Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
File: e396d806-dffa-4609-8ae4-1e8fdbde728e.roa (raw, json)
Hash identifier: JYYe34xKlfDlqGcQ3922uLBWPHegbmwCMhLQ2HkVffI=
Subject key identifier: 97:69:47:36:A4:A1:9B:39:9B:2A:E3:9F:1B:61:3A:B5:F6:43:0A:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B4BBBD80A88626B8A2A55FF68D04AF49A58E071
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
Signing time: Fri 11 Jul 2025 19:01:09 +0000
ROA not before: Fri 11 Jul 2025 19:01:09 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:4b:bb:d8:0a:88:62:6b:8a:2a:55:ff:68:d0:4a:f4:9a:58:e0:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:01:09 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=840230309256f8df4f9fcbd63429a8565b63b9b16eeb09c4bc30316197f6dfbe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:85:d3:5d:eb:da:16:4b:f6:ed:f0:09:29:a4:
bf:58:56:7d:38:7a:ca:ee:e2:55:62:73:dc:1e:c4:
12:5d:c4:67:b3:5e:77:5a:4d:a3:cd:14:91:3a:3c:
fb:6b:ea:f3:6e:19:78:c1:e0:bd:44:74:0a:1c:2f:
d1:51:8e:21:2b:49:63:cd:c9:2d:10:d2:3e:b6:2a:
10:1e:29:f7:a6:21:eb:c7:1e:0a:aa:93:95:cc:29:
1b:df:9f:e2:f4:e4:a9:4f:f0:aa:32:3c:73:d2:24:
39:34:e9:c4:df:16:03:d3:3a:53:0b:68:24:c6:b0:
40:f5:3c:13:4e:20:5a:4d:fe:bd:a2:98:2a:50:a4:
10:31:c5:21:bb:a0:ea:f0:aa:9f:a7:22:cd:dc:a5:
13:33:87:aa:22:7d:33:77:2b:e6:63:e9:8c:49:1d:
d0:84:a0:fc:61:cb:1d:5d:fa:9e:3c:b4:32:e2:39:
09:09:fd:ae:78:d8:05:29:ff:d7:eb:b4:dc:30:84:
fa:92:cc:e4:17:dc:78:48:c4:c7:16:3d:02:19:cc:
48:be:fb:d0:79:77:b3:4b:e2:82:08:8a:14:2c:35:
1e:59:69:d4:e2:69:7a:d5:3a:06:b8:80:c0:9c:19:
f8:7d:e4:81:df:6d:08:c9:d8:97:f3:95:af:bc:43:
42:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:69:47:36:A4:A1:9B:39:9B:2A:E3:9F:1B:61:3A:B5:F6:43:0A:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
7e:e6:8f:53:b0:0d:6f:1d:15:4d:59:51:16:68:8d:06:6b:c9:
3d:8b:80:54:34:d4:ff:ad:d1:d1:62:35:35:a9:4a:d5:bc:29:
8a:68:74:ce:99:2c:d0:e2:77:da:f9:89:50:cd:43:2f:78:f4:
8a:2c:5f:7b:cc:e2:a4:37:08:39:11:6e:c2:84:28:69:14:be:
0c:a8:09:91:d7:ac:11:af:df:bc:5c:fd:bb:31:62:84:e7:3c:
ce:bc:cc:a0:42:f3:82:c5:7b:8e:dd:00:0e:08:b1:c1:87:18:
e2:73:ef:79:c5:cc:1f:e8:c4:f1:3d:c9:8d:76:67:1f:12:ef:
d8:0c:bb:30:df:ce:f2:ce:b9:d9:e7:51:e2:dd:e6:3d:ec:e6:
ce:fd:4c:03:79:63:06:29:38:40:86:43:59:4d:63:80:3d:3b:
a5:78:2e:ad:5e:50:a4:07:31:54:8b:42:92:69:8c:12:63:96:
b8:8f:c5:31:5d:21:6d:e7:dc:68:7a:c0:15:3b:0d:be:b8:0e:
52:82:89:e7:41:7d:5a:e0:74:42:4c:42:47:92:f9:7e:14:06:
c9:6e:f9:16:e6:57:57:ca:14:71:79:2f:3c:54:0f:af:fd:96:
ab:05:e0:18:2e:12:36:97:93:30:68:0a:c3:bb:1e:55:db:e6:
8b:c4:10:b1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUW0u72AqIYmuKKlX/aNBK9JpY4HEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTAxMDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0MDIzMDMwOTI1NmY4ZGY0ZjlmY2JkNjM0MjlhODU2NWI2M2I5YjE2ZWVi
MDljNGJjMzAzMTYxOTdmNmRmYmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKF013r2hZL9u3wCSmkv1hWfTh6yu7iVWJz3B7EEl3EZ7Ned1pNo80UkTo8
+2vq824ZeMHgvUR0Chwv0VGOIStJY83JLRDSPrYqEB4p96Yh68ceCqqTlcwpG9+f
4vTkqU/wqjI8c9IkOTTpxN8WA9M6UwtoJMawQPU8E04gWk3+vaKYKlCkEDHFIbug
6vCqn6cizdylEzOHqiJ9M3cr5mPpjEkd0ISg/GHLHV36njy0MuI5CQn9rnjYBSn/
1+u03DCE+pLM5BfceEjExxY9AhnMSL770Hl3s0viggiKFCw1Hllp1OJpetU6BriA
wJwZ+H3kgd9tCMnYl/OVr7xDQh8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSXaUc2
pKGbOZsq458bYTq19kMK5jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTM5NmQ4MDYtZGZmYS00NjA5LThhZTQtMWU4ZmRiZGU3MjhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg
wDANBgkqhkiG9w0BAQsFAAOCAQEAfuaPU7ANbx0VTVlRFmiNBmvJPYuAVDTU/63R
0WI1NalK1bwpimh0zpks0OJ32vmJUM1DL3j0iixfe8zipDcIORFuwoQoaRS+DKgJ
kdesEa/fvFz9uzFihOc8zrzMoELzgsV7jt0ADgixwYcY4nPvecXMH+jE8T3JjXZn
HxLv2Ay7MN/O8s652edR4t3mPezmzv1MA3ljBik4QIZDWU1jgD07pXgurV5QpAcx
VItCkmmMEmOWuI/FMV0hbefcaHrAFTsNvrgOUoKJ50F9WuB0QkxCR5L5fhQGyW75
FuZXV8oUcXkvPFQPr/2WqwXgGC4SNpeTMGgKw7seVdvmi8QQsQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:34:54 2025 by rpki-client