Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
File: ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa (raw, json)
Hash identifier: zEl6IoiAoO9Mj4A76Qc7dcUw2AwDVTlx3txYEvj2s8o=
Subject key identifier: 46:D7:8E:2B:76:8E:37:59:CA:BF:7D:2D:CA:CE:87:FF:09:F9:CE:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A62C146ACBCBE10E3E33A67CBEC6BFCD03808F8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
Signing time: Fri 11 Jul 2025 19:20:50 +0000
ROA not before: Fri 11 Jul 2025 19:20:50 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:62:c1:46:ac:bc:be:10:e3:e3:3a:67:cb:ec:6b:fc:d0:38:08:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:20:50 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=eb183c9fdf6b580a9adf64f81b4bd9262a15017f3b2202633a3a3a5a3d8a5010, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:32:a2:59:85:d3:d9:e4:c3:c8:2e:81:e8:60:
1c:1d:d7:9d:53:43:d7:56:2f:12:e2:c1:40:e3:39:
a7:95:e4:00:a5:d6:85:e9:c1:7b:68:1b:00:a6:6a:
ec:70:75:8c:d7:49:2c:fa:1f:0f:1f:cd:e3:4a:5e:
08:18:de:70:59:c4:aa:01:9f:ad:dc:a7:3a:b3:c8:
96:21:07:a1:b5:29:58:da:92:b9:f2:96:c7:3a:95:
13:48:7b:7e:25:d0:c7:08:e2:88:d8:82:0e:8f:3a:
9b:da:f3:e8:15:f1:bb:22:86:ca:e3:bc:23:0c:9e:
19:e3:4a:a5:df:aa:9f:a8:c2:7d:cb:8b:8b:d1:6c:
01:3d:a4:ee:19:e4:ec:d4:df:c0:16:67:88:1c:00:
c3:90:6d:b8:9f:6d:6d:55:27:4c:4c:d7:42:7b:7f:
6b:77:95:fb:66:b5:8d:47:d6:c2:ae:1d:b5:59:c5:
b7:64:19:c1:fa:0b:fe:0e:b1:0b:70:ff:be:4c:9a:
fb:10:99:45:f4:d2:c0:81:68:8b:b4:2b:9b:af:ca:
2a:5a:0b:75:89:43:ea:02:ef:33:0d:cc:cd:85:2c:
28:af:fb:ed:ff:9c:8b:8b:5e:ba:3e:e2:64:a3:0e:
28:6a:dc:74:af:ef:18:05:0c:cc:9c:1e:a3:84:80:
d8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:D7:8E:2B:76:8E:37:59:CA:BF:7D:2D:CA:CE:87:FF:09:F9:CE:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1000::/40
Signature Algorithm: sha256WithRSAEncryption
88:4b:1a:f1:18:99:a9:2e:e1:55:0d:57:c1:58:4f:4b:14:59:
74:f2:4f:ce:eb:f7:fa:c0:3f:ae:08:6d:4a:29:f9:18:29:3c:
82:79:c4:14:ed:f6:38:e3:f6:f1:bf:3a:5f:81:7e:1d:03:c9:
c8:c9:16:83:97:4b:fa:fc:bd:23:e0:e2:b1:ee:69:39:24:54:
cd:f6:b6:43:e3:20:75:03:c3:fd:01:12:cf:35:2a:4b:d8:85:
17:83:29:b5:7e:d7:f6:d9:93:92:1c:ac:b1:78:a3:d0:ae:aa:
21:a0:16:86:b0:ef:bd:67:bb:07:e4:6d:67:3d:f0:b1:ab:d3:
8e:7c:b1:49:b8:5c:d8:cf:59:78:63:bf:55:d3:99:f7:46:6b:
d3:b2:30:30:6c:fd:de:6a:50:26:ee:bb:01:15:e0:c0:62:5a:
85:29:a5:d4:f9:23:3b:32:c1:01:2c:80:f5:48:ab:74:1f:ef:
e4:bf:1e:c4:3e:f6:17:ba:e3:da:ec:7f:58:34:6b:37:fe:75:
5b:cf:27:18:ad:71:3a:05:a4:d7:6c:94:dd:dd:c2:ab:52:52:
b8:33:60:92:d2:13:bc:c8:8d:c7:f3:b2:e4:4d:13:ca:34:30:
3a:f0:34:98:cf:af:61:06:73:6a:20:c2:7c:94:b3:2b:ca:ce:
79:50:15:ae
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCmLBRqy8vhDj4zpny+xr/NA4CPgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIwNTBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGViMTgzYzlmZGY2YjU4MGE5YWRmNjRmODFiNGJkOTI2MmExNTAxN2YzYjIy
MDI2MzNhM2EzYTVhM2Q4YTUwMTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwyolmF09nkw8gugehgHB3XnVND11YvEuLBQOM5p5XkAKXWhenBe2gbAKZq
7HB1jNdJLPofDx/N40peCBjecFnEqgGfrdynOrPIliEHobUpWNqSufKWxzqVE0h7
fiXQxwjiiNiCDo86m9rz6BXxuyKGyuO8IwyeGeNKpd+qn6jCfcuLi9FsAT2k7hnk
7NTfwBZniBwAw5BtuJ9tbVUnTEzXQnt/a3eV+2a1jUfWwq4dtVnFt2QZwfoL/g6x
C3D/vkya+xCZRfTSwIFoi7Qrm6/KKloLdYlD6gLvMw3MzYUsKK/77f+ci4teuj7i
ZKMOKGrcdK/vGAUMzJweo4SA2LUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRG144r
do43Wcq/fS3Kzof/CfnODjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2EzZjRkMTEtZGM2Yi00YTgyLWJlNjEtNjhmMWQ3ODM4ZjkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCISxrxGJmpLuFVDVfBWE9LFFl08k/O6/f6wD+u
CG1KKfkYKTyCecQU7fY44/bxvzpfgX4dA8nIyRaDl0v6/L0j4OKx7mk5JFTN9rZD
4yB1A8P9ARLPNSpL2IUXgym1ftf22ZOSHKyxeKPQrqohoBaGsO+9Z7sH5G1nPfCx
q9OOfLFJuFzYz1l4Y79V05n3RmvTsjAwbP3ealAm7rsBFeDAYlqFKaXU+SM7MsEB
LID1SKt0H+/kvx7EPvYXuuPa7H9YNGs3/nVbzycYrXE6BaTXbJTd3cKrUlK4M2CS
0hO8yI3H87LkTRPKNDA68DSYz69hBnNqIMJ8lLMrys55UBWu
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:15 2025 by rpki-client