Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca77909e-ece6-472f-a76c-55402dbb33ad.roa
File: ca77909e-ece6-472f-a76c-55402dbb33ad.roa (raw, json)
Hash identifier: jMkOsZP4+U7nHi23ne7IBP5gMeVv5CMAot33JtMhoqA=
Subject key identifier: E9:65:4F:44:30:6A:50:1D:6F:FA:CF:D1:EE:B5:56:E9:82:83:5A:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A809C55EDDF342EF0C6C3810C6A084E31F28340
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca77909e-ece6-472f-a76c-55402dbb33ad.roa
Signing time: Fri 11 Jul 2025 19:30:54 +0000
ROA not before: Fri 11 Jul 2025 19:30:54 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:c0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:80:9c:55:ed:df:34:2e:f0:c6:c3:81:0c:6a:08:4e:31:f2:83:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:30:54 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=cf614023e2bdec76b600a17ec37fd380aaf9cfccd68d823e05ed8aab19d73890, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:95:5a:64:f5:52:80:74:2b:43:06:3d:fe:09:
54:9d:be:ca:25:11:b6:9a:2e:7c:f9:34:0f:04:6e:
d0:8a:12:7c:c5:19:e9:20:a0:34:34:30:9d:e0:62:
53:7c:77:7d:a2:f7:9f:83:ae:a1:13:df:af:f7:b3:
1c:49:f5:f4:ea:2c:fb:11:a8:3f:db:c2:6f:e9:e0:
14:f8:67:c5:58:c6:11:c2:17:b7:c3:ab:23:49:ab:
41:be:2c:61:23:c3:28:70:1e:3e:0b:51:d3:ee:86:
98:b6:a3:7f:8d:f5:75:c0:68:98:e8:92:1a:ba:73:
b1:ee:e4:b3:71:2d:c4:54:e6:a8:5e:1e:55:20:fa:
7d:5b:1d:66:94:0e:f3:bf:01:a6:44:c3:36:bf:5c:
52:4c:12:21:aa:f5:62:7b:33:03:c3:b7:e9:b9:ad:
1b:40:8f:43:25:67:a2:50:99:6a:9a:e4:03:40:c1:
c2:bf:95:0a:38:4b:05:e7:e5:f0:16:d3:cf:1d:38:
6b:67:d2:84:7b:39:0f:9c:33:a4:c0:4e:02:d0:ed:
1f:a2:4b:ac:d6:16:9c:f1:f1:ad:64:08:b5:49:0d:
69:43:7b:94:55:cb:20:10:b6:e6:f0:21:f1:17:31:
5b:6b:23:0d:1d:ca:1b:21:20:28:36:50:1e:04:47:
b1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:65:4F:44:30:6A:50:1D:6F:FA:CF:D1:EE:B5:56:E9:82:83:5A:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca77909e-ece6-472f-a76c-55402dbb33ad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:c0c0::/46
Signature Algorithm: sha256WithRSAEncryption
69:97:86:4a:49:14:08:1d:e8:e9:dc:fe:8b:5b:bd:54:f0:0a:
46:c2:b5:93:bd:81:45:09:d4:b9:39:09:06:26:90:de:1d:5f:
52:ca:7d:21:0e:76:5a:1b:91:f3:5e:85:0b:d1:1b:b2:e8:88:
53:cf:f3:fd:fd:a5:c8:49:a8:3c:07:92:3e:40:03:8d:97:04:
15:0d:d3:b3:f8:d9:0e:ad:e1:a7:fc:16:89:9d:19:25:c7:1d:
95:1c:9e:cb:d0:c6:7e:c6:a9:6a:97:da:2e:d7:eb:69:52:38:
da:1b:32:46:77:05:79:22:49:47:c6:40:d4:b7:11:02:85:0d:
58:a0:5c:12:33:fc:ef:65:53:90:1b:16:8e:3c:1c:c8:09:11:
c1:0f:8f:02:56:21:ef:42:06:01:ac:f4:f2:de:61:57:8d:64:
f2:e3:b7:d5:b3:17:b3:41:dc:bc:25:c4:68:1b:37:1e:cc:e8:
de:34:9b:5f:e8:d4:71:62:99:28:c7:ee:01:fc:ce:0a:d9:44:
69:a3:c1:e4:a9:68:56:89:eb:7a:fa:08:6c:65:52:fe:7b:44:
45:56:0a:f2:e8:0b:39:cb:1f:30:2d:bd:00:82:a2:e8:99:98:
ff:01:9c:96:e8:0f:14:85:45:fe:57:99:4f:7a:2d:c7:25:e1:
1d:b3:e5:e4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGoCcVe3fNC7wxsOBDGoITjHyg0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMwNTRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmNjE0MDIzZTJiZGVjNzZiNjAwYTE3ZWMzN2ZkMzgwYWFmOWNmY2NkNjhk
ODIzZTA1ZWQ4YWFiMTlkNzM4OTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANyVWmT1UoB0K0MGPf4JVJ2+yiURtpoufPk0DwRu0IoSfMUZ6SCgNDQwneBi
U3x3faL3n4OuoRPfr/ezHEn19Oos+xGoP9vCb+ngFPhnxVjGEcIXt8OrI0mrQb4s
YSPDKHAePgtR0+6GmLajf431dcBomOiSGrpzse7ks3EtxFTmqF4eVSD6fVsdZpQO
878BpkTDNr9cUkwSIar1YnszA8O36bmtG0CPQyVnolCZaprkA0DBwr+VCjhLBefl
8BbTzx04a2fShHs5D5wzpMBOAtDtH6JLrNYWnPHxrWQItUkNaUN7lFXLIBC25vAh
8RcxW2sjDR3KGyEgKDZQHgRHsWsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTpZU9E
MGpQHW/6z9HutVbpgoNagDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2E3NzkwOWUtZWNlNi00NzJmLWE3NmMtNTU0MDJkYmIzM2FkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HfA
wDANBgkqhkiG9w0BAQsFAAOCAQEAaZeGSkkUCB3o6dz+i1u9VPAKRsK1k72BRQnU
uTkJBiaQ3h1fUsp9IQ52WhuR816FC9EbsuiIU8/z/f2lyEmoPAeSPkADjZcEFQ3T
s/jZDq3hp/wWiZ0ZJccdlRyey9DGfsapapfaLtfraVI42hsyRncFeSJJR8ZA1LcR
AoUNWKBcEjP872VTkBsWjjwcyAkRwQ+PAlYh70IGAaz08t5hV41k8uO31bMXs0Hc
vCXEaBs3Hszo3jSbX+jUcWKZKMfuAfzOCtlEaaPB5KloVonrevoIbGVS/ntERVYK
8ugLOcsfMC29AIKi6JmY/wGclugPFIVF/leZT3otxyXhHbPl5A==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:32:58 2025 by rpki-client