Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cacad3d9-bfa1-49a8-a9b3-cbac7be9fdb2.roa
File: cacad3d9-bfa1-49a8-a9b3-cbac7be9fdb2.roa (raw, json)
Hash identifier: 0GDkXZjkQ3wvMvnGLHLptE0/W7MCy7lhLeHfCLNI5zM=
Subject key identifier: 75:0C:DD:2F:56:01:93:28:10:29:66:0D:0E:AD:3F:91:0C:CA:AC:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D85D69E144A1940BAD16EAF30CC6C8E00FBF8B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cacad3d9-bfa1-49a8-a9b3-cbac7be9fdb2.roa
Signing time: Fri 11 Jul 2025 19:31:14 +0000
ROA not before: Fri 11 Jul 2025 19:31:14 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:85:d6:9e:14:4a:19:40:ba:d1:6e:af:30:cc:6c:8e:00:fb:f8:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:31:14 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=75a90a8bd37a32645421024ff94d750efe0d42b0a229124c69097e53f4a76ed1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b5:6a:d1:19:e9:8f:61:47:95:92:f3:8e:67:
6c:68:89:59:52:b4:49:cb:54:59:6b:a8:29:01:cd:
da:35:94:20:6f:74:f4:fc:dc:44:9b:53:9d:6f:8e:
70:06:19:17:82:f1:ea:36:ed:bb:69:17:f2:ca:8d:
74:b2:c9:1e:ad:53:29:4b:2c:18:4d:94:b4:d1:6a:
4c:fe:b4:48:b0:ca:c0:b8:80:8d:62:89:f5:fd:26:
07:5b:32:53:dd:fc:2e:a2:64:42:1c:9c:9c:51:a8:
03:53:1b:eb:1c:2f:46:c2:a0:8d:c1:18:ee:96:69:
f1:e6:d7:ac:61:bd:29:bc:33:e6:20:ab:1e:c9:28:
8a:1a:3c:f3:15:2e:b3:76:37:2d:38:59:8e:3d:7e:
dd:8c:0f:41:8f:81:7a:a3:aa:cb:e7:2a:67:b6:db:
e7:8b:88:48:31:e4:ed:e9:07:63:19:f5:ed:d7:2b:
37:de:34:6b:22:21:36:b9:e0:d1:17:10:40:e2:1c:
90:8e:5d:15:96:04:6b:7c:bd:cd:85:27:50:1e:27:
60:57:3b:de:5a:15:5a:7f:4c:0d:86:94:29:3f:32:
d7:4d:31:f7:31:6f:01:17:1d:28:2f:0e:cd:74:3b:
c8:4c:33:53:ed:26:60:71:bf:7e:fb:a4:7b:e5:50:
e4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:0C:DD:2F:56:01:93:28:10:29:66:0D:0E:AD:3F:91:0C:CA:AC:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cacad3d9-bfa1-49a8-a9b3-cbac7be9fdb2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:9000::/40
Signature Algorithm: sha256WithRSAEncryption
c2:8d:06:65:a3:2b:75:fd:ff:75:f7:fc:59:7b:1e:fc:80:b4:
f3:d2:72:78:37:a1:70:cd:d2:6f:03:3d:a1:12:ac:9e:7d:0a:
ca:57:8a:ce:e2:85:e4:01:4d:9c:15:90:a0:a3:43:2f:f0:ad:
b8:d3:81:58:ff:c1:16:b1:6d:8c:ad:9a:77:11:fe:63:8c:eb:
cc:84:d9:75:35:36:f4:7e:ff:43:b1:c9:67:11:52:58:5b:b6:
ee:95:b7:c0:bb:58:35:66:9d:e6:35:1c:47:02:ae:39:55:b1:
03:71:e0:7b:cc:a6:36:6f:ac:e2:a2:08:89:60:50:2c:1e:61:
5e:3a:41:37:64:c8:54:ca:74:bc:1e:e0:87:bd:3e:e4:bf:27:
c6:6c:e9:bd:94:15:dc:77:f4:22:6f:2d:a6:96:cf:04:3c:40:
da:dd:2b:2e:32:26:0f:34:36:d0:74:9f:00:a9:14:3c:de:42:
01:c8:01:12:fa:db:69:b8:5c:ed:08:e7:d8:e1:a8:e6:43:9b:
1f:40:4d:cf:8a:6d:ec:86:84:a1:fd:c7:86:34:21:38:ac:6b:
b5:80:37:7a:fb:93:8c:60:43:84:09:df:0e:e3:64:04:e5:82:
96:70:15:4d:9e:8c:eb:8d:df:1f:c9:40:34:a2:36:25:a2:52:
27:41:53:06
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfYXWnhRKGUC60W6vMMxsjgD7+LYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMxMTRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1YTkwYThiZDM3YTMyNjQ1NDIxMDI0ZmY5NGQ3NTBlZmUwZDQyYjBhMjI5
MTI0YzY5MDk3ZTUzZjRhNzZlZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANG1atEZ6Y9hR5WS845nbGiJWVK0SctUWWuoKQHN2jWUIG909PzcRJtTnW+O
cAYZF4Lx6jbtu2kX8sqNdLLJHq1TKUssGE2UtNFqTP60SLDKwLiAjWKJ9f0mB1sy
U938LqJkQhycnFGoA1Mb6xwvRsKgjcEY7pZp8ebXrGG9Kbwz5iCrHskoiho88xUu
s3Y3LThZjj1+3YwPQY+BeqOqy+cqZ7bb54uISDHk7ekHYxn17dcrN940ayIhNrng
0RcQQOIckI5dFZYEa3y9zYUnUB4nYFc73loVWn9MDYaUKT8y100x9zFvARcdKC8O
zXQ7yEwzU+0mYHG/fvuke+VQ5CkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR1DN0v
VgGTKBApZg0OrT+RDMqspzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2FjYWQzZDktYmZhMS00OWE4LWE5YjMtY2JhYzdiZTlmZGIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDCjQZloyt1/f919/xZex78gLTz0nJ4N6FwzdJv
Az2hEqyefQrKV4rO4oXkAU2cFZCgo0Mv8K2404FY/8EWsW2MrZp3Ef5jjOvMhNl1
NTb0fv9DsclnEVJYW7bulbfAu1g1Zp3mNRxHAq45VbEDceB7zKY2b6ziogiJYFAs
HmFeOkE3ZMhUynS8HuCHvT7kvyfGbOm9lBXcd/Qiby2mls8EPEDa3SsuMiYPNDbQ
dJ8AqRQ83kIByAES+ttpuFztCOfY4ajmQ5sfQE3Pim3shoSh/ceGNCE4rGu1gDd6
+5OMYEOECd8O42QE5YKWcBVNnozrjd8fyUA0ojYlolInQVMG
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:32:51 2025 by rpki-client