Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa
File: e234d9fb-5639-4264-99c1-35b39c1e56b5.roa (raw, json)
Hash identifier: w/EMYk2BGXgehYNoyg6xwnmtC/3JXK6HLn3ekeDwOAg=
Subject key identifier: C4:11:DF:C1:AD:76:7A:B9:D3:30:74:69:2C:05:C7:5D:8C:8B:05:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A51E1D108B41886D7DE9323FA8899FCFA69B183
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa
Signing time: Sat 12 Jul 2025 00:51:20 +0000
ROA not before: Sat 12 Jul 2025 00:51:20 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:51:e1:d1:08:b4:18:86:d7:de:93:23:fa:88:99:fc:fa:69:b1:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:51:20 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=66098a468ab6f8703392b134bc2036e38a2f4431cb4324ce60a5021554b4f111, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c2:13:e7:62:b9:82:a5:40:65:63:2a:f8:24:
27:78:f3:4d:05:1a:fa:24:d5:d7:79:cc:47:2c:14:
9c:f5:b9:88:98:02:57:37:e8:9d:2f:d7:27:f5:e2:
75:60:a5:8a:23:e0:dc:06:fd:ee:7d:67:c0:5f:9f:
e4:2a:61:d2:b0:c4:6d:76:47:3c:d3:d4:1e:ce:3c:
68:1b:b5:d0:66:9d:90:0d:aa:9a:fe:a8:19:57:c3:
37:16:c4:74:1c:32:ed:76:c6:59:5f:8a:98:3b:a1:
31:bc:3b:9e:9d:e3:ec:d5:b1:fd:96:45:14:06:bb:
78:77:cb:d5:1f:9b:3d:f3:d9:84:7a:18:f1:33:54:
56:0e:66:76:1f:e0:d9:d9:d9:24:20:42:f8:1c:bb:
bb:c1:f5:cb:2a:21:6b:48:22:a7:f6:99:29:b9:17:
96:fa:53:c9:df:2c:6c:d8:b6:90:ca:9b:66:af:55:
0f:1c:fb:f8:1d:47:45:53:b5:22:dd:16:b1:f4:09:
96:66:e9:b7:bd:5a:74:84:b5:fa:7e:ab:90:e5:0d:
57:05:6f:89:8e:11:96:8e:20:75:09:97:66:db:60:
cd:79:62:e3:a4:20:5d:b3:be:7c:80:33:eb:3c:d2:
35:a0:84:c2:fd:ca:c1:d5:18:42:54:bf:6d:b2:75:
dd:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:11:DF:C1:AD:76:7A:B9:D3:30:74:69:2C:05:C7:5D:8C:8B:05:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:2000::/40
Signature Algorithm: sha256WithRSAEncryption
38:fc:15:b2:70:f4:6f:7d:6d:70:27:72:de:ca:4d:d6:26:76:
e6:17:50:aa:e6:d4:05:bf:91:a8:60:01:35:e4:d8:9d:26:71:
0e:48:aa:f3:3f:7b:1a:11:57:ba:0b:88:d2:f9:85:25:dc:c1:
8b:56:25:58:d5:28:9c:f9:b3:75:1b:69:95:c7:d7:ad:be:7b:
bc:b7:f4:91:c2:90:5f:54:58:a5:dc:4e:c6:08:5e:a0:32:7f:
14:b0:14:f9:15:8f:cf:bc:5a:0f:3e:6d:14:2f:e7:ba:a0:70:
0f:dc:70:76:d4:f4:43:7b:99:ba:8d:d9:58:48:8e:dd:11:74:
61:db:48:75:a0:8e:34:7b:59:f8:33:c0:4c:e0:57:1a:62:3c:
0e:b2:6a:b0:82:52:e6:d6:20:3d:86:3d:0d:fe:85:8e:28:59:
a8:dc:c6:ca:4b:d9:b4:01:8b:49:17:e5:a0:00:4f:55:81:2e:
9f:b8:4b:ff:0f:88:a0:4d:83:25:18:bb:65:d7:f0:96:a8:11:
cc:de:2a:7f:4d:0f:ed:30:dc:7f:59:79:7f:3e:9a:21:fa:ce:
11:bb:0e:98:ea:96:a1:ee:9c:eb:69:0e:a3:6f:c1:31:fc:54:
1d:77:6f:87:d3:ab:e2:58:bf:55:4c:40:57:ce:81:6a:f3:48:
21:1e:80:99
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOlHh0Qi0GIbX3pMj+oiZ/PppsYMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUxMjBaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2MDk4YTQ2OGFiNmY4NzAzMzkyYjEzNGJjMjAzNmUzOGEyZjQ0MzFjYjQz
MjRjZTYwYTUwMjE1NTRiNGYxMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjCE+diuYKlQGVjKvgkJ3jzTQUa+iTV13nMRywUnPW5iJgCVzfonS/XJ/Xi
dWCliiPg3Ab97n1nwF+f5Cph0rDEbXZHPNPUHs48aBu10GadkA2qmv6oGVfDNxbE
dBwy7XbGWV+KmDuhMbw7np3j7NWx/ZZFFAa7eHfL1R+bPfPZhHoY8TNUVg5mdh/g
2dnZJCBC+By7u8H1yyoha0gip/aZKbkXlvpTyd8sbNi2kMqbZq9VDxz7+B1HRVO1
It0WsfQJlmbpt71adIS1+n6rkOUNVwVviY4Rlo4gdQmXZttgzXli46QgXbO+fIAz
6zzSNaCEwv3KwdUYQlS/bbJ13QUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTEEd/B
rXZ6udMwdGksBcddjIsFGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTIzNGQ5ZmItNTYzOS00MjY0LTk5YzEtMzViMzljMWU1NmI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8g
MA0GCSqGSIb3DQEBCwUAA4IBAQA4/BWycPRvfW1wJ3Leyk3WJnbmF1Cq5tQFv5Go
YAE15NidJnEOSKrzP3saEVe6C4jS+YUl3MGLViVY1Sic+bN1G2mVx9etvnu8t/SR
wpBfVFil3E7GCF6gMn8UsBT5FY/PvFoPPm0UL+e6oHAP3HB21PRDe5m6jdlYSI7d
EXRh20h1oI40e1n4M8BM4FcaYjwOsmqwglLm1iA9hj0N/oWOKFmo3MbKS9m0AYtJ
F+WgAE9VgS6fuEv/D4igTYMlGLtl1/CWqBHM3ip/TQ/tMNx/WXl/Ppoh+s4Ruw6Y
6pah7pzraQ6jb8Ex/FQdd2+H06viWL9VTEBXzoFq80ghHoCZ
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:34:52 2025 by rpki-client