0:
3e:d8:ca:0d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNG3LLvHZW1DTFv8HFkjPZB/aKGAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTExMDRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDljZGI1ZDRjNzc1YWE1OGM2NzExYzJiOTJjZWUyZjRkMjc0ZWUzY2RlYjU1
MDNmMTdjNDNmOGIxZTljY2RmOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJdu502DE8XdoNyupzdbpMX3isO9DgXoDt+VKxYcgTSaM8ZXVUdeJxNI5Ct
9ZYT7KSU0KSgJX+wOZmA14YemwlOhWR49eg67sh4sfWkOOwr2Ook6d/4ddFJpTs2
OqDHXnNAaXYGn5v6u3hYmBHPe/qzOjKlisL67bWcKqExhX6lPdvYydwfXm49/nYg
XEZclwLKUXqmc4CNTn+dzCGaeLb2J/g10MjjvX5cY4h5gY4ztKEOAfbwAQhz8W0K
ZV+7+p/8JmJUVOcB8+9YVnT3q2Hl8MMiu7j/coP/UPtvGykgbfKcnM4AL2448lNp
6iJLMw0UL9+RMvO3OfpXBxfF9uECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9GUsY
rQr9iza1bAVex+C3oumoIzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzkyNTY1MzYtMGU5YS00MTc1LThhYzctYTBmYjk5MWViZmY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HbA
MA0GCSqGSIb3DQEBCwUAA4IBAQC7MUrxQgkOhPQIG41KcZpaHpLAE1O/9DDSWWus
PpERIHKQb8mC/n67gJZkRPWO+UyuGLAhY57rdAYWoUl18j6F4tepzNblAgDbcmUu
8oHA6+8DovPRPtwZBk675Cc/z0SEIPdOR8JwfSf2eBn8Xiq/du4eb/25lbJsEsRZ
0+mdlaeKvheDKlYJJhw/6ceXFsoPIBePqwbaqbPDkGz+e72b5LQ5pXGZ0PxhpfHw
JsKhLk64HwUnffssuzOb5TSh6TJZuijJhvJpSMIZl5NMA8XGAag1oTWgqPDGFkBW
zvHZG0cV94E4fRv1DvdeFbIrKJry+ih3LdGPzqx3qtA+2MoN
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:42 2025 by rpki-client