Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
File: dc148af9-68cc-4a7f-b7fd-6ac691016888.roa (raw, json)
Hash identifier: WQxxuDEzcrkx1KsP/hqy7F0M/7n3hJ0Xp7iB4qbOvEA=
Subject key identifier: 13:F0:25:6B:AE:91:0B:FA:26:3C:55:C6:E5:6D:9C:A2:7E:9D:33:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2007785E750401A39AEFD3813B2F44300F01D210
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
Signing time: Fri 11 Jul 2025 20:50:17 +0000
ROA not before: Fri 11 Jul 2025 20:50:17 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:07:78:5e:75:04:01:a3:9a:ef:d3:81:3b:2f:44:30:0f:01:d2:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:50:17 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=8dc8a31d86f57429bedb96b0237773054dd87e7c232c512629bd91e4f0406ab7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9c:23:56:08:af:2d:e3:c6:60:c0:30:7c:a3:
76:f1:ae:66:8f:71:f3:67:7a:bf:60:c7:3d:91:c0:
f5:09:35:da:f3:6f:ef:27:1d:cc:f3:0c:24:56:d5:
7e:6a:4e:8c:12:56:bb:03:a0:2d:ec:96:66:9e:fc:
02:61:e5:33:e2:83:c5:46:37:51:35:8c:66:4a:9a:
ab:eb:b7:6a:b1:dd:dd:60:d8:9b:b4:6f:18:ec:38:
88:d5:e9:f3:fc:a3:ce:d5:26:43:b1:bd:2f:a2:81:
7b:55:2d:e5:b1:f4:3a:92:18:f9:c2:33:5c:91:6d:
f0:e4:b9:5b:be:2c:36:5a:6c:95:f7:b3:12:77:e3:
22:d4:af:e4:d6:42:ec:3f:06:65:82:18:d5:26:e8:
5d:b3:b5:01:48:eb:71:3c:03:9c:1b:35:21:3e:11:
ec:8d:89:4b:68:2d:a6:19:4e:38:19:96:92:e7:ca:
df:6c:7f:65:bc:fb:f9:bb:5c:b4:88:4d:a1:f7:5b:
15:87:1d:8f:ac:52:0d:be:e8:b5:2e:d1:17:8b:6f:
40:cf:24:92:a8:92:86:7e:84:a7:cb:37:94:5b:49:
90:56:b5:af:b7:52:72:27:c9:92:8e:76:90:d8:16:
24:4d:1f:1a:e8:f8:11:e6:fc:5c:2f:d6:ea:03:fe:
71:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:F0:25:6B:AE:91:0B:FA:26:3C:55:C6:E5:6D:9C:A2:7E:9D:33:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025::/36
Signature Algorithm: sha256WithRSAEncryption
91:9c:61:07:30:95:6d:6d:90:0e:02:97:46:d9:d0:91:2e:9b:
4b:29:97:59:60:84:d0:4c:28:c2:0f:70:4a:c3:e3:ac:1d:27:
00:be:b8:19:4d:a7:f4:49:6b:bd:97:b3:b9:80:eb:64:99:a5:
3d:19:8d:b0:e2:23:dd:38:f2:60:e7:06:33:e8:15:ca:6b:7f:
75:a4:33:9b:bd:90:3d:31:70:33:58:65:9c:d8:f3:c5:1a:02:
09:8f:11:6d:2f:9a:55:f1:fa:69:2b:9f:21:b8:dc:f6:ff:47:
01:9e:be:f6:13:93:f8:d7:0b:39:3b:95:d0:a0:5e:35:88:76:
f7:dd:70:4b:b7:1e:17:2e:dc:c6:12:f6:da:07:57:63:75:23:
24:64:da:52:d1:56:3d:ac:35:72:ed:a0:e7:73:f6:56:aa:4c:
61:66:8f:98:30:0c:39:a6:13:ab:d8:64:b6:ae:de:49:a1:63:
cb:01:38:94:8b:12:dc:78:1c:82:3c:ae:87:d3:8f:7a:47:32:
44:dc:6c:1f:35:67:3f:82:da:fa:4c:d1:ab:bd:61:76:8e:e4:
da:9b:24:57:fd:99:e7:29:5d:35:60:fb:0d:49:90:e0:09:16:
5a:7b:22:de:29:2a:d4:7a:ad:65:ec:46:59:4c:56:02:95:b2:
37:30:a9:cf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIAd4XnUEAaOa79OBOy9EMA8B0hAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDUwMTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkYzhhMzFkODZmNTc0MjliZWRiOTZiMDIzNzc3MzA1NGRkODdlN2MyMzJj
NTEyNjI5YmQ5MWU0ZjA0MDZhYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6cI1YIry3jxmDAMHyjdvGuZo9x82d6v2DHPZHA9Qk12vNv7ycdzPMMJFbV
fmpOjBJWuwOgLeyWZp78AmHlM+KDxUY3UTWMZkqaq+u3arHd3WDYm7RvGOw4iNXp
8/yjztUmQ7G9L6KBe1Ut5bH0OpIY+cIzXJFt8OS5W74sNlpslfezEnfjItSv5NZC
7D8GZYIY1SboXbO1AUjrcTwDnBs1IT4R7I2JS2gtphlOOBmWkufK32x/Zbz7+btc
tIhNofdbFYcdj6xSDb7otS7RF4tvQM8kkqiShn6Ep8s3lFtJkFa1r7dScifJko52
kNgWJE0fGuj4Eeb8XC/W6gP+cSsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQT8CVr
rpEL+iY8VcblbZyifp0zojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGMxNDhhZjktNjhjYy00YTdmLWI3ZmQtNmFjNjkxMDE2ODg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUA
MA0GCSqGSIb3DQEBCwUAA4IBAQCRnGEHMJVtbZAOApdG2dCRLptLKZdZYITQTCjC
D3BKw+OsHScAvrgZTaf0SWu9l7O5gOtkmaU9GY2w4iPdOPJg5wYz6BXKa391pDOb
vZA9MXAzWGWc2PPFGgIJjxFtL5pV8fppK58huNz2/0cBnr72E5P41ws5O5XQoF41
iHb33XBLtx4XLtzGEvbaB1djdSMkZNpS0VY9rDVy7aDnc/ZWqkxhZo+YMAw5phOr
2GS2rt5JoWPLATiUixLceByCPK6H0496RzJE3GwfNWc/gtr6TNGrvWF2juTamyRX
/ZnnKV01YPsNSZDgCRZaeyLeKSrUeq1l7EZZTFYClbI3MKnP
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:45:02 2025 by rpki-client