Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
File: ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa (raw, json)
Hash identifier: V0oC278OfOc6pEC90Sdu+t27J0QhT7xoF61MsWFRp60=
Subject key identifier: 2F:AB:3E:0A:63:04:42:39:D8:61:33:E4:8F:3D:BA:F7:74:D6:EE:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 782BC8184C83B72AC2AAF649F9782406BE6BF623
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
Signing time: Fri 11 Jul 2025 20:31:42 +0000
ROA not before: Fri 11 Jul 2025 20:31:42 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:2b:c8:18:4c:83:b7:2a:c2:aa:f6:49:f9:78:24:06:be:6b:f6:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:31:42 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=0b566b5c7c46990956ae4696e4485d7d700dc93081cf40d4d545db3ced0758fe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:82:ad:16:ca:a0:c7:37:51:4e:1f:8f:bb:8f:
e8:bf:bf:b0:9b:2e:71:52:24:00:bb:c9:2b:c4:7f:
5d:ea:17:9f:ad:ca:ca:e3:cd:5f:ff:47:4c:9a:da:
63:04:bb:54:b8:52:f7:7d:65:ba:bc:2d:a3:79:37:
87:69:8e:21:b8:25:9f:4b:83:06:3a:43:da:6d:18:
31:d9:84:6a:4e:05:f0:dd:ed:50:dc:13:02:3c:cb:
da:c4:75:69:fc:55:fb:f3:19:a6:e1:45:17:6a:0c:
d7:40:f3:05:45:92:13:6a:7d:3d:8c:b3:8a:46:42:
a5:ff:94:20:18:5f:b2:03:92:d1:41:c5:c1:ef:b2:
98:b0:1d:cc:70:0f:f1:b8:20:6a:b2:6c:93:df:bf:
67:e0:b1:42:38:34:94:6f:c3:37:a8:1f:a9:c7:34:
e6:f7:df:9d:fa:35:1f:79:be:b2:08:79:a8:6e:ac:
73:0d:a3:b6:d8:4d:ac:ce:2b:44:ac:a1:cd:4d:3c:
25:c9:a2:14:1c:80:da:8c:81:24:0f:c3:76:da:17:
91:78:29:36:cd:48:76:f6:97:53:b9:4c:81:fe:0d:
83:27:d8:68:a5:8a:1c:f7:e0:9d:56:5e:5d:cf:07:
ed:9e:64:8e:4a:1e:b6:e7:b0:60:18:8a:dc:96:f1:
e7:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:AB:3E:0A:63:04:42:39:D8:61:33:E4:8F:3D:BA:F7:74:D6:EE:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:5000::/40
Signature Algorithm: sha256WithRSAEncryption
7f:ae:f9:cc:07:2f:e8:7a:fb:c2:ce:01:bf:3a:b5:10:aa:87:
fc:cd:57:08:f1:43:47:ef:f5:6e:3d:13:28:05:b7:96:74:bc:
e2:b6:f5:f8:75:ea:ea:f8:ac:49:a0:89:64:ab:6a:61:36:47:
76:5f:75:88:4c:3d:da:2a:08:e2:50:e9:7e:fd:14:02:98:87:
c4:6f:9e:2c:82:8e:ac:65:ea:18:8d:a9:9c:1e:26:2c:d4:eb:
ae:20:64:77:94:ce:50:3d:ac:2c:7e:6e:7f:47:ea:82:57:60:
aa:ba:3c:ce:a9:50:63:70:63:9f:84:30:7a:50:ce:34:e9:c1:
92:44:71:6b:7c:c9:33:0c:c4:ce:c2:7a:b4:45:cd:3a:42:05:
1b:91:2b:6c:29:21:cf:56:03:39:64:b2:66:01:f7:50:a0:c7:
38:04:d5:50:fe:a4:c4:61:35:da:ad:d3:9a:97:e5:a0:f3:bb:
65:8f:2d:f2:53:4e:f7:74:7d:bf:b5:82:7b:8d:23:22:36:62:
4f:b2:04:8a:06:35:4b:1a:3e:45:75:1c:1d:fc:23:50:36:e4:
99:b3:26:06:89:15:f6:c8:b0:4d:93:01:5d:63:aa:6c:8d:70:
2f:2e:7f:12:5b:ad:83:d7:d4:c8:b1:41:f8:22:1d:92:44:c8:
51:92:84:b7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeCvIGEyDtyrCqvZJ+XgkBr5r9iMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMxNDJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiNTY2YjVjN2M0Njk5MDk1NmFlNDY5NmU0NDg1ZDdkNzAwZGM5MzA4MWNm
NDBkNGQ1NDVkYjNjZWQwNzU4ZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANaCrRbKoMc3UU4fj7uP6L+/sJsucVIkALvJK8R/XeoXn63KyuPNX/9HTJra
YwS7VLhS931lurwto3k3h2mOIbgln0uDBjpD2m0YMdmEak4F8N3tUNwTAjzL2sR1
afxV+/MZpuFFF2oM10DzBUWSE2p9PYyzikZCpf+UIBhfsgOS0UHFwe+ymLAdzHAP
8bggarJsk9+/Z+CxQjg0lG/DN6gfqcc05vffnfo1H3m+sgh5qG6scw2jtthNrM4r
RKyhzU08JcmiFByA2oyBJA/DdtoXkXgpNs1IdvaXU7lMgf4NgyfYaKWKHPfgnVZe
Xc8H7Z5kjkoetuewYBiK3Jbx558CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQvqz4K
YwRCOdhhM+SPPbr3dNbuGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWExMGRhYzUtMzJjZS00YWFmLTgyOTctZmZkMWRiYzg1MjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DpQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB/rvnMBy/oevvCzgG/OrUQqof8zVcI8UNH7/Vu
PRMoBbeWdLzitvX4derq+KxJoIlkq2phNkd2X3WITD3aKgjiUOl+/RQCmIfEb54s
go6sZeoYjamcHiYs1OuuIGR3lM5QPawsfm5/R+qCV2CqujzOqVBjcGOfhDB6UM40
6cGSRHFrfMkzDMTOwnq0Rc06QgUbkStsKSHPVgM5ZLJmAfdQoMc4BNVQ/qTEYTXa
rdOal+Wg87tljy3yU073dH2/tYJ7jSMiNmJPsgSKBjVLGj5FdRwd/CNQNuSZsyYG
iRX2yLBNkwFdY6psjXAvLn8SW62D19TIsUH4Ih2SRMhRkoS3
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:42 2025 by rpki-client