Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf8326d0-ecc0-4939-9939-2ed70f6ea536.roa
File: cf8326d0-ecc0-4939-9939-2ed70f6ea536.roa (raw, json)
Hash identifier: 0AljOe4i1y/PobENRENDR16zl5CzygC9si2k0mLLQu0=
Subject key identifier: 21:93:43:B9:F7:72:76:E0:07:1F:16:57:7C:D2:60:8F:54:5F:78:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 41113E380454C607D1EC4990B28DC5330C66CAEF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf8326d0-ecc0-4939-9939-2ed70f6ea536.roa
Signing time: Fri 11 Jul 2025 19:20:42 +0000
ROA not before: Fri 11 Jul 2025 19:20:42 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:11:3e:38:04:54:c6:07:d1:ec:49:90:b2:8d:c5:33:0c:66:ca:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:20:42 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=6abefb0dd44caee456597535116d5664c7810e17ede41ea73af931526750846f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:39:a5:ab:d6:54:58:84:c9:ef:de:3a:ee:dd:
8c:9d:80:b8:a7:d2:8c:f6:df:40:0c:a2:06:ed:0c:
bf:74:56:89:85:a4:17:c5:34:d8:e9:71:78:35:29:
e5:ee:66:40:6a:ec:f2:ae:c2:1a:0b:5c:40:01:ce:
0b:74:71:a2:3c:26:f4:f8:59:01:fc:a3:18:6f:22:
37:62:8f:df:01:4e:2d:0a:79:ca:a8:a4:91:95:54:
cd:7e:61:be:8e:5d:46:1e:fa:7c:0a:c1:09:0c:6e:
86:2a:47:a1:a7:ab:45:87:c9:a2:4b:93:ab:dc:e7:
39:5f:fc:93:e5:3b:e4:af:c8:0b:61:dd:0c:2e:b4:
a7:66:e6:70:d0:94:e4:ec:3f:5b:2b:fc:ff:f7:27:
e0:94:52:c6:02:8a:53:08:e7:2e:aa:91:c0:33:1f:
06:fa:98:cb:b7:e0:d0:f1:b1:73:96:d4:a6:95:6b:
42:b6:a1:da:9f:5b:3e:8e:ba:5a:4e:c5:18:ff:38:
56:07:36:99:45:c6:3b:d0:2c:61:5f:f7:86:21:f2:
4c:9f:a9:c5:2f:ae:cc:fc:5d:f5:db:a9:12:42:a2:
a6:5d:d4:b0:4a:48:fb:e5:de:31:30:ab:c7:f4:db:
33:e0:c9:a6:de:bf:67:37:ab:46:33:50:a1:2d:be:
5a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:93:43:B9:F7:72:76:E0:07:1F:16:57:7C:D2:60:8F:54:5F:78:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf8326d0-ecc0-4939-9939-2ed70f6ea536.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1040::/48
Signature Algorithm: sha256WithRSAEncryption
8b:49:0c:7c:65:b9:d7:5a:3d:64:00:7f:bb:b2:1f:e6:e9:d7:
80:71:9f:c1:55:99:a7:22:f3:8a:6c:60:cc:cf:9c:c7:5e:0b:
bf:69:eb:10:fb:d7:93:32:da:94:e1:6f:7d:49:6a:47:56:a3:
d6:9e:d7:78:21:e9:75:8e:e7:24:71:c2:46:eb:4e:b4:a7:99:
f5:b1:da:84:73:7a:0d:c9:f4:bd:32:6d:6f:84:a9:c4:ed:70:
a4:d5:3d:c0:81:c6:f2:23:32:7e:4c:89:bc:a3:75:4c:e8:9a:
3e:6b:0e:26:6e:9c:05:47:5d:e7:4f:2a:e9:e9:b6:b3:f4:7e:
14:3c:c2:9f:cd:ab:44:ef:c6:af:5e:08:65:e4:73:15:48:42:
2a:9e:6c:c1:0d:1a:0c:e8:fc:24:13:ad:b8:93:fe:3a:1a:1b:
e9:ea:8d:cf:c5:3d:3c:b8:6a:ea:97:34:81:ce:13:d7:d4:b3:
58:85:c5:7f:2c:96:e3:7d:7b:9b:54:f0:85:f7:31:c2:e3:ba:
7b:6b:69:c7:01:3d:16:08:d6:83:d7:22:08:db:2c:0f:9e:9d:
16:31:a8:64:33:61:a6:66:17:f1:7f:17:98:5f:45:94:66:8b:
4a:9b:25:a4:83:de:85:25:42:3c:fe:88:7c:bc:94:8c:23:7a:
ba:eb:08:01
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQRE+OARUxgfR7EmQso3FMwxmyu8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIwNDJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhYmVmYjBkZDQ0Y2FlZTQ1NjU5NzUzNTExNmQ1NjY0Yzc4MTBlMTdlZGU0
MWVhNzNhZjkzMTUyNjc1MDg0NmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJo5pavWVFiEye/eOu7djJ2AuKfSjPbfQAyiBu0Mv3RWiYWkF8U02OlxeDUp
5e5mQGrs8q7CGgtcQAHOC3Rxojwm9PhZAfyjGG8iN2KP3wFOLQp5yqikkZVUzX5h
vo5dRh76fArBCQxuhipHoaerRYfJokuTq9znOV/8k+U75K/IC2HdDC60p2bmcNCU
5Ow/Wyv8//cn4JRSxgKKUwjnLqqRwDMfBvqYy7fg0PGxc5bUppVrQrah2p9bPo66
Wk7FGP84Vgc2mUXGO9AsYV/3hiHyTJ+pxS+uzPxd9dupEkKipl3UsEpI++XeMTCr
x/TbM+DJpt6/ZzerRjNQoS2+Wl8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQhk0O5
93J24AcfFld80mCPVF94GjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y4MzI2ZDAtZWNjMC00OTM5LTk5MzktMmVkNzBmNmVhNTM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAi0kMfGW511o9ZAB/u7If5unXgHGfwVWZpyLz
imxgzM+cx14Lv2nrEPvXkzLalOFvfUlqR1aj1p7XeCHpdY7nJHHCRutOtKeZ9bHa
hHN6Dcn0vTJtb4SpxO1wpNU9wIHG8iMyfkyJvKN1TOiaPmsOJm6cBUdd508q6em2
s/R+FDzCn82rRO/Gr14IZeRzFUhCKp5swQ0aDOj8JBOtuJP+Ohob6eqNz8U9PLhq
6pc0gc4T19SzWIXFfyyW4317m1TwhfcxwuO6e2tpxwE9FgjWg9ciCNssD56dFjGo
ZDNhpmYX8X8XmF9FlGaLSpslpIPehSVCPP6IfLyUjCN6uusIAQ==
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:46:33 2025 by rpki-client