Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
File: dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa (raw, json)
Hash identifier: axUxRrbGBMeLCqLHumt2axrpUcAzT3iJVlRh+Dqx88s=
Subject key identifier: FA:A8:8D:4E:7D:C5:86:C4:21:2F:D2:61:59:53:67:AC:7C:B6:0D:C5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B70F45C15B37E0517426650146A1D1D0022732D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
Signing time: Fri 11 Jul 2025 19:31:11 +0000
ROA not before: Fri 11 Jul 2025 19:31:11 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:70:f4:5c:15:b3:7e:05:17:42:66:50:14:6a:1d:1d:00:22:73:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:31:11 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=9d2ffc6fd920288a36696968e41a3387e6bf71ec318c8012ce2a1b560d709735, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b2:ae:62:78:2f:8a:38:32:4b:de:46:2c:f9:
76:02:8b:8c:85:45:9b:21:9b:fd:92:b3:ed:9d:09:
ab:87:2b:52:ed:c0:86:a4:a4:7d:6f:7c:de:9e:ba:
10:f2:ff:a4:0f:86:9a:ac:b9:35:7a:d7:a0:c6:c3:
93:08:4c:41:72:99:56:a7:4a:1e:63:3e:86:6f:1d:
af:c8:d7:c8:9d:58:22:c3:82:30:6e:6e:71:54:e4:
18:3d:96:1f:39:ea:72:1e:e5:f3:49:91:69:4e:20:
35:ad:e8:c9:67:ab:75:fb:8a:18:6b:b6:74:ce:6d:
96:95:be:3e:4b:36:e6:b0:00:a9:e3:20:ad:8b:68:
6a:63:f3:6f:61:b9:00:56:b1:bc:76:7b:82:4a:94:
ac:5c:42:f1:bb:95:24:88:e7:8f:d9:c1:14:07:fa:
5c:6b:93:28:ea:2f:4d:ce:7b:05:50:1f:85:ed:53:
73:2e:71:20:44:50:ea:dd:d8:d6:6c:f9:00:df:a9:
30:51:a0:88:79:c3:05:ed:4e:1b:a9:84:f8:28:5e:
3e:18:c5:ee:e7:ed:7f:64:ab:7a:31:b1:bb:a1:8a:
57:0a:4f:ce:0a:87:ad:54:a8:dc:96:dc:53:b1:9f:
9c:53:a5:78:e4:81:b7:1e:12:83:7b:47:e4:df:bc:
c3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A8:8D:4E:7D:C5:86:C4:21:2F:D2:61:59:53:67:AC:7C:B6:0D:C5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4000::/40
Signature Algorithm: sha256WithRSAEncryption
3a:22:b5:4f:ea:49:5a:5d:63:ea:6f:d7:44:d5:fe:5a:7b:02:
bd:1b:6c:a2:57:a0:da:ec:f2:7a:d4:71:ce:8a:ca:5a:03:c9:
e1:93:07:76:46:55:89:a9:d8:d8:44:37:e3:a6:23:53:26:a3:
f3:d3:de:c4:a6:91:94:d9:83:71:63:03:38:9f:cb:6e:08:1d:
d3:34:f3:52:b9:d1:96:5e:3f:93:46:77:9d:c2:41:0b:c1:82:
7b:24:cb:2a:d6:b3:86:07:43:68:da:bd:06:5b:99:40:2e:d2:
8f:7a:87:d9:d3:94:58:2b:56:af:3e:92:c1:e8:1b:d0:48:23:
a6:78:53:36:b2:12:a0:8b:bb:72:b5:e2:76:30:d5:7d:42:d7:
a5:83:a1:37:a2:d3:34:fe:34:86:5c:d8:68:15:ff:9c:f4:b8:
d4:1c:92:95:db:fb:12:e6:3d:0e:2c:d9:94:1d:04:97:9a:07:
b3:2f:ec:6c:cc:e5:47:61:54:2f:c1:3c:9e:b4:df:ac:45:d5:
45:fa:f6:6b:c4:3d:36:39:12:a5:4e:f9:2e:dc:6c:85:54:5c:
95:db:63:43:99:90:0b:fd:30:28:bd:41:46:37:29:fd:dc:d4:
9f:c9:dc:6a:4b:41:0f:69:f8:12:92:c2:e4:b9:12:7e:e8:f4:
1d:7d:d6:25
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe3D0XBWzfgUXQmZQFGodHQAicy0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMxMTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkMmZmYzZmZDkyMDI4OGEzNjY5Njk2OGU0MWEzMzg3ZTZiZjcxZWMzMThj
ODAxMmNlMmExYjU2MGQ3MDk3MzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKqyrmJ4L4o4MkveRiz5dgKLjIVFmyGb/ZKz7Z0Jq4crUu3AhqSkfW983p66
EPL/pA+Gmqy5NXrXoMbDkwhMQXKZVqdKHmM+hm8dr8jXyJ1YIsOCMG5ucVTkGD2W
Hznqch7l80mRaU4gNa3oyWerdfuKGGu2dM5tlpW+Pks25rAAqeMgrYtoamPzb2G5
AFaxvHZ7gkqUrFxC8buVJIjnj9nBFAf6XGuTKOovTc57BVAfhe1Tcy5xIERQ6t3Y
1mz5AN+pMFGgiHnDBe1OG6mE+ChePhjF7uftf2SrejGxu6GKVwpPzgqHrVSo3Jbc
U7GfnFOleOSBtx4Sg3tH5N+8w4kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT6qI1O
fcWGxCEv0mFZU2esfLYNxTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGJkMmQ1NmEtYjY5OS00YjMzLWExNTMtZmE4MjZiNmI4MGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABA
MA0GCSqGSIb3DQEBCwUAA4IBAQA6IrVP6klaXWPqb9dE1f5aewK9G2yiV6Da7PJ6
1HHOispaA8nhkwd2RlWJqdjYRDfjpiNTJqPz097EppGU2YNxYwM4n8tuCB3TNPNS
udGWXj+TRnedwkELwYJ7JMsq1rOGB0No2r0GW5lALtKPeofZ05RYK1avPpLB6BvQ
SCOmeFM2shKgi7tyteJ2MNV9Qtelg6E3otM0/jSGXNhoFf+c9LjUHJKV2/sS5j0O
LNmUHQSXmgezL+xszOVHYVQvwTyetN+sRdVF+vZrxD02ORKlTvku3GyFVFyV22ND
mZAL/TAovUFGNyn93NSfydxqS0EPafgSksLkuRJ+6PQdfdYl
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:32:50 2025 by rpki-client