Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca1ed493-accf-4e7e-8542-cdb1f8d4834b.roa
File: ca1ed493-accf-4e7e-8542-cdb1f8d4834b.roa (raw, json)
Hash identifier: 4TRbVysTpY67RNajLkWmhaSyyIGG+eXVsiWPRETbkZE=
Subject key identifier: 73:D7:E3:2B:90:27:5A:B0:6F:74:C0:B3:B8:F0:AF:E4:14:F6:FF:BF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C96BB4DA4A5F5913590ECB29A0733453D6C0A7F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca1ed493-accf-4e7e-8542-cdb1f8d4834b.roa
Signing time: Fri 11 Jul 2025 20:01:30 +0000
ROA not before: Fri 11 Jul 2025 20:01:30 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:60c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:96:bb:4d:a4:a5:f5:91:35:90:ec:b2:9a:07:33:45:3d:6c:0a:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:01:30 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=be22f9a33697119d3811aa1f366c0f5c8cd59c3b16c8bbe983e68b7446b70286, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e4:bc:f4:31:44:95:39:b2:72:6b:56:17:ef:
21:bb:02:81:8f:8e:a2:ca:e3:ed:13:8f:ba:0d:b1:
06:02:43:fb:65:25:d1:cd:16:ad:26:4e:6a:d0:02:
e3:ed:1a:48:67:2c:d9:9d:ab:1f:ef:fe:58:ce:7b:
68:0d:d1:39:5e:49:52:0c:dc:d0:d7:f6:cb:c4:26:
9a:8d:64:5f:fe:99:57:11:3e:b4:c1:9e:db:c6:14:
36:e7:ca:2f:50:91:96:56:61:bd:9d:f9:e8:da:c7:
f9:5d:33:8e:f6:9e:55:53:0c:e9:f0:e7:3c:ae:59:
ea:ce:37:7c:53:6d:de:d2:e1:fe:57:72:55:57:b8:
fc:50:1e:f5:ea:a8:25:4c:05:3b:8d:44:1a:00:f9:
ec:74:cd:a0:7d:3d:76:a5:3c:7b:27:7c:b2:02:b5:
bd:1d:71:63:af:16:dd:19:c7:ee:55:17:cf:f6:2b:
53:86:6c:02:72:0d:25:c3:7b:ce:c9:5c:fa:cb:e2:
1a:a7:db:af:4a:7c:d3:61:44:29:f3:7f:b1:f6:17:
a6:53:78:d6:e6:3a:85:da:66:f6:6c:cc:c2:26:fe:
3a:96:37:66:be:8b:6b:df:cc:1a:5a:17:24:83:59:
25:8f:30:30:69:51:a5:e6:d9:c2:92:61:96:66:e5:
dc:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D7:E3:2B:90:27:5A:B0:6F:74:C0:B3:B8:F0:AF:E4:14:F6:FF:BF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca1ed493-accf-4e7e-8542-cdb1f8d4834b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
42:4e:e9:35:0e:84:b8:c0:b4:f0:c4:99:3c:97:ac:ca:8f:ca:
57:5f:59:b4:e0:54:ed:30:d7:7c:9d:fe:5e:90:89:30:6e:30:
fe:71:81:02:0b:5b:b8:12:37:f1:41:c7:2e:29:2b:5c:7d:01:
28:80:59:ae:3e:5a:52:e4:be:0c:0e:ce:46:ff:21:cc:43:3c:
d6:b5:4a:29:72:d8:56:87:ba:bf:ca:67:3c:6e:dd:ab:b7:ea:
04:d4:6d:c8:4e:a5:e5:ab:74:bd:ed:42:38:7e:76:14:42:44:
ed:ce:fc:fb:76:7c:3a:c2:2a:21:26:8f:37:2b:fe:7c:6e:34:
6c:13:61:24:97:24:54:e9:86:61:2a:ef:b6:cb:a5:e6:ac:b9:
1a:e4:de:cf:5b:48:21:a7:ec:b9:6f:86:34:f6:26:ff:38:6a:
d7:e8:bf:79:ac:fa:20:2f:32:00:60:09:cd:04:da:d2:1e:7f:
4c:fe:89:95:a4:7c:fd:9a:7d:ca:83:20:08:7a:2f:fb:4c:60:
29:94:78:0e:0c:4f:fd:11:1a:4c:dd:87:00:78:52:34:e3:1a:
c3:ad:90:76:70:84:8b:44:11:4a:95:c9:09:f3:d8:da:15:8b:
be:df:39:cd:6a:e4:18:3d:1b:a5:b8:73:bc:8d:31:5a:db:7f:
2d:94:92:8e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfJa7TaSl9ZE1kOyymgczRT1sCn8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAxMzBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlMjJmOWEzMzY5NzExOWQzODExYWExZjM2NmMwZjVjOGNkNTljM2IxNmM4
YmJlOTgzZTY4Yjc0NDZiNzAyODYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTkvPQxRJU5snJrVhfvIbsCgY+Oosrj7ROPug2xBgJD+2Ul0c0WrSZOatAC
4+0aSGcs2Z2rH+/+WM57aA3ROV5JUgzc0Nf2y8Qmmo1kX/6ZVxE+tMGe28YUNufK
L1CRllZhvZ356NrH+V0zjvaeVVMM6fDnPK5Z6s43fFNt3tLh/ldyVVe4/FAe9eqo
JUwFO41EGgD57HTNoH09dqU8eyd8sgK1vR1xY68W3RnH7lUXz/YrU4ZsAnINJcN7
zslc+sviGqfbr0p802FEKfN/sfYXplN41uY6hdpm9mzMwib+OpY3Zr6La9/MGloX
JINZJY8wMGlRpebZwpJhlmbl3B8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRz1+Mr
kCdasG90wLO48K/kFPb/vzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2ExZWQ0OTMtYWNjZi00ZTdlLTg1NDItY2RiMWY4ZDQ4MzRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hdg
wDANBgkqhkiG9w0BAQsFAAOCAQEAQk7pNQ6EuMC08MSZPJesyo/KV19ZtOBU7TDX
fJ3+XpCJMG4w/nGBAgtbuBI38UHHLikrXH0BKIBZrj5aUuS+DA7ORv8hzEM81rVK
KXLYVoe6v8pnPG7dq7fqBNRtyE6l5at0ve1COH52FEJE7c78+3Z8OsIqISaPNyv+
fG40bBNhJJckVOmGYSrvtsul5qy5GuTez1tIIafsuW+GNPYm/zhq1+i/eaz6IC8y
AGAJzQTa0h5/TP6JlaR8/Zp9yoMgCHov+0xgKZR4DgxP/REaTN2HAHhSNOMaw62Q
dnCEi0QRSpXJCfPY2hWLvt85zWrkGD0bpbhzvI0xWtt/LZSSjg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:23 2025 by rpki-client