Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de12834a-9370-4c63-969f-bf8eef4cd73b.roa
File: de12834a-9370-4c63-969f-bf8eef4cd73b.roa (raw, json)
Hash identifier: MEb0PbmgfdPCv2Rq7sak8pPzRiJL4Ey2XYvw9nPuew0=
Subject key identifier: 91:FC:DA:EB:0A:D6:46:49:C4:85:CD:9F:5B:44:CE:59:6E:75:31:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14EE1D78737DD81917D1153B225D1948526C0943
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de12834a-9370-4c63-969f-bf8eef4cd73b.roa
Signing time: Fri 04 Jul 2025 18:30:13 +0000
ROA not before: Fri 04 Jul 2025 18:30:13 +0000
ROA not after: Fri 08 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:ee:1d:78:73:7d:d8:19:17:d1:15:3b:22:5d:19:48:52:6c:09:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 4 18:30:13 2025 GMT
Not After : Aug 8 23:59:59 2025 GMT
Subject: serialNumber=8e94fa744e345f6458386962e5196a112ec50b54250c39e4109702c7650f4821, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:03:12:22:44:84:ac:f4:06:79:9b:98:c2:db:
5e:40:78:65:c9:2f:32:20:ff:d0:e8:f5:bd:d1:01:
da:24:5c:35:cf:06:80:08:24:be:68:9d:9b:c5:ba:
ba:06:8d:37:49:56:a3:b0:af:1a:14:b9:cb:d8:32:
33:5f:d8:51:70:74:0c:19:20:5c:60:6d:77:63:a4:
16:11:d1:8f:b7:09:ec:b1:72:b8:90:f3:32:70:43:
ce:81:3b:cd:d6:d0:4f:0b:ae:9c:97:20:a8:7c:b1:
44:19:9b:1d:e7:3c:b1:f0:dd:21:c9:90:84:d9:ad:
83:cf:ab:03:42:60:17:05:bc:ee:a0:30:42:3c:eb:
29:95:a5:b4:77:6d:10:dd:38:c9:9a:ea:73:be:74:
3d:43:d2:84:0a:d2:b4:c2:be:a6:ed:04:4e:a9:ff:
ca:3f:64:69:fe:a0:0a:dd:cf:41:89:88:93:11:67:
8d:50:b1:c9:90:8c:d6:00:bb:d7:8f:9a:c9:65:96:
cc:4a:09:61:d7:ed:32:61:12:7c:77:17:b3:af:da:
27:a8:e8:31:86:c8:48:b4:60:fe:64:23:9f:90:a3:
16:64:e2:8b:52:b5:e0:f6:cb:10:79:7e:01:1c:45:
36:3e:55:45:e3:12:8c:13:9e:04:07:f9:6e:6f:9a:
b3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:FC:DA:EB:0A:D6:46:49:C4:85:CD:9F:5B:44:CE:59:6E:75:31:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de12834a-9370-4c63-969f-bf8eef4cd73b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4010::/48
Signature Algorithm: sha256WithRSAEncryption
39:a9:9c:c9:19:bd:66:74:c7:c7:60:ab:e0:69:99:d6:7f:44:
61:e0:89:88:b7:65:ce:97:b1:f0:54:68:1a:a1:06:73:0b:09:
2a:32:cf:d6:cf:ec:f3:08:9d:9c:49:46:06:c1:4b:2b:00:69:
61:8c:2d:e6:c9:36:ef:c4:84:6e:ce:50:85:e8:a5:e6:68:d0:
9f:f6:27:0b:09:78:59:2a:6c:7d:ac:b1:dc:f0:70:bc:bc:c9:
14:4f:d2:38:96:8b:d5:fd:ba:69:80:9e:99:00:d8:21:8f:ae:
71:ea:e0:12:14:01:a1:48:08:5e:4f:59:35:e3:fe:17:1c:c9:
5b:0d:0a:32:e9:16:83:e8:e3:02:4a:7f:39:93:a7:1b:58:0c:
31:4f:4b:5f:d3:97:81:0a:77:43:c0:f1:bb:f9:62:49:e9:e0:
de:f7:91:62:f0:54:c7:52:d1:63:fb:2c:d2:4e:72:b9:cd:bc:
28:ce:3e:81:34:70:39:bb:e0:18:64:99:9b:ae:d2:aa:a8:2a:
b4:9c:62:d9:94:ba:4c:e9:4c:bf:0c:ce:64:bb:df:6b:12:7c:
cb:b9:cd:91:12:b9:80:34:66:2c:b8:5d:ae:e3:54:40:be:c1:
a2:cb:f9:40:5a:37:db:c2:6f:8c:7a:13:a0:d5:89:4e:4a:71:
52:e2:88:49
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFO4deHN92BkX0RU7Il0ZSFJsCUMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDQxODMwMTNaFw0yNTA4MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlOTRmYTc0NGUzNDVmNjQ1ODM4Njk2MmU1MTk2YTExMmVjNTBiNTQyNTBj
MzllNDEwOTcwMmM3NjUwZjQ4MjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKoDEiJEhKz0BnmbmMLbXkB4ZckvMiD/0Oj1vdEB2iRcNc8GgAgkvmidm8W6
ugaNN0lWo7CvGhS5y9gyM1/YUXB0DBkgXGBtd2OkFhHRj7cJ7LFyuJDzMnBDzoE7
zdbQTwuunJcgqHyxRBmbHec8sfDdIcmQhNmtg8+rA0JgFwW87qAwQjzrKZWltHdt
EN04yZrqc750PUPShArStMK+pu0ETqn/yj9kaf6gCt3PQYmIkxFnjVCxyZCM1gC7
14+ayWWWzEoJYdftMmESfHcXs6/aJ6joMYbISLRg/mQjn5CjFmTii1K14PbLEHl+
ARxFNj5VReMSjBOeBAf5bm+asxkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSR/Nrr
CtZGScSFzZ9bRM5ZbnUxYDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGUxMjgzNGEtOTM3MC00YzYzLTk2OWYtYmY4ZWVmNGNkNzNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
EDANBgkqhkiG9w0BAQsFAAOCAQEAOamcyRm9ZnTHx2Cr4GmZ1n9EYeCJiLdlzpex
8FRoGqEGcwsJKjLP1s/s8widnElGBsFLKwBpYYwt5sk278SEbs5Qheil5mjQn/Yn
Cwl4WSpsfayx3PBwvLzJFE/SOJaL1f26aYCemQDYIY+ucergEhQBoUgIXk9ZNeP+
FxzJWw0KMukWg+jjAkp/OZOnG1gMMU9LX9OXgQp3Q8Dxu/liSeng3veRYvBUx1LR
Y/ss0k5yuc28KM4+gTRwObvgGGSZm67SqqgqtJxi2ZS6TOlMvwzOZLvfaxJ8y7nN
kRK5gDRmLLhdruNUQL7Bosv5QFo328JvjHoToNWJTkpxUuKISQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:24 2025 by rpki-client