Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7459b4-43ce-4e19-8904-9681781506ff.roa
File: dd7459b4-43ce-4e19-8904-9681781506ff.roa (raw, json)
Hash identifier: bacrgmckwQOKJ9gAGMe5lg55LWyvWrLRtfiejsSxfFY=
Subject key identifier: 99:FF:85:32:10:67:24:9D:E0:27:12:94:9B:72:F7:05:43:D5:F0:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49E0807D72B4F21505A1233693B7122424DB78D2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7459b4-43ce-4e19-8904-9681781506ff.roa
Signing time: Fri 11 Jul 2025 20:00:10 +0000
ROA not before: Fri 11 Jul 2025 20:00:10 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:e0:80:7d:72:b4:f2:15:05:a1:23:36:93:b7:12:24:24:db:78:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:00:10 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=eba3f64d113812fe61133adc727eeb343e0f54fb99fa0fe2f7ceda1caaf065a8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:07:67:e5:ae:bb:d0:04:8e:1b:10:69:bb:e5:
99:cd:19:89:78:46:28:4f:2c:ab:d2:34:57:eb:73:
66:cf:cf:f3:8d:15:a0:8b:89:62:56:9e:2f:21:ed:
ab:3d:f1:e9:83:5a:ed:10:a5:38:ef:09:07:90:83:
97:a0:36:d9:76:cc:95:53:de:32:eb:ea:0c:57:02:
d9:89:f1:66:17:dc:68:4c:14:f7:3a:ef:42:50:7e:
81:5f:10:55:a5:a2:c6:80:b5:a7:da:86:a2:ec:8f:
ba:57:5f:87:19:2a:5f:31:37:17:53:ae:c9:fe:cd:
7e:c3:d4:4c:f7:f2:d1:ad:68:ce:ad:35:a7:28:c0:
07:54:ff:25:a1:13:52:21:70:26:44:28:59:c0:25:
99:9c:08:3d:e5:35:17:8e:65:75:54:c6:96:4d:4a:
36:e8:57:f4:cb:e3:a3:df:85:57:8c:76:2b:9b:54:
91:9a:e0:fd:46:1c:60:3e:35:3d:26:f0:85:de:2a:
4f:06:f3:92:9e:5c:78:72:6a:69:7a:99:3e:32:78:
a5:be:fc:d9:66:38:55:85:c7:ef:8a:2f:86:51:f9:
43:09:1f:24:9f:f0:fb:6d:40:32:5b:70:ba:d8:98:
4d:fb:56:cf:e7:89:2e:18:eb:72:82:70:19:28:d0:
33:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:FF:85:32:10:67:24:9D:E0:27:12:94:9B:72:F7:05:43:D5:F0:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7459b4-43ce-4e19-8904-9681781506ff.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:5000::/40
Signature Algorithm: sha256WithRSAEncryption
4b:cb:67:5e:ad:7b:f1:41:5b:d5:50:e0:53:e2:4c:7e:ee:7c:
15:64:55:99:96:8d:4c:6c:10:9b:6e:53:14:9c:96:ce:7b:e8:
23:e4:fd:a2:31:34:31:50:8b:89:e3:3b:2b:41:57:71:7e:5b:
c2:a7:18:90:6b:9f:38:98:d7:bc:c2:ce:31:8c:74:22:c5:4b:
58:3d:ab:c1:50:1b:c0:1b:d7:57:bb:04:a9:f5:c4:b0:c4:0e:
b8:00:c7:2c:c3:7e:9f:e4:5b:cd:f9:07:00:66:4d:d5:4f:f6:
01:e6:58:3d:b5:d8:a0:a3:68:e8:fb:93:a7:5b:aa:b4:2d:2f:
2b:b7:e5:73:5d:df:42:43:e5:6f:40:61:b0:08:00:37:dd:24:
d4:b9:6a:95:ee:b4:8a:96:83:63:fb:17:54:15:73:83:34:5a:
1c:0f:7d:63:9f:3d:36:4c:14:78:da:7c:ae:a6:31:75:3e:91:
3c:0c:d5:31:fa:ed:89:e7:60:eb:b0:e6:f1:6c:4b:f9:2d:96:
81:b9:b8:51:2f:cf:b7:e6:89:07:dd:59:7a:50:71:ca:62:c1:
61:8b:ff:53:2d:43:25:c4:83:a7:c3:0e:04:7a:ca:55:3b:1d:
e0:6b:06:8e:d6:7c:20:fa:1b:c8:d9:37:7b:5d:06:54:e6:e4:
29:2e:21:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSeCAfXK08hUFoSM2k7cSJCTbeNIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAwMTBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGViYTNmNjRkMTEzODEyZmU2MTEzM2FkYzcyN2VlYjM0M2UwZjU0ZmI5OWZh
MGZlMmY3Y2VkYTFjYWFmMDY1YTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkHZ+Wuu9AEjhsQabvlmc0ZiXhGKE8sq9I0V+tzZs/P840VoIuJYlaeLyHt
qz3x6YNa7RClOO8JB5CDl6A22XbMlVPeMuvqDFcC2YnxZhfcaEwU9zrvQlB+gV8Q
VaWixoC1p9qGouyPuldfhxkqXzE3F1Ouyf7NfsPUTPfy0a1ozq01pyjAB1T/JaET
UiFwJkQoWcAlmZwIPeU1F45ldVTGlk1KNuhX9Mvjo9+FV4x2K5tUkZrg/UYcYD41
PSbwhd4qTwbzkp5ceHJqaXqZPjJ4pb782WY4VYXH74ovhlH5QwkfJJ/w+21AMltw
utiYTftWz+eJLhjrcoJwGSjQM7sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSZ/4Uy
EGckneAnEpSbcvcFQ9XwIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGQ3NDU5YjQtNDNjZS00ZTE5LTg5MDQtOTY4MTc4MTUwNmZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBLy2derXvxQVvVUOBT4kx+7nwVZFWZlo1MbBCb
blMUnJbOe+gj5P2iMTQxUIuJ4zsrQVdxflvCpxiQa584mNe8ws4xjHQixUtYPavB
UBvAG9dXuwSp9cSwxA64AMcsw36f5FvN+QcAZk3VT/YB5lg9tdigo2jo+5OnW6q0
LS8rt+VzXd9CQ+VvQGGwCAA33STUuWqV7rSKloNj+xdUFXODNFocD31jnz02TBR4
2nyupjF1PpE8DNUx+u2J52DrsObxbEv5LZaBubhRL8+35okH3Vl6UHHKYsFhi/9T
LUMlxIOnww4EespVOx3gawaO1nwg+hvI2Td7XQZU5uQpLiFZ
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:44:15 2025 by rpki-client