Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa
File: caeeaf61-b927-4d38-b398-1efb2c05d49e.roa (raw, json)
Hash identifier: w/N44EZVZBT2DNKg+wd0xgTIJxPZJaU6VGklIRkUx5w=
Subject key identifier: FD:A1:96:AC:0D:80:B1:F6:44:39:7A:A7:85:91:F9:8F:25:AC:BF:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6EE36A31BD090E065B3BD446D86174694DCB251A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa
Signing time: Mon 07 Jul 2025 18:21:14 +0000
ROA not before: Mon 07 Jul 2025 18:21:14 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:e3:6a:31:bd:09:0e:06:5b:3b:d4:46:d8:61:74:69:4d:cb:25:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:21:14 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=8cf7ff7f9cf526095d2e7a4affce05a891e8e384bc919af0e917602c94e28d4f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:82:b5:90:e1:b4:d8:a9:b3:43:bc:16:1d:f2:
64:36:d3:b3:7e:d2:53:58:59:49:e9:db:e4:cc:e1:
4e:fb:d0:a2:0c:a5:58:5b:fb:dd:35:e4:4b:e3:ef:
1b:fb:20:cf:13:2c:2a:14:ef:c4:d4:b0:95:5b:f7:
e8:6f:7c:4d:ff:ee:db:4a:d0:ec:08:d0:9e:cd:98:
64:e5:31:c0:69:c3:a4:02:2a:65:ac:36:5f:bd:35:
f0:a8:dd:f6:c5:dd:16:03:a8:22:02:34:0c:92:c2:
d0:be:3c:72:e9:a5:a2:4d:8c:c6:46:94:ea:2d:5a:
49:f5:17:a0:1b:41:3a:0c:bf:e2:93:93:e7:c3:41:
48:c6:f3:da:8f:57:15:da:d6:4a:30:a4:59:a7:b8:
8e:9b:bc:fb:81:63:55:0e:cb:3b:31:5e:5b:eb:47:
2a:36:2b:60:9d:87:58:df:54:14:a3:a5:7a:20:4e:
59:70:62:6b:f9:13:96:4d:de:75:c0:27:e8:95:4e:
d0:d1:c0:62:1d:88:46:7c:34:83:e9:57:95:06:2e:
68:6b:c3:98:1f:de:7f:e9:2a:88:9d:05:47:90:70:
d3:2e:4b:c8:d3:ea:49:74:e7:32:d5:e7:41:42:94:
bb:f5:6f:2a:8e:37:e1:22:81:41:74:77:04:71:48:
ea:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A1:96:AC:0D:80:B1:F6:44:39:7A:A7:85:91:F9:8F:25:AC:BF:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:800::/40
Signature Algorithm: sha256WithRSAEncryption
81:be:5f:22:3f:30:ba:9a:b2:68:7b:d8:ed:b7:51:32:cf:93:
b7:ac:f1:68:b4:be:04:df:d5:c5:f8:4b:5c:63:8c:06:1a:61:
dc:55:54:ac:2d:e3:59:34:53:d7:44:12:a2:e3:10:b1:a1:ce:
39:80:8a:00:94:19:2a:8c:c1:ab:e5:78:3d:53:ae:f7:bc:e7:
bb:c8:6a:68:7a:0c:25:93:ff:b0:0c:c9:e9:99:5c:64:9c:91:
7b:f0:9a:62:44:c8:ce:3a:de:52:cd:4b:95:6d:e9:c7:91:fd:
bd:c2:a4:45:8d:9c:ad:d7:9a:ff:78:55:b6:fa:5b:5f:dd:35:
43:f6:10:05:f6:e9:f1:d7:16:b2:3d:c7:05:80:a3:f3:73:a5:
d4:16:ac:ab:53:b5:ab:9d:97:3d:1e:ea:bc:f2:9e:94:1e:57:
2c:b9:1f:07:2b:f1:b6:0b:bf:13:37:0f:e9:e2:49:1f:70:c5:
ba:fa:57:67:bd:ac:b6:91:cf:e4:31:27:48:46:06:9a:e1:fb:
95:04:a4:2b:21:1b:0f:8f:0e:78:6f:c6:4c:c5:a5:ba:ef:58:
f3:26:ff:4e:3f:75:a4:bb:8b:18:89:2f:a8:9a:64:86:0b:96:
8a:83:15:a8:93:a8:8a:d7:f8:0b:e3:7f:93:dc:c3:08:18:d7:
67:ea:6b:df
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbuNqMb0JDgZbO9RG2GF0aU3LJRowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIxMTRaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjZjdmZjdmOWNmNTI2MDk1ZDJlN2E0YWZmY2UwNWE4OTFlOGUzODRiYzkx
OWFmMGU5MTc2MDJjOTRlMjhkNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM6CtZDhtNips0O8Fh3yZDbTs37SU1hZSenb5MzhTvvQogylWFv73TXkS+Pv
G/sgzxMsKhTvxNSwlVv36G98Tf/u20rQ7AjQns2YZOUxwGnDpAIqZaw2X7018Kjd
9sXdFgOoIgI0DJLC0L48cumlok2MxkaU6i1aSfUXoBtBOgy/4pOT58NBSMbz2o9X
FdrWSjCkWae4jpu8+4FjVQ7LOzFeW+tHKjYrYJ2HWN9UFKOleiBOWXBia/kTlk3e
dcAn6JVO0NHAYh2IRnw0g+lXlQYuaGvDmB/ef+kqiJ0FR5Bw0y5LyNPqSXTnMtXn
QUKUu/VvKo434SKBQXR3BHFI6oUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT9oZas
DYCx9kQ5eqeFkfmPJay/hjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2FlZWFmNjEtYjkyNy00ZDM4LWIzOTgtMWVmYjJjMDVkNDllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FgI
MA0GCSqGSIb3DQEBCwUAA4IBAQCBvl8iPzC6mrJoe9jtt1Eyz5O3rPFotL4E39XF
+EtcY4wGGmHcVVSsLeNZNFPXRBKi4xCxoc45gIoAlBkqjMGr5Xg9U673vOe7yGpo
egwlk/+wDMnpmVxknJF78JpiRMjOOt5SzUuVbenHkf29wqRFjZyt15r/eFW2+ltf
3TVD9hAF9unx1xayPccFgKPzc6XUFqyrU7WrnZc9Huq88p6UHlcsuR8HK/G2C78T
Nw/p4kkfcMW6+ldnvay2kc/kMSdIRgaa4fuVBKQrIRsPjw54b8ZMxaW671jzJv9O
P3Wku4sYiS+ommSGC5aKgxWok6iK1/gL43+T3MMIGNdn6mvf
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:17 2025 by rpki-client