Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfe315e6-c630-48bd-8de5-23eee0ad40cd.roa
File: cfe315e6-c630-48bd-8de5-23eee0ad40cd.roa (raw, json)
Hash identifier: pbezgigOTL/2I0RgLc8FCFZPjTM/w+P2gGD4LSbk6Ns=
Subject key identifier: 08:6A:4E:85:72:FA:BA:63:2D:2B:56:9A:7A:96:2B:83:11:AB:C9:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6ECF660A3479B8874DE891127A9F8D669CD5C6B5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfe315e6-c630-48bd-8de5-23eee0ad40cd.roa
Signing time: Fri 11 Jul 2025 18:50:49 +0000
ROA not before: Fri 11 Jul 2025 18:50:49 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:cf:66:0a:34:79:b8:87:4d:e8:91:12:7a:9f:8d:66:9c:d5:c6:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:50:49 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=393c7be0392d207e8992388f3e93b7f5588d8da5e325933f2df0affe2187189c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:32:44:67:3d:f7:ab:a9:ce:35:fd:ec:71:04:
ba:85:bd:76:cc:39:9f:12:9d:ad:f6:46:a9:3e:47:
ff:47:9c:ea:8b:d0:c1:b5:93:c9:d7:a6:1b:f6:bf:
58:52:de:be:42:36:29:28:1a:de:84:c3:3c:aa:9e:
fe:8b:79:ef:e4:a6:9e:b4:6a:32:9c:8a:cf:ae:00:
3c:5a:fc:e7:3f:79:f0:21:ff:b6:d9:91:f4:4b:09:
79:ef:f8:e1:6f:f5:f1:bb:b1:b6:3e:30:73:89:70:
e0:b7:d3:1e:ec:34:55:a0:4e:bb:cc:79:7a:b1:f7:
11:4c:45:55:14:21:c1:6f:c1:fe:27:5b:90:25:6f:
2c:4c:34:63:15:a7:f4:59:1f:93:44:46:1a:c2:52:
c2:ed:e3:df:ea:0e:18:6f:53:e7:5b:b9:a8:cf:45:
ea:6a:4a:d1:8c:13:fc:b6:05:e3:64:07:2f:fa:de:
ba:4a:3e:d9:4f:5c:f8:24:ac:ba:02:ca:28:f3:59:
aa:f6:bc:20:5c:3b:e2:87:75:2a:80:56:b4:ba:5f:
02:c5:ff:91:c9:ab:64:3a:b9:4c:67:22:2e:e8:31:
7d:96:4c:2a:45:d8:2b:de:32:13:f0:f1:a3:eb:4f:
e6:b8:83:6c:c8:31:63:7a:f6:99:f0:70:36:83:8d:
ca:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:6A:4E:85:72:FA:BA:63:2D:2B:56:9A:7A:96:2B:83:11:AB:C9:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfe315e6-c630-48bd-8de5-23eee0ad40cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8020::/48
Signature Algorithm: sha256WithRSAEncryption
9b:da:13:f3:23:10:59:92:40:e0:60:3d:6e:59:0e:00:16:10:
10:cb:36:a9:e6:4a:23:04:ac:e2:62:03:9d:7a:dd:a7:27:8d:
5f:92:23:1c:9b:60:7e:a4:dd:37:ee:e4:ad:27:0c:9e:c4:e0:
a8:e3:be:17:bc:7f:d2:81:47:d3:1a:b4:bc:74:a6:d9:c2:0f:
8f:ea:7b:9c:60:16:9b:c2:1a:df:0b:70:d4:8c:41:03:77:88:
ad:c1:10:11:82:6a:b0:ca:22:ab:0a:a3:e6:2b:15:eb:d0:fb:
c8:66:d7:f2:3f:2b:65:fa:ee:77:aa:b0:ed:4f:2a:e5:28:5e:
79:3b:95:ef:5f:fc:0b:bf:28:03:4a:e6:c4:a1:7f:a2:6c:6d:
9b:57:0e:0a:34:fa:f7:c0:9f:19:72:48:d2:91:05:f4:3f:11:
4b:95:8f:a1:db:52:ce:ff:b5:ee:eb:e0:64:e7:ae:63:9b:bf:
62:00:19:06:7b:2b:00:67:cf:66:8f:87:53:8c:37:a0:20:eb:
e0:e7:90:22:95:b3:b3:fb:19:9a:97:2e:1a:70:8c:95:b8:c8:
21:ad:51:56:b0:0d:cc:ab:55:15:7f:0e:9a:82:21:1f:e3:a9:
76:52:48:0b:52:72:9d:90:2c:46:0b:05:20:88:c0:c4:5a:f3:
8e:d2:4c:f6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbs9mCjR5uIdN6JESep+NZpzVxrUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODUwNDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5M2M3YmUwMzkyZDIwN2U4OTkyMzg4ZjNlOTNiN2Y1NTg4ZDhkYTVlMzI1
OTMzZjJkZjBhZmZlMjE4NzE4OWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIsyRGc996upzjX97HEEuoW9dsw5nxKdrfZGqT5H/0ec6ovQwbWTydemG/a/
WFLevkI2KSga3oTDPKqe/ot57+SmnrRqMpyKz64APFr85z958CH/ttmR9EsJee/4
4W/18buxtj4wc4lw4LfTHuw0VaBOu8x5erH3EUxFVRQhwW/B/idbkCVvLEw0YxWn
9Fkfk0RGGsJSwu3j3+oOGG9T51u5qM9F6mpK0YwT/LYF42QHL/reuko+2U9c+CSs
ugLKKPNZqva8IFw74od1KoBWtLpfAsX/kcmrZDq5TGciLugxfZZMKkXYK94yE/Dx
o+tP5riDbMgxY3r2mfBwNoONyvUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQIak6F
cvq6Yy0rVpp6liuDEavJ2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2ZlMzE1ZTYtYzYzMC00OGJkLThkZTUtMjNlZWUwYWQ0MGNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
IDANBgkqhkiG9w0BAQsFAAOCAQEAm9oT8yMQWZJA4GA9blkOABYQEMs2qeZKIwSs
4mIDnXrdpyeNX5IjHJtgfqTdN+7krScMnsTgqOO+F7x/0oFH0xq0vHSm2cIPj+p7
nGAWm8Ia3wtw1IxBA3eIrcEQEYJqsMoiqwqj5isV69D7yGbX8j8rZfrud6qw7U8q
5SheeTuV71/8C78oA0rmxKF/omxtm1cOCjT698CfGXJI0pEF9D8RS5WPodtSzv+1
7uvgZOeuY5u/YgAZBnsrAGfPZo+HU4w3oCDr4OeQIpWzs/sZmpcuGnCMlbjIIa1R
VrANzKtVFX8OmoIhH+OpdlJIC1JynZAsRgsFIIjAxFrzjtJM9g==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:38 2025 by rpki-client