Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
File: d7ff0a46-4c68-43b8-be33-3f3098623685.roa (raw, json)
Hash identifier: Zq8riZya4axf/8eBBkq8Rm7ljGNn6VWgSp9BzvEmIcA=
Subject key identifier: 82:43:4C:F4:B8:73:DC:06:99:27:6A:DD:60:2B:25:0C:29:94:42:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 766AC7C267884BFC376863997B52B454D41BB956
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
Signing time: Fri 11 Jul 2025 18:50:53 +0000
ROA not before: Fri 11 Jul 2025 18:50:53 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:6a:c7:c2:67:88:4b:fc:37:68:63:99:7b:52:b4:54:d4:1b:b9:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:50:53 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a01e579bea587aad80a2e80cbdb090c9400220cef3556dbb3dc7ef1f16ce2080, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:58:81:ed:e3:56:0c:87:0c:a8:df:1e:e5:94:
62:47:e7:0a:70:42:03:75:dc:f0:f9:03:47:4b:e0:
18:f9:74:63:8c:cb:ac:ad:28:07:29:96:6d:7f:39:
d0:8a:b4:3c:91:58:10:86:11:27:4f:83:8a:ff:fa:
12:5d:24:cf:0c:a4:21:e3:09:7c:fd:e2:13:ac:83:
4c:97:2d:b2:6a:7f:8d:21:1f:8c:2b:86:d6:d2:93:
9c:20:b7:55:7a:a4:36:cc:3a:11:7f:9c:cc:77:77:
b7:03:49:cd:66:dd:65:36:02:3b:76:25:48:9f:0e:
c6:75:f5:21:a2:6a:56:7b:43:b7:ea:d0:83:e3:0e:
95:81:f4:85:13:9c:dd:b0:da:72:36:ab:3d:51:fd:
7d:cf:a3:f1:a4:69:ff:dc:93:7c:d7:11:d6:b9:95:
56:73:fd:2a:d5:06:38:66:02:18:78:74:06:07:0e:
36:57:b7:cb:bc:23:cf:71:38:03:17:1c:46:e5:0e:
db:69:4e:c4:b6:0a:ec:08:f9:68:e3:50:01:40:4f:
40:2c:dc:d7:11:49:12:0b:ab:47:6b:d3:ed:37:20:
24:27:a9:db:2e:b3:57:3d:71:76:b5:10:28:c6:0f:
06:a8:76:9b:bf:cd:8e:9d:85:a9:90:76:93:47:95:
6a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:43:4C:F4:B8:73:DC:06:99:27:6A:DD:60:2B:25:0C:29:94:42:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80d0::/48
Signature Algorithm: sha256WithRSAEncryption
2f:18:5f:e9:b6:b7:ee:29:b1:09:a5:3a:d2:6f:30:61:7f:02:
b4:a6:d7:de:a3:58:f9:bb:f1:9a:a9:42:55:43:f8:43:6c:5e:
3e:c6:e6:9c:07:e1:6e:24:60:92:9e:45:ed:b1:39:2a:b4:d5:
ee:fe:24:84:7b:d6:a5:e2:8d:d6:57:3f:71:3c:45:e5:37:97:
6d:0d:25:da:2e:a9:3f:ff:13:b2:fb:79:7b:5e:88:54:a3:bd:
9e:1a:77:b1:ac:67:17:0e:9d:e8:18:6b:f1:06:d2:53:2c:e7:
72:27:53:f4:e8:3d:22:40:9f:28:37:f9:d2:f5:25:b3:e3:82:
a6:f3:5c:10:fa:5b:8c:74:db:e1:70:21:ab:66:5d:8a:d1:d3:
18:cb:c4:e8:69:9a:16:9e:d3:ec:5a:35:53:78:c1:44:9b:6b:
8d:2a:8d:9d:41:ea:c3:86:d3:97:81:91:41:ea:57:ef:6d:ac:
55:de:d8:9d:77:91:df:29:17:19:b2:66:72:ff:42:b5:03:72:
79:78:d3:88:de:0b:99:da:ba:d6:3a:f1:18:5a:47:40:44:85:
b5:a0:d4:1e:5e:9c:2b:04:fc:07:c9:45:bd:d3:aa:0d:26:98:
38:b1:e5:8f:da:b9:6b:f9:fc:43:8f:bc:6d:7a:5a:68:97:7f:
59:11:a1:20
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdmrHwmeIS/w3aGOZe1K0VNQbuVYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODUwNTNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwMWU1NzliZWE1ODdhYWQ4MGEyZTgwY2JkYjA5MGM5NDAwMjIwY2VmMzU1
NmRiYjNkYzdlZjFmMTZjZTIwODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANdYge3jVgyHDKjfHuWUYkfnCnBCA3Xc8PkDR0vgGPl0Y4zLrK0oBymWbX85
0Iq0PJFYEIYRJ0+Div/6El0kzwykIeMJfP3iE6yDTJctsmp/jSEfjCuG1tKTnCC3
VXqkNsw6EX+czHd3twNJzWbdZTYCO3YlSJ8OxnX1IaJqVntDt+rQg+MOlYH0hROc
3bDacjarPVH9fc+j8aRp/9yTfNcR1rmVVnP9KtUGOGYCGHh0BgcONle3y7wjz3E4
AxccRuUO22lOxLYK7Aj5aONQAUBPQCzc1xFJEgurR2vT7TcgJCep2y6zVz1xdrUQ
KMYPBqh2m7/Njp2FqZB2k0eVahsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSCQ0z0
uHPcBpknat1gKyUMKZRCxzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdmZjBhNDYtNGM2OC00M2I4LWJlMzMtM2YzMDk4NjIzNjg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
0DANBgkqhkiG9w0BAQsFAAOCAQEALxhf6ba37imxCaU60m8wYX8CtKbX3qNY+bvx
mqlCVUP4Q2xePsbmnAfhbiRgkp5F7bE5KrTV7v4khHvWpeKN1lc/cTxF5TeXbQ0l
2i6pP/8Tsvt5e16IVKO9nhp3saxnFw6d6Bhr8QbSUyzncidT9Og9IkCfKDf50vUl
s+OCpvNcEPpbjHTb4XAhq2ZditHTGMvE6GmaFp7T7Fo1U3jBRJtrjSqNnUHqw4bT
l4GRQepX722sVd7YnXeR3ykXGbJmcv9CtQNyeXjTiN4Lmdq61jrxGFpHQESFtaDU
Hl6cKwT8B8lFvdOqDSaYOLHlj9q5a/n8Q4+8bXpaaJd/WRGhIA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:44:34 2025 by rpki-client