Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
File: cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa (raw, json)
Hash identifier: q3nnAz+RK13qhedenSOhYXQDdj8rm+/ElEJHfqpahAQ=
Subject key identifier: DE:5A:1A:61:DA:B9:70:B2:63:FA:3E:19:63:93:9A:16:B1:0A:03:04
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77464BD319144521C69A8A3D8EDEC4DA91ADB8A2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
Signing time: Fri 11 Jul 2025 19:30:42 +0000
ROA not before: Fri 11 Jul 2025 19:30:42 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:46:4b:d3:19:14:45:21:c6:9a:8a:3d:8e:de:c4:da:91:ad:b8:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:30:42 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=91bb3c45bd75034db3becd0da2136ae2925221bf34f306b0d90ebc915f39b1d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:71:8f:35:bf:d7:08:cd:a6:17:b1:1d:5d:ac:
00:a8:4c:df:c7:cc:02:7b:fd:b5:76:0a:32:9f:a3:
3d:bc:2a:e2:53:b3:f6:a7:51:04:3c:41:7e:e5:ba:
a9:91:e0:62:fd:33:2c:9e:c7:b6:04:c3:f7:59:94:
63:00:cf:5b:a6:be:2e:7f:97:62:2d:97:cd:1c:7b:
5f:21:be:85:40:65:a1:5b:e1:a4:a9:a5:cf:69:8b:
05:33:d0:14:63:7c:59:d9:cd:92:43:76:2e:c5:4c:
ac:bc:52:10:fa:cf:6c:5e:d2:6d:f2:ca:d7:36:bd:
a4:37:de:68:cd:a2:e7:2a:81:de:da:dd:95:45:77:
85:62:76:ca:b7:d9:2e:25:95:61:ee:bf:b6:73:17:
73:0e:25:b5:ac:8f:f3:16:08:9f:f0:4a:a7:fb:1d:
bf:0a:f7:f1:4c:43:a8:47:78:f5:4a:fb:73:fb:be:
54:25:fc:28:4f:95:24:0f:b5:37:5f:8c:f8:fa:c6:
55:b6:27:60:7e:f5:9e:0e:06:38:22:96:69:29:d0:
b9:64:58:d1:a4:71:ee:a3:65:90:d6:9f:1d:6f:55:
44:db:89:06:ab:6e:10:bb:c6:63:a4:ac:be:74:31:
1d:af:70:94:6f:a9:4b:b1:a4:36:23:67:fd:b1:8c:
34:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:5A:1A:61:DA:B9:70:B2:63:FA:3E:19:63:93:9A:16:B1:0A:03:04
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:1040::/48
Signature Algorithm: sha256WithRSAEncryption
86:74:af:aa:a6:9b:10:18:cf:7c:9d:1d:d3:b6:ef:ae:4e:c1:
36:a1:9b:09:ab:2e:90:cd:f1:12:46:88:91:b7:7a:60:f1:95:
f2:22:d4:88:2e:b8:f8:d8:71:fc:6f:39:e7:13:bb:3d:31:80:
9b:4c:b4:83:ca:f4:85:d0:fe:89:a7:ba:ad:f3:0c:2b:76:de:
ca:9d:3f:7a:a1:8b:e5:47:33:2c:75:81:10:3d:27:03:3c:3a:
1f:40:89:e1:d0:d0:58:df:6e:75:a0:fe:e9:59:f7:c7:21:a1:
58:b6:ae:03:5d:90:38:dc:20:fd:4e:83:54:88:2b:50:da:0a:
f9:3d:5c:62:09:e8:c4:48:a4:b9:13:36:0f:18:fc:5c:50:b9:
7c:77:6d:ec:4f:d5:03:4e:dc:e1:57:e9:3c:8c:2b:e4:a9:6e:
be:a1:57:1f:c6:59:9e:b2:98:7a:a9:22:b4:a7:36:80:a1:1f:
83:4b:08:f5:3e:50:0c:f3:f0:d6:b2:4a:d4:c7:a4:f5:e8:46:
e9:45:9d:b0:70:01:f7:59:52:7a:2f:b0:1f:a5:ba:d9:88:b4:
83:bd:24:6f:64:81:19:c5:ba:c3:26:c2:6c:77:0a:87:45:d5:
e5:2f:85:09:b7:1f:30:f5:70:76:b8:d5:3f:d1:3b:92:dc:92:
b6:5e:8a:c6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUd0ZL0xkURSHGmoo9jt7E2pGtuKIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMwNDJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxYmIzYzQ1YmQ3NTAzNGRiM2JlY2QwZGEyMTM2YWUyOTI1MjIxYmYzNGYz
MDZiMGQ5MGViYzkxNWYzOWIxZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZxjzW/1wjNphexHV2sAKhM38fMAnv9tXYKMp+jPbwq4lOz9qdRBDxBfuW6
qZHgYv0zLJ7HtgTD91mUYwDPW6a+Ln+XYi2XzRx7XyG+hUBloVvhpKmlz2mLBTPQ
FGN8WdnNkkN2LsVMrLxSEPrPbF7SbfLK1za9pDfeaM2i5yqB3trdlUV3hWJ2yrfZ
LiWVYe6/tnMXcw4ltayP8xYIn/BKp/sdvwr38UxDqEd49Ur7c/u+VCX8KE+VJA+1
N1+M+PrGVbYnYH71ng4GOCKWaSnQuWRY0aRx7qNlkNafHW9VRNuJBqtuELvGY6Ss
vnQxHa9wlG+pS7GkNiNn/bGMNE0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTeWhph
2rlwsmP6Phljk5oWsQoDBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2FjODUwZjgtNWFhOS00YTU2LWFlYTItZTIyZDNhZmQ0ZTM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAhnSvqqabEBjPfJ0d07bvrk7BNqGbCasukM3x
EkaIkbd6YPGV8iLUiC64+Nhx/G855xO7PTGAm0y0g8r0hdD+iae6rfMMK3beyp0/
eqGL5UczLHWBED0nAzw6H0CJ4dDQWN9udaD+6Vn3xyGhWLauA12QONwg/U6DVIgr
UNoK+T1cYgnoxEikuRM2Dxj8XFC5fHdt7E/VA07c4VfpPIwr5KluvqFXH8ZZnrKY
eqkitKc2gKEfg0sI9T5QDPPw1rJK1Mek9ehG6UWdsHAB91lSei+wH6W62Yi0g70k
b2SBGcW6wybCbHcKh0XV5S+FCbcfMPVwdrjVP9E7ktyStl6Kxg==
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:18 2025 by rpki-client