Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e584cad3-b485-48b5-a920-636e55268d8b.roa
File: e584cad3-b485-48b5-a920-636e55268d8b.roa (raw, json)
Hash identifier: 31SKhErq882LI5R5+vKpL/oWRUSoh94uUGg3WGMEmDg=
Subject key identifier: 9D:13:2F:89:C8:96:44:C7:38:9E:CB:B4:7E:04:90:1E:4F:85:A7:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C19E507378747F4893B63C7E2F50143BE984701
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e584cad3-b485-48b5-a920-636e55268d8b.roa
Signing time: Fri 11 Jul 2025 19:21:18 +0000
ROA not before: Fri 11 Jul 2025 19:21:18 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:19:e5:07:37:87:47:f4:89:3b:63:c7:e2:f5:01:43:be:98:47:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:21:18 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=25e2ba81d05777f616c11068d85f65eb79f14412b1fd367a5061b00a661249cb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b0:82:58:85:ec:6d:f7:cc:3c:e0:a9:44:89:
7c:84:5a:8f:d0:de:ed:d3:1d:31:a8:d1:58:b0:58:
1a:4f:30:d7:94:e1:af:96:a5:eb:27:d6:f6:dc:3d:
9e:60:9b:36:ad:c0:27:d3:c9:cd:75:1b:28:3d:4a:
59:b4:de:04:05:24:2f:2c:6e:fd:0c:47:eb:d8:57:
23:ef:21:e0:c5:8a:ba:88:32:d1:81:f7:36:38:76:
db:0a:56:7c:cc:fa:fc:a6:ce:23:bd:f8:af:47:e9:
84:cb:9f:29:79:10:ef:cf:31:e1:4d:44:c6:23:13:
58:8d:31:71:1f:37:3d:3b:72:39:e0:d0:17:16:33:
da:3e:47:34:ce:90:43:08:a3:40:c5:be:97:66:7a:
fb:3f:cf:2a:eb:a8:a1:ac:e6:b8:b7:f0:bf:51:9c:
7c:69:0f:de:c9:46:6c:ab:2d:b2:13:c5:92:5e:35:
b4:58:a8:de:f2:af:d2:27:48:d1:73:a9:2a:dd:4b:
d6:3c:2d:c5:10:62:94:c9:0c:71:9c:5e:7b:36:9b:
bd:61:c7:ca:9c:22:cb:fd:fc:76:55:a3:1f:71:7c:
cc:74:8e:62:0d:0d:70:25:94:11:4c:c2:13:2f:40:
bc:69:c3:31:55:3c:d8:db:62:b4:1a:e1:8f:64:5e:
b5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:13:2F:89:C8:96:44:C7:38:9E:CB:B4:7E:04:90:1E:4F:85:A7:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e584cad3-b485-48b5-a920-636e55268d8b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
39:dc:65:ba:b7:4f:70:ce:16:0c:bf:e5:cb:2e:70:31:37:a7:
2c:a2:32:8d:fc:a4:44:e0:8f:c6:68:42:f4:76:d9:94:a3:6d:
1a:fd:de:f4:46:ae:c8:e9:59:49:79:3a:5b:c5:fd:b7:6e:60:
15:cb:62:db:d5:b3:64:57:12:bf:51:d1:18:a9:ea:8f:51:41:
44:da:c0:e8:52:1d:17:1a:52:0c:0c:bf:5f:9e:00:dd:3b:1f:
64:24:90:1f:a1:cf:c2:30:f1:70:0a:52:28:e2:3b:88:d8:88:
16:fb:aa:24:7f:20:eb:95:e8:fd:4b:c4:4d:2c:6c:39:e1:dd:
f1:e4:20:a5:cd:96:00:cf:7c:6d:e2:f6:f2:f7:25:f7:bb:bb:
b9:9a:c3:b5:7f:b1:36:3d:44:b4:85:c9:4c:b3:8e:7a:7c:7e:
bf:b9:68:8f:71:7a:e4:a9:7a:48:14:95:f1:74:a1:9d:04:8a:
a4:56:48:1e:59:2c:4a:6b:24:ea:93:d5:cd:1d:69:b4:2a:38:
18:80:bb:ef:52:39:f4:c3:47:02:71:ea:f6:c8:4a:14:11:22:
f5:9d:9f:23:67:0f:62:e7:21:b7:41:9a:c6:57:1e:b8:fa:97:
25:53:21:7c:09:6c:b8:86:2a:31:97:10:e0:bf:3d:e0:67:78:
cb:c1:76:cb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULBnlBzeHR/SJO2PH4vUBQ76YRwEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIxMThaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1ZTJiYTgxZDA1Nzc3ZjYxNmMxMTA2OGQ4NWY2NWViNzlmMTQ0MTJiMWZk
MzY3YTUwNjFiMDBhNjYxMjQ5Y2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ2wgliF7G33zDzgqUSJfIRaj9De7dMdMajRWLBYGk8w15Thr5al6yfW9tw9
nmCbNq3AJ9PJzXUbKD1KWbTeBAUkLyxu/QxH69hXI+8h4MWKuogy0YH3Njh22wpW
fMz6/KbOI734r0fphMufKXkQ788x4U1ExiMTWI0xcR83PTtyOeDQFxYz2j5HNM6Q
QwijQMW+l2Z6+z/PKuuooazmuLfwv1GcfGkP3slGbKstshPFkl41tFio3vKv0idI
0XOpKt1L1jwtxRBilMkMcZxeezabvWHHypwiy/38dlWjH3F8zHSOYg0NcCWUEUzC
Ey9AvGnDMVU82NtitBrhj2RetdUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSdEy+J
yJZExziey7R+BJAeT4WntDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTU4NGNhZDMtYjQ4NS00OGI1LWE5MjAtNjM2ZTU1MjY4ZDhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
wDANBgkqhkiG9w0BAQsFAAOCAQEAOdxlurdPcM4WDL/lyy5wMTenLKIyjfykROCP
xmhC9HbZlKNtGv3e9EauyOlZSXk6W8X9t25gFcti29WzZFcSv1HRGKnqj1FBRNrA
6FIdFxpSDAy/X54A3TsfZCSQH6HPwjDxcApSKOI7iNiIFvuqJH8g65Xo/UvETSxs
OeHd8eQgpc2WAM98beL28vcl97u7uZrDtX+xNj1EtIXJTLOOenx+v7loj3F65Kl6
SBSV8XShnQSKpFZIHlksSmsk6pPVzR1ptCo4GIC771I59MNHAnHq9shKFBEi9Z2f
I2cPYucht0GaxlceuPqXJVMhfAlsuIYqMZcQ4L894Gd4y8F2yw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:47 2025 by rpki-client