Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3564159-9d8d-43eb-bf55-66a4445d2727.roa
File: d3564159-9d8d-43eb-bf55-66a4445d2727.roa (raw, json)
Hash identifier: qeVlgYNj6fWE1vNA2K0wnFCXt8RH1Czvp72CpQ8y8Nk=
Subject key identifier: 00:CC:A0:F1:E9:7A:74:26:8C:2B:E1:3D:6B:2D:D1:E6:C7:0D:96:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 28D83A6F184227EDA60FDD050CA17E3660E6CFA8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3564159-9d8d-43eb-bf55-66a4445d2727.roa
Signing time: Fri 11 Jul 2025 20:31:47 +0000
ROA not before: Fri 11 Jul 2025 20:31:47 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:d8:3a:6f:18:42:27:ed:a6:0f:dd:05:0c:a1:7e:36:60:e6:cf:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:31:47 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=ce3af592d43050491af068e015d64a09f0dc668cb3496acaac702621f94760b6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:bb:21:cb:93:8f:39:88:0a:fd:ba:82:3c:31:
0b:a4:2a:73:21:66:6a:4c:e0:1a:cf:47:59:14:34:
8a:0d:16:7b:b1:d3:b0:b2:32:94:1a:2e:0a:3c:09:
e7:85:42:94:10:27:11:11:3c:36:6a:1d:64:6a:9b:
2f:a0:03:0d:eb:9f:36:b6:6a:97:d0:38:9b:46:9a:
90:93:e1:e8:e1:a8:20:7d:1a:f0:ec:44:c5:3c:b8:
2a:3c:e2:cb:f7:5e:10:9e:94:91:cb:77:b0:f7:a3:
16:06:2a:2b:ed:cc:86:8c:92:f6:38:08:c2:4b:01:
0c:3d:2e:1c:b3:71:9c:e9:72:f8:fd:cf:56:01:b9:
e8:e3:fe:dd:e6:dc:d2:b3:6b:28:a7:a8:83:fc:bc:
16:04:dc:1a:fd:d0:87:fa:37:6a:73:6f:a7:fc:da:
3c:2e:ed:95:88:60:ea:08:e4:38:59:f8:05:28:05:
09:82:dd:02:27:c7:f8:4b:78:64:bd:61:29:2f:4c:
47:7d:1c:0a:25:5f:13:cf:91:62:d4:db:f3:b9:d9:
c4:c8:96:29:ba:cc:0e:e7:4a:70:73:ee:fc:a3:3d:
a2:a9:aa:71:5c:ea:3c:30:aa:3f:3b:c9:bc:72:6a:
08:7f:8b:45:8f:2b:9b:41:f1:ee:df:08:44:63:4c:
40:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:CC:A0:F1:E9:7A:74:26:8C:2B:E1:3D:6B:2D:D1:E6:C7:0D:96:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3564159-9d8d-43eb-bf55-66a4445d2727.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:b000::/40
Signature Algorithm: sha256WithRSAEncryption
3d:01:f9:19:7e:4e:98:4d:03:bf:4b:ef:92:fc:f3:91:29:55:
01:77:d4:d7:9f:2d:69:93:58:50:69:f7:fd:ab:e0:3b:38:47:
62:e3:4c:06:64:cb:13:2b:e6:5f:91:42:79:c0:a1:5b:28:fe:
cf:b7:42:0f:d0:16:4a:ac:2c:9f:99:5a:8f:c6:10:02:9f:e3:
a1:91:7e:63:38:08:c0:c9:ee:37:0a:fe:91:e2:52:74:d4:82:
f4:3b:87:46:71:92:f4:d7:60:ef:ba:f6:2c:c8:4a:42:95:aa:
05:7d:1f:6c:a0:6a:50:7e:d0:86:ce:77:43:c7:53:9a:ab:02:
f9:ba:13:b0:8b:f6:81:d4:13:b4:ce:34:63:71:6e:2f:c6:54:
20:ab:d5:7c:9d:d6:87:b2:4c:01:7e:2d:9c:ea:a8:90:a7:77:
11:a4:47:a1:9c:49:40:3c:a6:88:b3:6e:f2:bc:b4:db:4b:63:
f0:28:95:b5:fc:22:92:59:35:c5:c5:7e:8f:cc:1b:44:56:b7:
e8:53:82:c9:6a:6a:ff:a8:82:35:17:d2:84:13:21:9a:36:e2:
73:4c:eb:39:44:ad:74:1d:5c:7a:f8:5d:0d:2a:7c:c5:7e:92:
7b:5e:f7:14:58:56:bb:69:a0:3e:50:dd:48:13:ca:8a:1f:1e:
9a:b7:17:f6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKNg6bxhCJ+2mD90FDKF+NmDmz6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMxNDdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlM2FmNTkyZDQzMDUwNDkxYWYwNjhlMDE1ZDY0YTA5ZjBkYzY2OGNiMzQ5
NmFjYWFjNzAyNjIxZjk0NzYwYjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPS7IcuTjzmICv26gjwxC6QqcyFmakzgGs9HWRQ0ig0We7HTsLIylBouCjwJ
54VClBAnERE8NmodZGqbL6ADDeufNrZql9A4m0aakJPh6OGoIH0a8OxExTy4Kjzi
y/deEJ6Ukct3sPejFgYqK+3MhoyS9jgIwksBDD0uHLNxnOly+P3PVgG56OP+3ebc
0rNrKKeog/y8FgTcGv3Qh/o3anNvp/zaPC7tlYhg6gjkOFn4BSgFCYLdAifH+Et4
ZL1hKS9MR30cCiVfE8+RYtTb87nZxMiWKbrMDudKcHPu/KM9oqmqcVzqPDCqPzvJ
vHJqCH+LRY8rm0Hx7t8IRGNMQCkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQAzKDx
6Xp0Jowr4T1rLdHmxw2WhjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDM1NjQxNTktOWQ4ZC00M2ViLWJmNTUtNjZhNDQ0NWQyNzI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Haw
MA0GCSqGSIb3DQEBCwUAA4IBAQA9AfkZfk6YTQO/S++S/PORKVUBd9TXny1pk1hQ
aff9q+A7OEdi40wGZMsTK+ZfkUJ5wKFbKP7Pt0IP0BZKrCyfmVqPxhACn+OhkX5j
OAjAye43Cv6R4lJ01IL0O4dGcZL012DvuvYsyEpClaoFfR9soGpQftCGzndDx1Oa
qwL5uhOwi/aB1BO0zjRjcW4vxlQgq9V8ndaHskwBfi2c6qiQp3cRpEehnElAPKaI
s27yvLTbS2PwKJW1/CKSWTXFxX6PzBtEVrfoU4LJamr/qII1F9KEEyGaNuJzTOs5
RK10HVx6+F0NKnzFfpJ7XvcUWFa7aaA+UN1IE8qKHx6atxf2
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:21 2025 by rpki-client