Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
File: d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa (raw, json)
Hash identifier: 4wiKv326TBjacB6jiUopP+btu8cPmri0iSKnBBsrCQE=
Subject key identifier: 8C:3A:7A:B0:2D:E9:F9:39:7E:14:EC:C4:00:81:07:F7:E1:8F:2D:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37ED3671F7DF5599F85C284732F9CE9F718CF868
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
Signing time: Fri 11 Jul 2025 20:21:05 +0000
ROA not before: Fri 11 Jul 2025 20:21:05 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:ed:36:71:f7:df:55:99:f8:5c:28:47:32:f9:ce:9f:71:8c:f8:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:21:05 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=9785de72a377df53698c7868052eba1359f71b0adfa338002eee79decccf6723, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e3:94:40:36:91:7b:75:3a:b1:ef:64:a7:b8:
d0:bb:6f:e1:12:7e:a1:7d:3d:8b:fa:d2:71:32:b9:
98:35:22:cd:f3:c3:39:d1:80:2e:d5:48:f5:96:f8:
10:f3:c1:6e:e0:3f:cd:52:8a:6b:75:7f:cd:3d:19:
3c:db:7b:4e:06:66:47:34:a3:94:65:c6:8a:5f:86:
7d:6a:77:0e:76:91:6a:6d:4d:96:df:37:39:a6:62:
c1:6a:33:f1:63:b0:c3:a7:a6:c4:4a:1e:c9:cc:e1:
33:1d:7d:89:41:d5:da:3d:cb:1a:3c:f3:c9:d8:ca:
a7:b1:7d:85:1d:a4:65:61:32:e8:fa:28:70:a4:1d:
9a:8a:60:b3:ca:49:a7:0c:21:06:6d:27:68:4e:2a:
ba:ef:6e:9c:bc:74:2d:5c:ff:5f:c9:50:37:87:64:
85:36:76:54:d3:10:22:80:bb:22:a6:2f:6c:30:c3:
76:d0:da:ab:7e:5c:84:6d:5a:ba:d1:a6:ef:a0:b2:
44:1d:62:af:31:38:5c:b5:68:ab:eb:69:38:e8:06:
45:2e:7a:d2:5a:55:d1:a3:c6:62:4c:13:64:d6:a0:
ed:27:6d:06:fc:2c:3b:06:1c:ed:82:be:66:6d:de:
6f:be:f5:2e:33:f9:0d:b0:32:15:8b:5c:2d:ef:cb:
83:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:3A:7A:B0:2D:E9:F9:39:7E:14:EC:C4:00:81:07:F7:E1:8F:2D:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:1000::/40
Signature Algorithm: sha256WithRSAEncryption
45:9c:00:77:6f:3f:38:86:24:1a:05:73:0b:c8:02:e2:5d:fd:
50:ce:52:bb:40:26:36:0d:59:76:ba:09:b8:4e:eb:64:01:e0:
a2:92:a0:a6:18:07:63:59:75:ca:1d:7a:f9:cf:f4:27:0d:f0:
ab:55:29:57:5c:04:26:81:44:58:96:bd:29:6f:71:93:58:41:
07:e5:fc:cc:4d:92:91:31:2c:54:de:72:3d:74:3c:03:93:44:
1f:a6:bc:dd:ec:4b:b6:6f:31:e2:5b:e2:94:2e:f9:2f:57:21:
d4:c6:e7:69:63:cb:d5:00:d1:d7:03:4b:61:e7:ae:29:aa:c3:
e4:1e:dc:3b:3f:ed:e3:6d:b4:39:d6:68:1e:c6:8f:bb:f7:8c:
04:ec:7d:eb:ef:c1:02:72:7a:ea:4b:53:b6:d0:52:f7:d8:22:
fb:6e:5b:7f:57:6f:79:36:ad:81:c9:5c:b5:ed:18:4d:08:c0:
54:70:db:0b:43:c3:87:c9:d4:ad:86:c5:09:ab:b2:59:88:de:
d5:69:b7:67:0c:7f:06:ce:f7:fc:2e:02:06:7e:2e:23:1e:bd:
17:cb:c8:50:da:2b:4b:f3:96:37:72:f3:c5:54:61:f5:72:86:
84:60:f4:c8:79:31:6b:31:d9:fe:89:45:0c:c1:be:9f:10:47:
a2:3c:53:19
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN+02cfffVZn4XChHMvnOn3GM+GgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDIxMDVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3ODVkZTcyYTM3N2RmNTM2OThjNzg2ODA1MmViYTEzNTlmNzFiMGFkZmEz
MzgwMDJlZWU3OWRlY2NjZjY3MjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfjlEA2kXt1OrHvZKe40Ltv4RJ+oX09i/rScTK5mDUizfPDOdGALtVI9Zb4
EPPBbuA/zVKKa3V/zT0ZPNt7TgZmRzSjlGXGil+GfWp3DnaRam1Nlt83OaZiwWoz
8WOww6emxEoeyczhMx19iUHV2j3LGjzzydjKp7F9hR2kZWEy6PoocKQdmopgs8pJ
pwwhBm0naE4quu9unLx0LVz/X8lQN4dkhTZ2VNMQIoC7IqYvbDDDdtDaq35chG1a
utGm76CyRB1irzE4XLVoq+tpOOgGRS560lpV0aPGYkwTZNag7SdtBvwsOwYc7YK+
Zm3eb771LjP5DbAyFYtcLe/Lgw0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSMOnqw
Len5OX4U7MQAgQf34Y8tADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDM4NWZmNGItN2Y4ZS00NWQyLThmOGItZmNkZTE0MjZhMDUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBFnAB3bz84hiQaBXMLyALiXf1QzlK7QCY2DVl2
ugm4TutkAeCikqCmGAdjWXXKHXr5z/QnDfCrVSlXXAQmgURYlr0pb3GTWEEH5fzM
TZKRMSxU3nI9dDwDk0Qfprzd7Eu2bzHiW+KULvkvVyHUxudpY8vVANHXA0th564p
qsPkHtw7P+3jbbQ51mgexo+794wE7H3r78ECcnrqS1O20FL32CL7blt/V295Nq2B
yVy17RhNCMBUcNsLQ8OHydSthsUJq7JZiN7VabdnDH8Gzvf8LgIGfi4jHr0Xy8hQ
2itL85Y3cvPFVGH1coaEYPTIeTFrMdn+iUUMwb6fEEeiPFMZ
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:47 2025 by rpki-client