Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de6578a7-816f-468a-acf9-83781a3b3769.roa
File: de6578a7-816f-468a-acf9-83781a3b3769.roa (raw, json)
Hash identifier: vCheWYfPiLifQAzbWa4lpTVxDzDs9+sZsstdO35sF/c=
Subject key identifier: CC:DC:2F:A3:45:6D:AC:0F:0B:E9:02:E6:A6:CF:29:3C:7F:CF:62:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03E6F1AA183AED0F26E4A82167BF87D7EA061B25
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de6578a7-816f-468a-acf9-83781a3b3769.roa
Signing time: Fri 11 Jul 2025 19:21:35 +0000
ROA not before: Fri 11 Jul 2025 19:21:35 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:e6:f1:aa:18:3a:ed:0f:26:e4:a8:21:67:bf:87:d7:ea:06:1b:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:21:35 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=c02ec5ebca2870a90ff3bcfec1cc58d31029cc7891c8a9528873dc6bb586ed25, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d7:0d:9c:3c:b1:4f:f0:1d:f1:7b:1b:14:0e:
16:29:68:2c:19:ad:ec:60:24:bb:71:c7:24:51:e6:
24:a2:27:e9:8d:47:e3:c8:c4:3e:a9:e2:cd:c6:76:
28:20:21:45:f0:38:04:4c:7d:c6:41:b7:92:60:90:
57:3c:c2:59:a4:48:79:0f:b7:cb:f9:82:0f:0d:e6:
32:44:ae:08:1f:52:00:c6:6c:6e:e5:35:18:4a:ce:
92:bd:24:ae:56:3e:4c:7c:7b:aa:33:93:6b:81:71:
77:6d:10:13:bd:ed:8c:21:ef:4f:4e:b8:b1:9d:1b:
20:f4:b2:0b:cc:5c:7e:ae:04:48:bc:ee:ae:c5:30:
0b:53:db:90:0f:b7:02:3c:ef:dd:27:fb:63:d6:5a:
39:67:a7:92:a0:0b:bb:b4:13:1c:fb:da:c9:e5:77:
8e:8c:91:e0:b8:a8:49:57:78:0c:c0:00:14:5b:c1:
0e:8c:b1:21:0a:e1:8c:0a:0e:f6:11:15:3f:66:c1:
b3:bc:dc:ad:9e:82:73:44:6a:e6:21:5e:3a:1e:21:
0e:8b:57:e7:8e:66:6c:67:83:d1:53:61:74:f8:a5:
53:15:7c:2b:bc:2f:c6:45:a7:e3:85:09:cd:0b:8f:
4b:00:5d:09:a3:e0:2b:01:3c:11:05:9b:a4:40:03:
7e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:DC:2F:A3:45:6D:AC:0F:0B:E9:02:E6:A6:CF:29:3C:7F:CF:62:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de6578a7-816f-468a-acf9-83781a3b3769.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8000::/40
Signature Algorithm: sha256WithRSAEncryption
62:6a:24:40:fd:e8:74:26:4b:03:83:f2:e6:5f:e5:5f:69:fe:
03:b3:cb:fa:28:9e:d9:7e:d1:01:b7:ad:20:a0:b2:c2:c6:f2:
6a:ff:46:e5:d6:47:9d:75:d6:86:c3:82:92:d3:dd:51:3c:ed:
ec:04:38:85:67:22:67:fe:fa:06:47:3d:74:f4:de:df:c2:4d:
08:9e:3c:ce:58:2f:4c:07:81:e4:0d:8d:63:5d:17:4c:ff:24:
da:3f:85:86:f7:1b:7f:5e:5f:6a:e5:e7:fe:b7:b6:63:85:a1:
d3:2a:06:37:9d:ff:ef:72:b4:43:0d:8e:2e:07:43:d6:90:e8:
46:e8:8c:47:1a:d9:e0:b5:58:ae:35:30:3e:d9:15:b1:1a:37:
5c:a1:a9:75:b2:e8:32:b5:11:a5:ca:c5:a8:48:4a:d9:80:24:
38:20:2a:b8:3c:01:42:79:03:0d:56:66:32:84:c6:a5:32:f6:
f5:2d:7b:fe:71:46:9c:cb:49:18:fa:1b:94:e5:a9:b8:28:e7:
ec:cf:7e:20:5d:52:33:0b:15:68:af:ec:3c:06:cb:c3:bf:d4:
cb:2c:24:ea:56:d2:32:c6:10:98:9e:ac:c4:65:48:b0:5a:36:
23:dd:a9:a5:f9:61:14:18:87:f7:51:f4:e1:2f:1e:9a:46:9c:
7a:ad:ec:c8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUA+bxqhg67Q8m5KghZ7+H1+oGGyUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIxMzVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwMmVjNWViY2EyODcwYTkwZmYzYmNmZWMxY2M1OGQzMTAyOWNjNzg5MWM4
YTk1Mjg4NzNkYzZiYjU4NmVkMjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTXDZw8sU/wHfF7GxQOFiloLBmt7GAku3HHJFHmJKIn6Y1H48jEPqnizcZ2
KCAhRfA4BEx9xkG3kmCQVzzCWaRIeQ+3y/mCDw3mMkSuCB9SAMZsbuU1GErOkr0k
rlY+THx7qjOTa4Fxd20QE73tjCHvT064sZ0bIPSyC8xcfq4ESLzursUwC1PbkA+3
Ajzv3Sf7Y9ZaOWenkqALu7QTHPvayeV3joyR4LioSVd4DMAAFFvBDoyxIQrhjAoO
9hEVP2bBs7zcrZ6Cc0Rq5iFeOh4hDotX545mbGeD0VNhdPilUxV8K7wvxkWn44UJ
zQuPSwBdCaPgKwE8EQWbpEADfvsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTM3C+j
RW2sDwvpAuamzyk8f89i0DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGU2NTc4YTctODE2Zi00NjhhLWFjZjktODM3ODFhM2IzNzY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGA
MA0GCSqGSIb3DQEBCwUAA4IBAQBiaiRA/eh0JksDg/LmX+Vfaf4Ds8v6KJ7ZftEB
t60goLLCxvJq/0bl1kedddaGw4KS091RPO3sBDiFZyJn/voGRz109N7fwk0InjzO
WC9MB4HkDY1jXRdM/yTaP4WG9xt/Xl9q5ef+t7ZjhaHTKgY3nf/vcrRDDY4uB0PW
kOhG6IxHGtngtViuNTA+2RWxGjdcoal1sugytRGlysWoSErZgCQ4ICq4PAFCeQMN
VmYyhMalMvb1LXv+cUacy0kY+huU5am4KOfsz34gXVIzCxVor+w8BsvDv9TLLCTq
VtIyxhCYnqzEZUiwWjYj3aml+WEUGIf3UfThLx6aRpx6rezI
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:44:03 2025 by rpki-client