Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa
File: e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa (raw, json)
Hash identifier: ncKH7OCG5XpLSFMFNFsVBcSeLhYbenc1JygTKMPXIoU=
Subject key identifier: F7:BD:12:97:8A:E8:AE:DD:05:4C:26:5E:95:BA:2A:A4:31:9B:7B:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 05662600C416B9F6161402B62B05E8773B233385
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa
Signing time: Fri 11 Jul 2025 19:31:21 +0000
ROA not before: Fri 11 Jul 2025 19:31:21 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:66:26:00:c4:16:b9:f6:16:14:02:b6:2b:05:e8:77:3b:23:33:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:31:21 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=9a2476c5bf4638c734d5bc318b416587976c8c0ac8ac45b132e703d172453152, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:55:2b:21:2f:a5:69:a7:e8:82:4b:81:2c:8c:
3a:58:a5:9d:1a:5f:e4:73:1d:85:5e:f7:e6:19:8a:
7d:82:23:f1:3b:2b:ae:60:3a:ae:95:4b:13:c3:2d:
2c:e8:4b:c7:31:e0:82:c6:f9:1f:d2:c4:06:b9:de:
b2:08:b2:34:09:86:ac:6c:63:81:60:29:6d:aa:3f:
03:d2:36:21:5e:c8:72:ca:4e:4d:8b:eb:92:18:f8:
c5:48:68:ac:ec:6a:62:20:2b:12:db:b0:e5:76:dc:
8a:18:89:b6:35:4b:a8:d4:1b:5d:dd:ca:59:08:be:
7b:4c:ff:32:99:3f:1e:aa:9b:b2:3c:f4:33:24:29:
24:25:7a:c2:bc:f0:08:75:94:71:1e:06:11:e1:c7:
16:c7:0c:69:95:5e:62:56:f7:a5:fa:4b:49:8c:1b:
bc:0e:bc:e0:45:38:03:53:ce:23:b0:38:56:dc:c7:
f4:a8:1b:1a:5c:d0:e4:6b:73:f1:76:52:c6:7b:f1:
14:fa:b1:f5:53:24:7d:f6:1b:dc:77:98:83:ae:69:
7b:98:60:fc:d8:89:b2:a5:64:ad:f2:ae:76:92:86:
7c:63:06:e5:d8:48:51:34:46:c4:25:bc:0e:12:3e:
c4:cc:a4:15:ad:4b:4f:2e:02:d6:50:93:35:cf:d1:
00:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:BD:12:97:8A:E8:AE:DD:05:4C:26:5E:95:BA:2A:A4:31:9B:7B:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c040::/48
Signature Algorithm: sha256WithRSAEncryption
55:25:1e:d2:0b:55:93:4c:36:ec:0c:2b:48:12:cc:03:a8:7f:
58:3c:be:8b:5a:0b:0c:bb:bc:dd:d2:fc:c6:38:3f:df:0e:e4:
d2:10:25:43:11:8c:ce:77:1b:0d:17:cd:f1:86:03:b9:00:67:
b7:a2:7b:65:b0:6c:d8:36:f1:24:a4:9c:0d:68:af:4d:9b:89:
f9:fb:9b:b1:dd:36:fc:d6:1c:f3:55:79:48:ee:7d:2b:79:16:
3d:c1:d8:a6:fa:5c:49:e9:89:fb:da:fd:9e:68:97:45:00:9b:
54:76:dc:52:00:3f:9d:1a:27:90:45:48:17:20:8b:66:d0:8d:
82:04:3f:64:7f:56:c6:24:3a:8a:a6:5c:24:00:d9:b3:ed:d7:
d3:ca:cf:93:fb:5c:02:b0:6c:58:39:d5:ec:b8:66:23:dd:ec:
62:de:52:c2:33:1b:b4:30:e2:7d:de:41:bb:29:68:20:1a:95:
eb:60:b8:20:70:2b:52:3d:9e:8d:0b:16:b7:1f:0c:6a:fd:17:
ea:46:7f:71:17:7d:c9:b7:8c:87:78:51:7c:20:ef:fc:63:bd:
db:1d:2f:e9:52:8a:65:cf:1c:ec:b7:ae:15:9f:c0:3b:56:da:
cb:e6:42:03:39:93:63:16:c5:a7:e4:58:9c:2c:7e:a5:ec:a0:
d3:34:2d:fd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBWYmAMQWufYWFAK2KwXodzsjM4UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTMxMjFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhMjQ3NmM1YmY0NjM4YzczNGQ1YmMzMThiNDE2NTg3OTc2YzhjMGFjOGFj
NDViMTMyZTcwM2QxNzI0NTMxNTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOFVKyEvpWmn6IJLgSyMOlilnRpf5HMdhV735hmKfYIj8TsrrmA6rpVLE8Mt
LOhLxzHggsb5H9LEBrnesgiyNAmGrGxjgWApbao/A9I2IV7IcspOTYvrkhj4xUho
rOxqYiArEtuw5XbcihiJtjVLqNQbXd3KWQi+e0z/Mpk/Hqqbsjz0MyQpJCV6wrzw
CHWUcR4GEeHHFscMaZVeYlb3pfpLSYwbvA684EU4A1POI7A4VtzH9KgbGlzQ5Gtz
8XZSxnvxFPqx9VMkffYb3HeYg65pe5hg/NiJsqVkrfKudpKGfGMG5dhIUTRGxCW8
DhI+xMykFa1LTy4C1lCTNc/RABUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT3vRKX
iuiu3QVMJl6VuiqkMZt7lTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTkzMWNhYTktY2E0ZS00MjhhLWFhM2MtM2FmMzZlZmFmYzhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADA
QDANBgkqhkiG9w0BAQsFAAOCAQEAVSUe0gtVk0w27AwrSBLMA6h/WDy+i1oLDLu8
3dL8xjg/3w7k0hAlQxGMzncbDRfN8YYDuQBnt6J7ZbBs2DbxJKScDWivTZuJ+fub
sd02/NYc81V5SO59K3kWPcHYpvpcSemJ+9r9nmiXRQCbVHbcUgA/nRonkEVIFyCL
ZtCNggQ/ZH9WxiQ6iqZcJADZs+3X08rPk/tcArBsWDnV7LhmI93sYt5SwjMbtDDi
fd5BuyloIBqV62C4IHArUj2ejQsWtx8Mav0X6kZ/cRd9ybeMh3hRfCDv/GO92x0v
6VKKZc8c7LeuFZ/AO1bay+ZCAzmTYxbFp+RYnCx+peyg0zQt/Q==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:17 2025 by rpki-client