Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e20afb98-f3fb-45c2-9398-65129b8874f0.roa
File: e20afb98-f3fb-45c2-9398-65129b8874f0.roa (raw, json)
Hash identifier: nmtckJu943Qycr/YAAr6d2xqmCL9F6WOd55azIUGwgs=
Subject key identifier: 1B:28:89:41:52:C3:BB:CF:B3:AE:34:F5:2A:D6:7A:F0:91:BD:6B:EA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0416BEF226DB2EA0C9A5AD5D22632BC16BB3610D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e20afb98-f3fb-45c2-9398-65129b8874f0.roa
Signing time: Fri 11 Jul 2025 18:51:29 +0000
ROA not before: Fri 11 Jul 2025 18:51:29 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:16:be:f2:26:db:2e:a0:c9:a5:ad:5d:22:63:2b:c1:6b:b3:61:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:51:29 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=84129f3372d18580a313f7840711a05b214c35bf90f88053fd85df1da430542e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:c6:6d:47:2e:28:e3:c2:fb:5a:4e:67:1a:57:
68:89:2b:af:85:d4:1c:da:b9:11:3c:97:e0:0f:b6:
a6:84:f6:96:4b:f5:5e:1e:41:dc:59:31:d2:b3:b4:
b9:23:3a:3b:49:c4:23:2f:4e:d4:89:b8:50:e9:99:
77:d1:ad:fa:74:c6:af:14:7c:a9:49:44:c5:db:bf:
2b:33:49:c7:9f:c7:0e:1d:8f:be:3b:63:78:dd:31:
a3:f6:ce:68:9a:7f:97:60:72:55:e1:5b:b4:68:a0:
ea:f6:b2:38:11:e1:c4:8b:19:27:5d:ee:24:24:96:
44:e1:d5:38:8b:2e:d2:c4:4a:7f:5b:c4:c8:20:83:
d5:5d:78:95:36:7f:b0:b7:a7:2b:35:4c:8f:cc:77:
36:6c:de:9d:0a:5c:ed:55:0f:62:8d:cc:7e:2b:3c:
39:d2:ae:de:b2:96:a9:7e:18:fc:85:9b:0d:cb:4b:
7a:87:a5:d9:5f:11:27:e6:63:68:49:af:0a:c4:b3:
d7:16:7c:4f:65:16:62:96:73:8c:e8:79:e2:43:66:
5a:0d:22:e5:ae:42:26:37:d4:c0:d3:53:df:e5:0a:
a1:63:40:6d:28:0a:54:db:c6:cb:44:55:37:19:11:
b8:bb:b7:fa:69:e2:0e:00:cf:2f:aa:86:b5:b5:b6:
60:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:28:89:41:52:C3:BB:CF:B3:AE:34:F5:2A:D6:7A:F0:91:BD:6B:EA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e20afb98-f3fb-45c2-9398-65129b8874f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
1c:ec:ab:3e:af:97:6f:3d:e9:93:73:fd:7c:2b:ec:54:11:0c:
86:f1:96:5a:a7:55:9f:b2:89:0f:55:08:9b:c7:d5:5b:61:e4:
df:ba:e8:d4:cd:86:c3:e4:0a:2b:ea:b2:bf:2e:56:50:49:8b:
d0:b6:9d:98:5d:18:a9:ff:ed:61:6e:f6:4f:a8:c6:61:f2:2c:
07:8a:4a:85:d1:de:9d:0c:cc:50:99:ca:be:58:2a:c1:5a:a5:
a5:93:e1:65:c3:ee:22:b5:07:60:df:57:67:1f:a4:6c:42:ae:
b3:ce:a3:70:02:89:e2:86:2a:c2:20:f6:e1:f8:49:b9:de:8b:
a4:0d:ae:3c:bf:0b:72:c5:9d:02:6a:2d:b0:fb:4d:29:e3:8e:
1a:cf:64:ca:64:fa:e9:fd:0f:1c:ac:30:c0:60:27:a3:45:2f:
cc:bd:01:ba:57:16:f1:49:94:80:26:50:bf:3f:c7:69:b1:92:
d2:8c:9c:86:d6:c8:50:56:f5:73:45:ed:3f:a3:07:34:0b:8f:
d5:d0:e3:72:02:15:f1:80:90:63:4b:d0:c4:cf:90:59:2c:cf:
13:5a:be:b8:af:79:57:7e:53:d4:1a:bc:a4:ad:25:35:b6:23:
d2:c1:d7:eb:79:0c:21:da:83:f3:43:f1:2a:63:9a:60:97:62:
f3:93:eb:1a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBBa+8ibbLqDJpa1dImMrwWuzYQ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODUxMjlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0MTI5ZjMzNzJkMTg1ODBhMzEzZjc4NDA3MTFhMDViMjE0YzM1YmY5MGY4
ODA1M2ZkODVkZjFkYTQzMDU0MmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPTGbUcuKOPC+1pOZxpXaIkrr4XUHNq5ETyX4A+2poT2lkv1Xh5B3Fkx0rO0
uSM6O0nEIy9O1Im4UOmZd9Gt+nTGrxR8qUlExdu/KzNJx5/HDh2PvjtjeN0xo/bO
aJp/l2ByVeFbtGig6vayOBHhxIsZJ13uJCSWROHVOIsu0sRKf1vEyCCD1V14lTZ/
sLenKzVMj8x3NmzenQpc7VUPYo3Mfis8OdKu3rKWqX4Y/IWbDctLeoel2V8RJ+Zj
aEmvCsSz1xZ8T2UWYpZzjOh54kNmWg0i5a5CJjfUwNNT3+UKoWNAbSgKVNvGy0RV
NxkRuLu3+mniDgDPL6qGtbW2YHUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQbKIlB
UsO7z7OuNPUq1nrwkb1r6jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTIwYWZiOTgtZjNmYi00NWMyLTkzOTgtNjUxMjliODg3NGYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg
wDANBgkqhkiG9w0BAQsFAAOCAQEAHOyrPq+Xbz3pk3P9fCvsVBEMhvGWWqdVn7KJ
D1UIm8fVW2Hk37ro1M2Gw+QKK+qyvy5WUEmL0LadmF0Yqf/tYW72T6jGYfIsB4pK
hdHenQzMUJnKvlgqwVqlpZPhZcPuIrUHYN9XZx+kbEKus86jcAKJ4oYqwiD24fhJ
ud6LpA2uPL8LcsWdAmotsPtNKeOOGs9kymT66f0PHKwwwGAno0UvzL0BulcW8UmU
gCZQvz/HabGS0oychtbIUFb1c0XtP6MHNAuP1dDjcgIV8YCQY0vQxM+QWSzPE1q+
uK95V35T1Bq8pK0lNbYj0sHX63kMIdqD80PxKmOaYJdi85PrGg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:22 2025 by rpki-client