Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa
File: e437969a-a36c-4417-88bd-c48ac88d9a5c.roa (raw, json)
Hash identifier: gYTAVsT/ZxdIOUuDhT0/XBOS3r7OTMEpjsn2qEBelrg=
Subject key identifier: 8F:E4:E7:F5:3B:14:1B:D3:1D:DA:B8:9C:E9:E0:4B:B0:5C:24:38:F3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61C25C20185913C9D07C8575013CF2FF49AF649A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa
Signing time: Fri 11 Jul 2025 19:21:22 +0000
ROA not before: Fri 11 Jul 2025 19:21:22 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:b080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:c2:5c:20:18:59:13:c9:d0:7c:85:75:01:3c:f2:ff:49:af:64:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:21:22 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=3815fab2dbddc9e72c44e1d8613ba68b1ad136f1ce7be7b0ccf36b7218d9bff3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f7:db:7c:c3:50:81:c3:a6:6c:3d:ab:23:87:
14:8f:4e:2a:d6:07:a6:73:2e:50:a0:52:18:8c:90:
bd:a6:ed:67:6f:8c:76:f4:f8:9c:09:9f:4e:ce:16:
40:84:c5:dd:50:ec:b8:68:13:e2:df:8a:d5:10:16:
eb:4a:c5:2d:e8:fe:d0:86:34:b5:ca:07:08:e1:9d:
94:ed:9c:41:3b:ba:d0:3a:a6:c0:91:0e:66:bf:5c:
7d:bd:79:f6:5d:c1:ed:b3:0f:09:7d:78:1a:69:5b:
43:6a:b6:04:eb:38:c1:93:09:18:2b:f8:f7:ec:bd:
e8:02:fb:36:9e:f9:27:c3:df:c9:19:c1:cc:33:71:
ae:0b:86:25:0c:70:b5:78:af:b0:45:b4:99:d2:52:
6e:fd:2c:01:46:f1:f9:ee:1d:34:24:fd:8d:6c:40:
a9:95:91:2f:ed:a1:f1:0e:82:7a:a7:e7:a8:0f:75:
1f:72:0b:5d:3a:a3:4a:5f:a7:fa:43:d8:77:fb:e7:
c3:f7:5f:99:8e:e0:45:9f:12:4b:66:38:07:e3:a8:
65:76:0c:11:8f:f4:3d:9b:0f:42:7c:fe:b1:fe:a7:
2f:1f:0d:a7:53:74:25:21:0e:82:e6:e6:42:9a:41:
14:f1:15:54:a7:ad:e8:e5:81:9c:1b:c2:74:0b:53:
34:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E4:E7:F5:3B:14:1B:D3:1D:DA:B8:9C:E9:E0:4B:B0:5C:24:38:F3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:b080::/48
Signature Algorithm: sha256WithRSAEncryption
9c:2a:e8:2e:26:19:84:d0:c4:3c:97:bd:49:1d:fa:70:00:5d:
aa:0d:01:aa:f9:5b:02:dc:29:61:f9:64:bc:19:38:f3:98:de:
a1:d2:34:7d:cc:ac:d3:51:c4:4a:ee:4f:11:cf:00:32:86:76:
65:80:42:df:a4:e7:35:4d:8c:12:da:0d:84:41:95:d4:9c:a1:
74:5f:7f:c5:dc:20:c7:b4:11:b5:5c:95:e1:1e:07:bc:fc:7e:
eb:4f:e8:6d:d3:37:39:2e:b9:bc:34:23:57:75:2b:21:b2:c9:
bf:ee:3a:aa:9e:3f:09:cd:b9:69:9a:9e:0d:d4:ef:cd:6f:19:
0f:2a:02:f8:d6:e7:ec:c3:0d:c6:cb:58:42:8e:20:41:bf:61:
c9:79:d8:37:49:d9:be:00:72:05:33:c2:94:72:c2:b2:6e:04:
37:6c:ea:ba:53:f4:4b:3b:df:9b:e7:fd:3b:c2:15:e7:e9:68:
88:b2:27:90:ec:d5:81:db:51:4e:34:b3:28:ed:59:31:89:18:
e8:4e:45:2a:78:9e:50:44:77:08:5d:d4:eb:b2:f5:37:4e:6b:
22:3e:f5:d5:72:9c:e7:61:81:16:08:6a:4f:b1:98:68:8a:76:
c8:41:79:ab:d8:f2:48:01:50:5b:3c:63:a4:c1:90:6c:bf:70:
9c:af:d8:be
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYcJcIBhZE8nQfIV1ATzy/0mvZJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIxMjJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4MTVmYWIyZGJkZGM5ZTcyYzQ0ZTFkODYxM2JhNjhiMWFkMTM2ZjFjZTdi
ZTdiMGNjZjM2YjcyMThkOWJmZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKn323zDUIHDpmw9qyOHFI9OKtYHpnMuUKBSGIyQvabtZ2+MdvT4nAmfTs4W
QITF3VDsuGgT4t+K1RAW60rFLej+0IY0tcoHCOGdlO2cQTu60DqmwJEOZr9cfb15
9l3B7bMPCX14GmlbQ2q2BOs4wZMJGCv49+y96AL7Np75J8PfyRnBzDNxrguGJQxw
tXivsEW0mdJSbv0sAUbx+e4dNCT9jWxAqZWRL+2h8Q6CeqfnqA91H3ILXTqjSl+n
+kPYd/vnw/dfmY7gRZ8SS2Y4B+OoZXYMEY/0PZsPQnz+sf6nLx8Np1N0JSEOgubm
QppBFPEVVKet6OWBnBvCdAtTNJcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSP5Of1
OxQb0x3auJzp4EuwXCQ48zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTQzNzk2OWEtYTM2Yy00NDE3LTg4YmQtYzQ4YWM4OGQ5YTVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Diw
gDANBgkqhkiG9w0BAQsFAAOCAQEAnCroLiYZhNDEPJe9SR36cABdqg0BqvlbAtwp
YflkvBk485jeodI0fcys01HESu5PEc8AMoZ2ZYBC36TnNU2MEtoNhEGV1JyhdF9/
xdwgx7QRtVyV4R4HvPx+60/obdM3OS65vDQjV3UrIbLJv+46qp4/Cc25aZqeDdTv
zW8ZDyoC+Nbn7MMNxstYQo4gQb9hyXnYN0nZvgByBTPClHLCsm4EN2zqulP0Szvf
m+f9O8IV5+loiLInkOzVgdtRTjSzKO1ZMYkY6E5FKnieUER3CF3U67L1N05rIj71
1XKc52GBFghqT7GYaIp2yEF5q9jySAFQWzxjpMGQbL9wnK/Yvg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:36:30 2025 by rpki-client