Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3b5c1d2-4d20-429e-93f6-4d1f30e8b964.roa
File: d3b5c1d2-4d20-429e-93f6-4d1f30e8b964.roa (raw, json)
Hash identifier: 5U6fipjANxijeq/1kwr36VAajSuRttc+uu1Jbw7QtXg=
Subject key identifier: 96:EC:8B:34:C0:20:7D:1E:A3:94:FD:98:0F:52:58:6D:F9:A6:AF:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 573179B5117086E5A22AADADDAA0223DA9EDB432
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3b5c1d2-4d20-429e-93f6-4d1f30e8b964.roa
Signing time: Fri 11 Jul 2025 19:41:07 +0000
ROA not before: Fri 11 Jul 2025 19:41:07 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:a040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:31:79:b5:11:70:86:e5:a2:2a:ad:ad:da:a0:22:3d:a9:ed:b4:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:41:07 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=3344c31e699305648a39ab3709e7a35b305e00115bcbfb3c1596b6c1696a22f6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4a:46:44:51:47:aa:2e:ab:09:17:2d:d0:fc:
5e:2e:87:28:ad:cd:5e:4e:f2:8c:e5:ca:e3:07:15:
2d:c4:bf:bb:2b:25:a5:0c:92:78:9a:1a:6e:e9:49:
ce:39:0c:b7:6b:52:d7:73:28:47:fb:60:0f:93:dd:
34:e7:39:8e:c9:76:f6:aa:fc:6d:db:3d:10:82:a5:
51:d8:27:a9:a0:3d:00:e3:87:b1:c5:9f:e2:48:96:
b3:7f:29:92:9d:04:61:41:fe:a3:27:01:ea:81:31:
9e:00:df:38:76:11:e7:e6:9e:2d:db:e1:c3:d2:15:
5c:57:0c:06:95:c4:ae:c6:cc:35:00:9c:7e:0f:7f:
3b:5d:29:74:1c:0a:c9:ed:cd:48:a0:41:ec:3d:3f:
be:d9:3d:05:8d:b8:97:35:60:90:fb:fd:64:65:e0:
cf:4c:49:dd:ba:17:e4:0c:72:73:9c:b5:3f:bc:72:
1d:77:d4:66:64:a2:ef:d0:95:48:08:11:f6:55:78:
64:2c:f2:bc:be:91:a0:09:9b:0a:17:41:4d:23:f5:
a0:fe:32:e0:e7:41:c5:8d:3a:39:68:46:a6:00:0c:
4c:ee:8d:85:98:a2:77:13:79:8b:3f:09:3d:aa:3e:
ad:13:9f:58:27:e5:78:32:29:87:ae:28:81:a7:86:
be:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:EC:8B:34:C0:20:7D:1E:A3:94:FD:98:0F:52:58:6D:F9:A6:AF:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3b5c1d2-4d20-429e-93f6-4d1f30e8b964.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:a040::/46
Signature Algorithm: sha256WithRSAEncryption
25:6f:64:90:ed:5a:d1:a4:51:bc:24:a8:9e:04:59:a2:c6:5f:
25:36:dd:92:e5:2e:c5:62:fd:9c:53:c1:a1:40:2b:54:64:2a:
39:63:e1:f2:b4:17:f8:b3:6d:8c:9d:a0:7c:10:0b:f9:3f:42:
ee:81:a4:ef:fb:4d:53:3c:32:66:90:25:e5:95:ab:0a:82:f7:
21:d0:34:6d:ee:78:56:ca:d2:ac:96:1e:4e:e2:5d:83:94:fd:
f4:29:bb:1a:13:8c:46:4c:b0:60:09:aa:02:9a:57:c1:44:52:
06:26:ae:f1:e2:77:32:4f:d0:90:b4:04:f7:8c:b7:4a:d7:88:
0a:b2:ec:fc:cd:75:26:dc:c1:24:4f:bb:9d:6c:b3:4e:2e:2a:
4b:8e:c0:be:6d:87:d5:7e:f1:da:d2:b3:51:1b:86:97:a3:72:
f9:79:14:c7:33:af:dc:b7:01:dc:f1:bd:72:0f:2d:35:0e:9a:
b2:3f:04:a8:3c:cf:e5:ea:8c:38:19:24:4d:ad:ac:05:8a:83:
23:c4:ca:fa:e4:a4:44:bc:b5:0b:d4:bf:b5:fd:86:bf:75:ae:
5c:47:2b:c5:e0:f8:82:af:ba:f1:5a:3a:d1:36:25:8d:4d:fd:
c7:50:08:52:eb:37:c4:9c:29:0c:71:10:4a:34:d8:13:f9:39:
10:b0:06:8d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVzF5tRFwhuWiKq2t2qAiPanttDIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTQxMDdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzNDRjMzFlNjk5MzA1NjQ4YTM5YWIzNzA5ZTdhMzViMzA1ZTAwMTE1YmNi
ZmIzYzE1OTZiNmMxNjk2YTIyZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtKRkRRR6ouqwkXLdD8Xi6HKK3NXk7yjOXK4wcVLcS/uyslpQySeJoabulJ
zjkMt2tS13MoR/tgD5PdNOc5jsl29qr8bds9EIKlUdgnqaA9AOOHscWf4kiWs38p
kp0EYUH+oycB6oExngDfOHYR5+aeLdvhw9IVXFcMBpXErsbMNQCcfg9/O10pdBwK
ye3NSKBB7D0/vtk9BY24lzVgkPv9ZGXgz0xJ3boX5Axyc5y1P7xyHXfUZmSi79CV
SAgR9lV4ZCzyvL6RoAmbChdBTSP1oP4y4OdBxY06OWhGpgAMTO6NhZiidxN5iz8J
Pao+rROfWCfleDIph64ogaeGvu8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSW7Is0
wCB9HqOU/ZgPUlht+aavAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDNiNWMxZDItNGQyMC00MjllLTkzZjYtNGQxZjMwZThiOTY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Heg
QDANBgkqhkiG9w0BAQsFAAOCAQEAJW9kkO1a0aRRvCSongRZosZfJTbdkuUuxWL9
nFPBoUArVGQqOWPh8rQX+LNtjJ2gfBAL+T9C7oGk7/tNUzwyZpAl5ZWrCoL3IdA0
be54VsrSrJYeTuJdg5T99Cm7GhOMRkywYAmqAppXwURSBiau8eJ3Mk/QkLQE94y3
SteICrLs/M11JtzBJE+7nWyzTi4qS47Avm2H1X7x2tKzURuGl6Ny+XkUxzOv3LcB
3PG9cg8tNQ6asj8EqDzP5eqMOBkkTa2sBYqDI8TK+uSkRLy1C9S/tf2Gv3WuXEcr
xeD4gq+68Vo60TYljU39x1AIUus3xJwpDHEQSjTYE/k5ELAGjQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:33:31 2025 by rpki-client