Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbe6491-8b72-4a7b-a538-1d2f7866c8e3.roa
File: ddbe6491-8b72-4a7b-a538-1d2f7866c8e3.roa (raw, json)
Hash identifier: M6ilUwI8XQnclIqSTO4PY1l4n2PnytWNWq80l8hlVS4=
Subject key identifier: 55:20:BB:7A:53:F3:88:B4:74:CE:50:64:A2:4C:C4:85:70:67:9B:82
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 18353DE615A018A0D1DB13C3F9D70DC524080981
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbe6491-8b72-4a7b-a538-1d2f7866c8e3.roa
Signing time: Fri 11 Jul 2025 20:00:13 +0000
ROA not before: Fri 11 Jul 2025 20:00:13 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:1040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:35:3d:e6:15:a0:18:a0:d1:db:13:c3:f9:d7:0d:c5:24:08:09:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:00:13 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=111af1c0c4e8dceba99143549f86046103981650c3743fac0d40ce46c8042d59, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:48:3c:43:2f:e3:82:b2:63:8f:d6:7f:02:72:
19:04:6f:85:bc:55:1b:9d:32:42:1e:08:e1:ef:c6:
7f:fb:22:c0:4d:cd:a7:fe:5f:ee:99:5c:6c:91:9b:
fa:25:7c:b4:62:1d:41:a7:c2:a1:e9:04:bb:ec:8f:
7c:8c:9f:ec:80:15:d2:e7:b4:a8:a5:5f:c7:f9:be:
29:d8:ce:4a:33:fc:b1:37:b3:e1:fa:9c:3f:2b:65:
8d:a8:19:b1:5d:05:66:59:7b:a6:b9:17:49:35:db:
04:d4:1d:f6:14:5b:25:4a:05:e2:b0:07:14:69:54:
8d:b6:d3:55:e2:ac:4f:18:38:51:23:c8:0b:4a:48:
9f:eb:f0:2b:74:d2:eb:59:dc:5b:47:48:58:81:55:
2d:fc:77:45:a2:dc:65:41:1d:a8:82:6f:3e:10:5e:
c7:c1:22:d3:63:1a:e8:fe:fd:68:ae:08:03:86:a6:
51:9a:3b:93:dc:54:d9:e8:40:2d:a5:c3:05:c7:e2:
08:66:6e:85:83:e2:57:00:20:fd:a6:b8:20:07:cb:
70:d4:18:ee:66:18:b5:a1:d6:92:97:49:4c:55:b6:
bb:52:ee:58:93:d6:07:b5:7e:15:8f:ec:e3:16:49:
ce:b6:c8:f6:64:2f:f4:b2:7b:00:c7:4a:f3:29:3e:
2e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:20:BB:7A:53:F3:88:B4:74:CE:50:64:A2:4C:C4:85:70:67:9B:82
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbe6491-8b72-4a7b-a538-1d2f7866c8e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:1040::/46
Signature Algorithm: sha256WithRSAEncryption
22:9c:7b:38:47:c3:75:cb:c6:72:50:16:45:cd:7c:62:a7:34:
20:72:93:52:7b:f7:ab:56:c8:7a:12:f9:ee:de:ea:dd:47:4c:
7e:80:17:1b:01:d3:f0:3d:f4:d9:11:ef:97:f7:15:05:4c:64:
81:0b:1c:6c:49:d4:29:6c:09:f8:db:ea:37:14:f2:3e:9c:80:
6c:98:4d:8c:02:ea:dd:2e:11:bc:9c:75:13:79:21:77:bf:3b:
e6:f9:07:d7:fd:c3:4f:db:6b:df:58:92:5d:6d:7a:fc:63:26:
9d:fd:33:12:31:cf:e1:ab:b4:4b:93:e5:f7:b2:33:c0:0a:0e:
10:35:0b:e3:bc:1a:19:3a:2f:02:ac:80:f5:ae:0b:d8:c8:63:
45:90:ba:ee:62:e8:2a:c3:da:c0:2b:6a:69:36:1f:28:43:8f:
f0:e4:a1:24:21:2b:c7:28:ab:60:10:78:0d:58:e7:3b:ec:0a:
5c:d8:28:77:48:32:84:02:ee:ba:23:cd:cd:9d:35:53:54:04:
f7:68:e9:f6:03:6a:75:e1:35:27:e6:fb:5d:3c:60:66:ab:de:
d1:6f:a2:49:fd:e1:84:77:91:c8:e3:83:3f:4d:2a:de:7f:53:
24:58:55:b5:87:a7:81:9d:6b:ae:69:0d:de:75:e0:58:e8:22:
ec:77:b0:fe
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGDU95hWgGKDR2xPD+dcNxSQICYEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAwMTNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDExMWFmMWMwYzRlOGRjZWJhOTkxNDM1NDlmODYwNDYxMDM5ODE2NTBjMzc0
M2ZhYzBkNDBjZTQ2YzgwNDJkNTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJpIPEMv44KyY4/WfwJyGQRvhbxVG50yQh4I4e/Gf/siwE3Np/5f7plcbJGb
+iV8tGIdQafCoekEu+yPfIyf7IAV0ue0qKVfx/m+KdjOSjP8sTez4fqcPytljagZ
sV0FZll7prkXSTXbBNQd9hRbJUoF4rAHFGlUjbbTVeKsTxg4USPIC0pIn+vwK3TS
61ncW0dIWIFVLfx3RaLcZUEdqIJvPhBex8Ei02Ma6P79aK4IA4amUZo7k9xU2ehA
LaXDBcfiCGZuhYPiVwAg/aa4IAfLcNQY7mYYtaHWkpdJTFW2u1LuWJPWB7V+FY/s
4xZJzrbI9mQv9LJ7AMdK8yk+Ln8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRVILt6
U/OItHTOUGSiTMSFcGebgjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGRiZTY0OTEtOGI3Mi00YTdiLWE1MzgtMWQyZjc4NjZjOGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DUQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAIpx7OEfDdcvGclAWRc18Yqc0IHKTUnv3q1bI
ehL57t7q3UdMfoAXGwHT8D302RHvl/cVBUxkgQscbEnUKWwJ+NvqNxTyPpyAbJhN
jALq3S4RvJx1E3khd7875vkH1/3DT9tr31iSXW16/GMmnf0zEjHP4au0S5Pl97Iz
wAoOEDUL47waGTovAqyA9a4L2MhjRZC67mLoKsPawCtqaTYfKEOP8OShJCErxyir
YBB4DVjnO+wKXNgod0gyhALuuiPNzZ01U1QE92jp9gNqdeE1J+b7XTxgZqve0W+i
Sf3hhHeRyOODP00q3n9TJFhVtYengZ1rrmkN3nXgWOgi7Hew/g==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:17 2025 by rpki-client