Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e05048c0-7751-4ec4-b891-a3583dbdc9fe.roa
File: e05048c0-7751-4ec4-b891-a3583dbdc9fe.roa (raw, json)
Hash identifier: b8jNOSF+N+PvJropIYscctuS3a/61jdZamNzikV8GmA=
Subject key identifier: 7A:BB:6C:EF:9C:B9:7E:BE:2F:96:1E:D4:D6:B6:CD:F6:87:86:21:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46C5BE3962B80FF9D749573289409916415F6363
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e05048c0-7751-4ec4-b891-a3583dbdc9fe.roa
Signing time: Fri 11 Jul 2025 20:50:59 +0000
ROA not before: Fri 11 Jul 2025 20:50:59 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:c5:be:39:62:b8:0f:f9:d7:49:57:32:89:40:99:16:41:5f:63:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:50:59 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=b54a0229635586e9c2d1c4af1c533d18e3a187992dd8a8bcc2eed9868c9b99db, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0a:7c:e9:a8:65:ea:8c:8a:cf:54:8a:df:f2:
47:07:f2:8a:49:89:c9:1d:39:38:80:b5:bd:7b:e4:
94:73:a6:56:6a:18:af:a4:32:eb:0e:f1:cc:44:d6:
53:35:0c:08:92:d0:1d:5c:33:cf:89:12:1f:3d:c8:
35:5e:f1:0b:36:25:da:9f:25:bb:5d:9f:b0:5d:8e:
89:2d:ed:b2:20:89:cf:85:64:2c:d6:22:d9:8e:be:
cc:c8:9b:b0:f9:6e:39:89:7c:c8:3a:a2:a2:a0:60:
29:c2:93:f4:de:80:3e:e1:64:d8:bf:de:20:13:5e:
3a:74:12:d4:f1:7b:b3:70:96:a2:c9:d7:c2:3d:3c:
bb:e7:cc:04:33:96:aa:bf:8a:3d:0a:0e:66:94:cc:
d5:dc:f0:c1:1a:0d:6f:13:70:01:f5:61:82:a3:da:
ad:79:ba:77:74:8e:90:35:aa:12:81:c3:85:22:1f:
df:36:2e:4b:1f:10:7f:17:b3:a8:5a:a9:84:e6:62:
5a:bb:3c:68:74:b5:9c:4f:95:8a:26:1f:ff:94:85:
c0:ce:36:1c:9a:64:9e:97:7f:c6:cb:23:94:b8:99:
bc:ca:88:0d:99:a0:94:b5:18:b7:e0:fa:0d:8d:ca:
b5:01:37:26:8d:62:80:53:f4:92:8a:dc:98:4a:ad:
4b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:BB:6C:EF:9C:B9:7E:BE:2F:96:1E:D4:D6:B6:CD:F6:87:86:21:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e05048c0-7751-4ec4-b891-a3583dbdc9fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018::/35
Signature Algorithm: sha256WithRSAEncryption
1d:39:cf:7b:56:ae:e5:2a:2a:b8:3e:88:04:2a:2f:66:f9:60:
ca:a1:6f:33:29:75:fb:5d:3c:4d:d2:c9:fd:2e:41:90:bf:5b:
2f:a2:fa:29:f3:8e:7d:41:a5:8e:63:cd:5d:5f:f3:99:2c:e1:
51:da:4c:63:b5:30:e0:4e:64:26:61:9b:3e:b1:2a:a7:d1:2c:
71:d8:5b:c7:6e:3f:55:83:b8:f2:bf:e4:87:9f:4d:54:50:95:
22:6d:d1:c1:d5:09:64:09:81:7e:bd:11:40:0d:9f:21:75:7c:
52:8f:cf:aa:12:49:be:a8:53:4e:9c:57:51:f0:de:f3:e6:cd:
a3:a9:75:67:6a:fc:ad:e4:a4:97:7e:4d:82:bd:0f:fc:79:d9:
d3:5e:86:0b:b2:6d:01:6b:ab:04:02:64:62:ca:16:31:25:36:
ce:46:d0:b9:fc:b6:30:f6:d8:b5:da:48:fb:fb:de:c6:eb:e6:
eb:24:74:c5:94:55:31:d1:ba:d4:a8:2a:e8:8d:0b:2c:53:7b:
10:b0:7c:3b:40:53:a8:25:51:fe:e7:c5:70:29:41:6f:44:41:
9c:1c:f6:50:13:74:7a:91:85:d1:9d:e8:94:f7:63:c4:19:f0:
77:69:b2:21:0c:9f:66:23:46:ef:21:94:37:9a:84:42:fa:1e:
ee:68:27:27
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURsW+OWK4D/nXSVcyiUCZFkFfY2MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDUwNTlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1NGEwMjI5NjM1NTg2ZTljMmQxYzRhZjFjNTMzZDE4ZTNhMTg3OTkyZGQ4
YThiY2MyZWVkOTg2OGM5Yjk5ZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIcKfOmoZeqMis9Uit/yRwfyikmJyR05OIC1vXvklHOmVmoYr6Qy6w7xzETW
UzUMCJLQHVwzz4kSHz3INV7xCzYl2p8lu12fsF2OiS3tsiCJz4VkLNYi2Y6+zMib
sPluOYl8yDqioqBgKcKT9N6APuFk2L/eIBNeOnQS1PF7s3CWosnXwj08u+fMBDOW
qr+KPQoOZpTM1dzwwRoNbxNwAfVhgqParXm6d3SOkDWqEoHDhSIf3zYuSx8Qfxez
qFqphOZiWrs8aHS1nE+ViiYf/5SFwM42HJpknpd/xssjlLiZvMqIDZmglLUYt+D6
DY3KtQE3Jo1igFP0korcmEqtS40CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR6u2zv
nLl+vi+WHtTWts32h4YhjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTA1MDQ4YzAtNzc1MS00ZWM0LWI4OTEtYTM1ODNkYmRjOWZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSoF0BgA
MA0GCSqGSIb3DQEBCwUAA4IBAQAdOc97Vq7lKiq4PogEKi9m+WDKoW8zKXX7XTxN
0sn9LkGQv1svovop8459QaWOY81dX/OZLOFR2kxjtTDgTmQmYZs+sSqn0Sxx2FvH
bj9Vg7jyv+SHn01UUJUibdHB1QlkCYF+vRFADZ8hdXxSj8+qEkm+qFNOnFdR8N7z
5s2jqXVnavyt5KSXfk2CvQ/8ednTXoYLsm0Ba6sEAmRiyhYxJTbORtC5/LYw9ti1
2kj7+97G6+brJHTFlFUx0brUqCrojQssU3sQsHw7QFOoJVH+58VwKUFvREGcHPZQ
E3R6kYXRneiU92PEGfB3abIhDJ9mI0bvIZQ3moRC+h7uaCcn
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:19 2025 by rpki-client