Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df59e31f-1e32-4e7a-a595-74adb3f93176.roa
File: df59e31f-1e32-4e7a-a595-74adb3f93176.roa (raw, json)
Hash identifier: wWNO1hZXd/++Iye2dfPSFy5+eoxCefmsnrZ62Wx3ka0=
Subject key identifier: 99:8A:10:D9:29:9D:9F:38:7E:3E:A9:A7:5F:DB:BB:26:42:F9:3B:47
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5926E7E5D262B9F03BABE6700662F8A5F746EF65
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df59e31f-1e32-4e7a-a595-74adb3f93176.roa
Signing time: Fri 11 Jul 2025 19:21:30 +0000
ROA not before: Fri 11 Jul 2025 19:21:30 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:26:e7:e5:d2:62:b9:f0:3b:ab:e6:70:06:62:f8:a5:f7:46:ef:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:21:30 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=2c94da306ae874160c10b34bb76c5b0f798f8e7cbc77a076ed88e148ab73deb4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:de:b5:84:f3:7e:c3:af:1c:de:7d:ac:1d:8e:
7b:58:34:c8:37:7e:54:3d:8a:1f:e7:15:bc:b9:ee:
c5:a8:d1:7f:17:3c:f4:d3:24:d1:19:b2:de:13:b3:
e1:74:38:db:a3:53:a8:4e:79:85:df:6e:3f:0f:9e:
75:bb:ce:ef:f9:2c:56:7a:9b:91:25:52:f6:f1:cf:
49:d0:88:ef:3a:24:8c:b4:57:35:71:fc:ca:6f:7d:
b7:42:b3:1f:75:73:a7:84:e0:7b:63:4a:a3:70:be:
b6:6c:60:f6:03:82:23:db:82:e6:9f:5e:58:ec:2a:
15:9e:ce:48:ff:94:50:c5:40:18:4b:f2:c7:91:a6:
b8:03:10:a5:ea:cb:1a:b4:ed:7f:61:25:46:18:36:
a3:0c:81:5d:ee:bb:a1:79:7a:df:aa:6b:3f:4f:82:
8f:b5:1d:f9:13:7a:3e:89:c8:dd:d1:25:f3:d9:4e:
25:a8:55:b2:be:9f:fc:e7:63:20:98:ed:11:67:b8:
a9:87:64:06:58:7c:1c:37:e1:a3:80:2e:bd:8d:a4:
f2:9e:d9:7a:e0:fd:fc:57:1a:53:11:14:5a:f0:88:
bd:28:fe:4d:f0:8c:95:1f:92:6d:fa:6f:da:12:32:
ad:02:e4:16:2e:7b:1a:2b:d9:2c:b4:bc:f2:53:06:
5c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:8A:10:D9:29:9D:9F:38:7E:3E:A9:A7:5F:DB:BB:26:42:F9:3B:47
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df59e31f-1e32-4e7a-a595-74adb3f93176.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e000::/40
Signature Algorithm: sha256WithRSAEncryption
8a:c4:7e:bf:75:6c:6e:82:ed:3e:ab:4c:80:0c:ef:f8:6f:c8:
b7:8f:28:09:bd:c6:e7:3a:53:6b:12:7f:b5:53:14:1a:01:7c:
ce:d7:48:ed:d2:8a:e1:b9:57:f7:62:05:a5:d4:34:61:30:8c:
a4:96:8d:1f:92:a5:bc:ea:49:92:0d:98:77:94:03:50:9f:1b:
10:f1:c3:be:c8:d4:6d:58:58:b3:ae:41:b2:57:93:dc:13:ed:
fe:da:cb:74:80:6c:0f:31:30:16:43:f2:91:66:ee:c1:4f:7d:
58:6e:e0:0f:cc:46:03:70:64:8f:77:8b:97:6f:d5:45:27:90:
2c:cb:17:d0:ca:9e:c7:b0:30:fb:cc:cb:20:95:bf:47:61:be:
61:61:19:96:6a:69:f3:bc:4f:3f:34:6b:95:c7:e4:e5:97:58:
50:ba:a6:c5:9f:97:1b:71:82:6c:48:99:22:2a:b6:db:aa:5b:
05:e5:3a:8c:f1:19:bf:f3:5b:d5:a4:26:d8:b7:e0:22:80:d4:
c0:c9:42:61:1b:2f:6f:eb:a8:68:ec:30:3a:2e:fd:52:1d:97:
f1:85:aa:ba:e0:a9:6a:7c:4f:d0:2c:2a:29:76:92:e5:7e:3b:
dc:c8:28:ea:34:97:73:30:44:31:b1:90:39:94:e1:15:bc:4b:
f5:5e:ba:7e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWSbn5dJiufA7q+ZwBmL4pfdG72UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIxMzBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjOTRkYTMwNmFlODc0MTYwYzEwYjM0YmI3NmM1YjBmNzk4ZjhlN2NiYzc3
YTA3NmVkODhlMTQ4YWI3M2RlYjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN7etYTzfsOvHN59rB2Oe1g0yDd+VD2KH+cVvLnuxajRfxc89NMk0Rmy3hOz
4XQ426NTqE55hd9uPw+edbvO7/ksVnqbkSVS9vHPSdCI7zokjLRXNXH8ym99t0Kz
H3Vzp4Tge2NKo3C+tmxg9gOCI9uC5p9eWOwqFZ7OSP+UUMVAGEvyx5GmuAMQperL
GrTtf2ElRhg2owyBXe67oXl636prP0+Cj7Ud+RN6PonI3dEl89lOJahVsr6f/Odj
IJjtEWe4qYdkBlh8HDfho4AuvY2k8p7ZeuD9/FcaUxEUWvCIvSj+TfCMlR+Sbfpv
2hIyrQLkFi57GivZLLS88lMGXCkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSZihDZ
KZ2fOH4+qadf27smQvk7RzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGY1OWUzMWYtMWUzMi00ZTdhLWE1OTUtNzRhZGIzZjkzMTc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DHg
MA0GCSqGSIb3DQEBCwUAA4IBAQCKxH6/dWxugu0+q0yADO/4b8i3jygJvcbnOlNr
En+1UxQaAXzO10jt0orhuVf3YgWl1DRhMIyklo0fkqW86kmSDZh3lANQnxsQ8cO+
yNRtWFizrkGyV5PcE+3+2st0gGwPMTAWQ/KRZu7BT31YbuAPzEYDcGSPd4uXb9VF
J5AsyxfQyp7HsDD7zMsglb9HYb5hYRmWamnzvE8/NGuVx+Tll1hQuqbFn5cbcYJs
SJkiKrbbqlsF5TqM8Rm/81vVpCbYt+AigNTAyUJhGy9v66ho7DA6Lv1SHZfxhaq6
4KlqfE/QLCopdpLlfjvcyCjqNJdzMEQxsZA5lOEVvEv1Xrp+
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:34:36 2025 by rpki-client