Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d9e2e2dd-303b-4e70-a84b-e795268ed9bb.roa
File: d9e2e2dd-303b-4e70-a84b-e795268ed9bb.roa (raw, json)
Hash identifier: AhdJ59VhdrLg+kAoZN39UengOjYTBHpZBgv3lbmduxU=
Subject key identifier: 59:6C:5E:DC:7B:26:A4:7E:DC:F3:7C:C1:81:FA:F4:CD:F0:73:D6:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FFA5BA39DAE0CDE22848802FABF25C33A9D0897
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d9e2e2dd-303b-4e70-a84b-e795268ed9bb.roa
Signing time: Fri 11 Jul 2025 20:01:13 +0000
ROA not before: Fri 11 Jul 2025 20:01:13 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:fa:5b:a3:9d:ae:0c:de:22:84:88:02:fa:bf:25:c3:3a:9d:08:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:01:13 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=678532350989cbc26db360174fc290155b08cf2e90feab3115f167e2b9e15e8b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:41:4c:8e:58:bf:59:19:97:a7:d0:05:56:4f:
bb:0c:48:53:4e:9d:b4:ae:64:e2:17:14:27:ed:b0:
d3:7e:38:3c:0f:51:95:74:9b:5f:53:86:66:46:8a:
43:7a:4d:d5:c3:ba:43:e6:db:1c:f2:19:60:6e:f3:
0f:c7:6e:8a:07:e7:df:ed:8f:cd:30:38:0e:dd:f5:
8c:48:d7:f7:ed:65:6f:50:1d:18:e3:4f:0c:e9:39:
97:c1:74:29:79:e0:87:73:fa:15:d2:56:c7:74:9e:
25:5d:3e:a8:63:c5:ab:43:3a:13:eb:75:ab:f2:d8:
89:af:57:4c:1b:42:c3:58:5e:78:b4:9a:05:2e:c1:
6b:f9:75:bb:5d:76:f7:20:a6:82:a5:da:25:3c:5f:
bc:8a:17:ab:38:e0:5d:1f:c1:59:87:3b:2a:dc:f8:
0f:05:d4:d5:aa:39:48:4a:51:45:53:b2:0c:36:12:
40:f8:fe:bf:5b:0a:f7:32:65:2a:01:26:13:85:56:
8b:87:8e:8b:4b:90:7d:fc:32:5c:ef:a3:e0:e2:3b:
2e:26:67:45:24:27:1b:fb:27:c1:f6:34:2b:7b:e6:
c0:b0:63:3f:07:b4:41:eb:eb:67:cc:13:b6:cb:4a:
e4:9f:a7:12:d2:bd:4a:7d:71:b6:c6:1a:95:30:dc:
a6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:6C:5E:DC:7B:26:A4:7E:DC:F3:7C:C1:81:FA:F4:CD:F0:73:D6:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d9e2e2dd-303b-4e70-a84b-e795268ed9bb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:2000::/40
Signature Algorithm: sha256WithRSAEncryption
10:46:4a:64:c7:f7:39:de:33:7f:20:db:d0:cf:1b:d0:ea:9e:
ad:cf:ea:1b:04:54:83:0d:a6:c0:9c:d0:41:3d:1a:ae:aa:75:
af:96:b7:ab:c1:6c:af:4d:2d:65:18:51:3e:e4:f7:72:35:a3:
65:ce:1d:44:cf:8e:18:93:30:f6:5b:f2:d1:20:1b:7e:fc:9a:
91:22:b8:65:fa:e8:18:90:8d:8e:90:7f:44:c4:9b:46:6a:57:
44:00:d3:bf:d7:fd:b5:f4:8b:37:f8:25:33:75:c1:d7:15:7e:
db:cd:d5:c1:4b:79:23:25:e3:51:09:8a:32:15:a8:a0:bd:21:
4d:38:e9:3b:f6:d1:ae:97:22:ab:ee:b9:df:c7:40:59:a6:c0:
16:ca:a8:cd:f0:f6:1d:20:b3:5c:ac:ef:f6:d7:63:c0:ac:bd:
cd:60:f0:a1:a0:6e:96:99:b7:9b:64:d8:e6:24:2d:df:48:2f:
d3:38:a1:7b:b3:82:3c:88:bd:d2:42:82:68:c0:83:ea:b8:d9:
ac:31:37:19:7a:64:46:3b:64:6c:2b:94:d5:eb:31:1d:33:af:
7a:ff:9a:2e:f6:27:59:30:87:fa:b1:03:32:e2:2a:33:e2:0a:
55:7f:3c:13:10:a5:e2:e8:c5:d4:f5:f7:bb:8b:5b:e5:0a:ed:
75:3e:d8:3a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP/pbo52uDN4ihIgC+r8lwzqdCJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAxMTNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3ODUzMjM1MDk4OWNiYzI2ZGIzNjAxNzRmYzI5MDE1NWIwOGNmMmU5MGZl
YWIzMTE1ZjE2N2UyYjllMTVlOGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlBTI5Yv1kZl6fQBVZPuwxIU06dtK5k4hcUJ+2w0344PA9RlXSbX1OGZkaK
Q3pN1cO6Q+bbHPIZYG7zD8duigfn3+2PzTA4Dt31jEjX9+1lb1AdGONPDOk5l8F0
KXngh3P6FdJWx3SeJV0+qGPFq0M6E+t1q/LYia9XTBtCw1heeLSaBS7Ba/l1u112
9yCmgqXaJTxfvIoXqzjgXR/BWYc7Ktz4DwXU1ao5SEpRRVOyDDYSQPj+v1sK9zJl
KgEmE4VWi4eOi0uQffwyXO+j4OI7LiZnRSQnG/snwfY0K3vmwLBjPwe0QevrZ8wT
tstK5J+nEtK9Sn1xtsYalTDcppsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRZbF7c
eyakftzzfMGB+vTN8HPWkjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDllMmUyZGQtMzAzYi00ZTcwLWE4NGItZTc5NTI2OGVkOWJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DUg
MA0GCSqGSIb3DQEBCwUAA4IBAQAQRkpkx/c53jN/INvQzxvQ6p6tz+obBFSDDabA
nNBBPRquqnWvlrerwWyvTS1lGFE+5PdyNaNlzh1Ez44YkzD2W/LRIBt+/JqRIrhl
+ugYkI2OkH9ExJtGaldEANO/1/219Is3+CUzdcHXFX7bzdXBS3kjJeNRCYoyFaig
vSFNOOk79tGulyKr7rnfx0BZpsAWyqjN8PYdILNcrO/212PArL3NYPChoG6Wmbeb
ZNjmJC3fSC/TOKF7s4I8iL3SQoJowIPquNmsMTcZemRGO2RsK5TV6zEdM696/5ou
9idZMIf6sQMy4ioz4gpVfzwTEKXi6MXU9fe7i1vlCu11Ptg6
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:35:33 2025 by rpki-client