Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
File: e84166dd-4497-414d-9864-983017c7c326.roa (raw, json)
Hash identifier: hDVLAMqv3Cv3Qfh8/jnO2g6IVwJBqHIyic4ySIymrcE=
Subject key identifier: 64:E3:40:5B:7B:FF:88:98:82:E4:27:37:46:BD:B0:33:44:11:08:0B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54D9E5C1250E334CB4EDCA3C36F0ADF2C50E5A0A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
Signing time: Fri 11 Jul 2025 20:21:04 +0000
ROA not before: Fri 11 Jul 2025 20:21:04 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:d9:e5:c1:25:0e:33:4c:b4:ed:ca:3c:36:f0:ad:f2:c5:0e:5a:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:21:04 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=4bd7ce1f0105c8c638b9c51a1233084a3151921800b043a9c9862568b8cca6a4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c0:a5:2d:f7:91:3d:6e:c2:95:5a:59:5e:14:
60:b8:3a:7d:e8:a1:9e:2d:9e:af:1b:a1:5d:9a:48:
bc:a3:bc:22:df:15:b8:e0:5b:b4:e5:e5:06:dd:2d:
95:7e:6e:aa:b8:4f:73:d5:3a:0d:8d:c6:d9:77:d6:
00:cd:83:05:e6:39:2e:80:70:a7:72:bf:85:41:23:
4a:14:0c:8c:c0:9c:f4:d4:ed:e6:af:e1:87:a1:fe:
9d:1d:68:9a:18:ba:b2:71:38:5f:ad:df:3b:44:e3:
2f:ee:b3:71:b2:22:1b:af:cc:2e:d0:5b:59:59:09:
9b:e5:d4:f1:8f:dd:4a:41:b5:dd:05:3a:b7:81:17:
ec:d5:ba:3f:5e:7e:25:f1:8c:e0:67:22:3b:05:43:
be:a5:47:9b:30:d8:f1:fc:58:b0:94:45:92:68:c4:
6b:db:f3:e9:ed:f7:f0:3b:23:44:f4:cc:cc:53:c1:
0b:6b:09:82:0e:0b:d7:ab:a0:c6:59:d4:af:39:6d:
d4:ea:0f:de:f8:8d:bf:72:38:87:85:cb:f6:c2:9f:
16:52:a8:e9:80:ad:25:6b:41:19:f9:d2:3c:a0:61:
89:cd:db:b5:80:26:2f:5e:f0:70:ff:9d:de:07:92:
1a:02:c4:53:17:df:25:56:c7:18:99:e8:ac:cc:ef:
8a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E3:40:5B:7B:FF:88:98:82:E4:27:37:46:BD:B0:33:44:11:08:0B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:5000::/40
Signature Algorithm: sha256WithRSAEncryption
42:a4:d3:f9:82:aa:cb:0f:a2:7d:08:7a:14:e6:7e:5e:cf:64:
7b:79:16:75:a8:ce:ec:7a:cf:bd:15:36:59:90:96:50:88:a5:
f1:9c:5e:73:81:17:42:b9:13:e1:00:37:e3:33:79:75:82:3b:
80:7a:58:1e:b6:29:a2:85:94:8f:a8:3d:97:44:60:1e:1e:21:
20:42:ae:e1:11:03:3b:31:a7:6f:b5:6b:3a:f6:05:63:19:b1:
8d:ec:88:c5:27:5a:96:92:2b:60:1b:a5:47:72:7b:0b:a6:c4:
7b:b4:64:48:f1:56:7f:38:ce:fc:58:6b:0b:bd:33:8f:6a:59:
81:55:22:7e:41:f8:a1:98:f3:4a:2b:ef:23:e6:4e:0c:6c:db:
69:f5:c7:6a:49:28:97:24:44:07:5c:86:39:99:d8:a8:d5:82:
05:9c:b5:6b:30:47:0c:d5:66:20:8b:f3:03:71:e6:00:2e:97:
b5:08:3c:c6:e0:78:dc:1f:50:67:4d:53:b2:d9:83:cf:62:80:
f4:01:e1:49:96:a9:cc:1c:89:39:75:c6:b5:5d:23:6d:fe:7c:
db:a9:2e:49:97:75:63:5a:d0:03:85:f1:ae:14:1b:bb:7e:7c:
20:61:07:9d:e1:f8:2a:db:b1:3f:ab:33:b9:f5:a3:85:50:d4:
54:9f:e3:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVNnlwSUOM0y07co8NvCt8sUOWgowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDIxMDRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiZDdjZTFmMDEwNWM4YzYzOGI5YzUxYTEyMzMwODRhMzE1MTkyMTgwMGIw
NDNhOWM5ODYyNTY4YjhjY2E2YTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfApS33kT1uwpVaWV4UYLg6feihni2erxuhXZpIvKO8It8VuOBbtOXlBt0t
lX5uqrhPc9U6DY3G2XfWAM2DBeY5LoBwp3K/hUEjShQMjMCc9NTt5q/hh6H+nR1o
mhi6snE4X63fO0TjL+6zcbIiG6/MLtBbWVkJm+XU8Y/dSkG13QU6t4EX7NW6P15+
JfGM4GciOwVDvqVHmzDY8fxYsJRFkmjEa9vz6e338DsjRPTMzFPBC2sJgg4L16ug
xlnUrzlt1OoP3viNv3I4h4XL9sKfFlKo6YCtJWtBGfnSPKBhic3btYAmL17wcP+d
3geSGgLEUxffJVbHGJnorMzviuMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRk40Bb
e/+ImILkJzdGvbAzRBEICzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg0MTY2ZGQtNDQ5Ny00MTRkLTk4NjQtOTgzMDE3YzdjMzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBCpNP5gqrLD6J9CHoU5n5ez2R7eRZ1qM7ses+9
FTZZkJZQiKXxnF5zgRdCuRPhADfjM3l1gjuAelgetimihZSPqD2XRGAeHiEgQq7h
EQM7MadvtWs69gVjGbGN7IjFJ1qWkitgG6VHcnsLpsR7tGRI8VZ/OM78WGsLvTOP
almBVSJ+QfihmPNKK+8j5k4MbNtp9cdqSSiXJEQHXIY5mdio1YIFnLVrMEcM1WYg
i/MDceYALpe1CDzG4HjcH1BnTVOy2YPPYoD0AeFJlqnMHIk5dca1XSNt/nzbqS5J
l3VjWtADhfGuFBu7fnwgYQed4fgq27E/qzO59aOFUNRUn+N0
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:37 2025 by rpki-client