Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
File: da8369e9-0146-44b6-865e-0064a4d1ed72.roa (raw, json)
Hash identifier: 87dhoNpR4niHkt61Frl8apZl9YAntVIB2rk+Oe+qi0Q=
Subject key identifier: B7:76:39:C6:F7:12:6F:CD:C5:08:71:FA:58:1B:27:95:F1:0C:AB:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B7F4309CB1C6C124F605DD43D535668AC3B646E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
Signing time: Fri 11 Jul 2025 19:21:21 +0000
ROA not before: Fri 11 Jul 2025 19:21:21 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:7f:43:09:cb:1c:6c:12:4f:60:5d:d4:3d:53:56:68:ac:3b:64:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:21:21 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a03db5a894c3fcecdba095fb946830d2968ad508aeceaa05a2083a0e3d54b41b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0c:d5:1c:03:0c:e6:ce:94:d4:43:db:fd:b8:
81:a8:af:17:70:d9:d7:cd:5f:c5:ab:ec:e8:a2:e2:
e9:70:94:16:75:22:0b:40:4f:23:11:93:f4:0c:4a:
6c:1b:6b:9a:81:e4:8a:ed:b6:4b:fc:8d:af:db:ce:
77:f7:47:51:da:32:60:96:ac:c6:06:49:14:d0:3a:
29:2a:57:a2:1d:4a:90:d0:de:7b:aa:8b:b8:71:d8:
bb:8e:58:c7:c5:c6:12:ca:4a:f4:41:f0:84:6f:74:
cc:bb:4c:a8:15:d3:9e:9c:e3:d0:c6:81:df:5d:9a:
33:c7:46:2f:7a:23:34:3d:50:1a:56:b7:58:e0:cd:
77:62:a3:39:7d:33:c2:18:c9:49:1a:c9:28:8a:ec:
f2:a6:37:b0:b2:40:04:44:95:f7:8c:1d:7e:38:65:
03:38:74:28:71:72:0a:a0:47:f8:61:a7:d5:8d:ea:
69:f1:bb:1d:8f:7a:c8:71:31:1d:20:ac:46:87:10:
91:8f:f4:6b:8f:4e:1d:b1:73:58:cf:9b:74:22:e5:
c8:1e:d1:e9:43:bf:39:31:f6:fd:35:d5:bb:db:01:
93:77:0b:7d:45:4c:6e:fa:1f:96:0c:51:33:5e:a7:
07:80:21:2e:af:fc:4a:77:40:ee:54:f6:23:44:c7:
aa:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:76:39:C6:F7:12:6F:CD:C5:08:71:FA:58:1B:27:95:F1:0C:AB:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6000::/40
Signature Algorithm: sha256WithRSAEncryption
c4:62:1f:50:3d:aa:51:66:22:57:05:b1:84:24:9d:2f:ab:ef:
af:cb:7e:8c:df:37:30:ad:d6:c9:d8:2b:96:97:d8:ba:49:db:
de:f1:59:52:45:3e:af:48:6e:cc:88:53:74:02:7c:40:46:41:
7f:eb:ec:a9:21:31:17:33:74:06:5b:7a:f8:d6:3b:f3:6a:90:
b2:62:37:6c:40:a2:b7:be:2b:bc:e4:4a:ef:ab:c1:ec:93:67:
4d:30:28:20:e2:01:c3:c9:fa:5e:32:5c:b0:1d:c7:87:82:2e:
51:71:d0:89:04:86:5c:b6:12:e2:be:7c:a8:1e:53:ea:53:e8:
78:92:b1:38:23:b0:00:8d:ff:27:b4:8b:bd:99:32:1b:4b:41:
bd:fe:48:94:77:ed:e1:0d:23:1e:e3:c5:53:ad:0b:2b:9e:ef:
68:45:1b:d8:93:ed:d9:63:dc:99:01:52:ec:54:92:40:d9:d0:
99:92:49:0c:63:6f:f6:3b:7e:2f:00:b9:d5:5e:67:58:91:b4:
ee:6a:b0:31:50:2a:b1:8a:d5:34:9f:8a:68:55:c5:e2:bd:83:
b8:e6:53:ca:99:be:07:c9:34:5b:86:23:37:b1:15:f9:74:d8:
07:7f:e4:03:bd:d1:e7:e0:cc:43:5e:d1:52:6b:98:87:b0:2f:
88:b2:af:01
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC39DCcscbBJPYF3UPVNWaKw7ZG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIxMjFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwM2RiNWE4OTRjM2ZjZWNkYmEwOTVmYjk0NjgzMGQyOTY4YWQ1MDhhZWNl
YWEwNWEyMDgzYTBlM2Q1NGI0MWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYM1RwDDObOlNRD2/24gaivF3DZ181fxavs6KLi6XCUFnUiC0BPIxGT9AxK
bBtrmoHkiu22S/yNr9vOd/dHUdoyYJasxgZJFNA6KSpXoh1KkNDee6qLuHHYu45Y
x8XGEspK9EHwhG90zLtMqBXTnpzj0MaB312aM8dGL3ojND1QGla3WODNd2KjOX0z
whjJSRrJKIrs8qY3sLJABESV94wdfjhlAzh0KHFyCqBH+GGn1Y3qafG7HY96yHEx
HSCsRocQkY/0a49OHbFzWM+bdCLlyB7R6UO/OTH2/TXVu9sBk3cLfUVMbvoflgxR
M16nB4AhLq/8SndA7lT2I0THqjsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS3djnG
9xJvzcUIcfpYGyeV8Qyr4jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGE4MzY5ZTktMDE0Ni00NGI2LTg2NWUtMDA2NGE0ZDFlZDcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFg
MA0GCSqGSIb3DQEBCwUAA4IBAQDEYh9QPapRZiJXBbGEJJ0vq++vy36M3zcwrdbJ
2CuWl9i6Sdve8VlSRT6vSG7MiFN0AnxARkF/6+ypITEXM3QGW3r41jvzapCyYjds
QKK3viu85Ervq8Hsk2dNMCgg4gHDyfpeMlywHceHgi5RcdCJBIZcthLivnyoHlPq
U+h4krE4I7AAjf8ntIu9mTIbS0G9/kiUd+3hDSMe48VTrQsrnu9oRRvYk+3ZY9yZ
AVLsVJJA2dCZkkkMY2/2O34vALnVXmdYkbTuarAxUCqxitU0n4poVcXivYO45lPK
mb4HyTRbhiM3sRX5dNgHf+QDvdHn4MxDXtFSa5iHsC+Isq8B
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:43:14 2025 by rpki-client