Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
File: ea271f77-763d-42f8-a315-60081847d059.roa (raw, json)
Hash identifier: EkCu7wy4WSoVQ4ANpoZyfxPZHuuLHXOSdNhpH9Oy/4w=
Subject key identifier: A1:BD:BD:CD:E8:C1:A6:CE:64:ED:E0:5F:10:11:93:2E:F0:88:80:D9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51395EFEBEEEA355DE909ACC7A348F1232D8D748
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
Signing time: Fri 11 Jul 2025 18:40:13 +0000
ROA not before: Fri 11 Jul 2025 18:40:13 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:39:5e:fe:be:ee:a3:55:de:90:9a:cc:7a:34:8f:12:32:d8:d7:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:40:13 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=f22769fba250fa5d6b77f299b9fd1416d609be7c86a08dc05bd73e1cef31cb79, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:40:32:63:b1:fa:c1:b8:2c:97:57:25:3d:86:
e8:9b:01:a2:14:82:99:e7:cb:e5:88:db:a4:93:6d:
af:5e:af:6c:51:a2:69:ff:2a:b7:6a:a2:c2:96:3c:
89:b7:2d:54:62:9f:75:6e:1a:f9:ad:56:b5:83:dd:
0a:0d:4e:3a:42:46:0e:4b:32:a5:dd:3a:d0:fc:73:
d3:b8:43:89:4a:3f:94:c8:e1:6d:ea:3d:31:15:b7:
86:7e:9a:06:e1:72:b8:52:44:40:4b:cc:f6:fd:0b:
34:a3:84:96:f9:5f:13:88:5e:8d:6b:ad:4a:89:2b:
b6:1a:8a:78:fb:98:da:e7:a9:11:63:2c:99:86:32:
53:3f:c6:58:5f:20:f2:3b:a6:d4:90:ff:29:44:fc:
9f:f3:79:57:dd:7e:96:2b:dd:97:78:78:77:2d:29:
c8:19:c6:51:39:bb:fc:e2:31:43:51:93:55:64:39:
d5:c7:cb:5b:cf:eb:f1:94:1b:8c:38:67:2a:64:d5:
77:3f:b2:1e:e0:43:79:0c:44:02:a9:dd:77:f4:9b:
fa:c1:7d:c8:5c:d4:e6:0a:be:c3:aa:d1:92:2a:09:
8e:ee:2c:08:39:41:f6:a7:cf:d5:1c:71:e6:ff:fd:
69:fd:c9:5b:fc:9f:0f:e1:51:d1:bd:7c:82:c4:9b:
f1:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:BD:BD:CD:E8:C1:A6:CE:64:ED:E0:5F:10:11:93:2E:F0:88:80:D9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e040::/48
Signature Algorithm: sha256WithRSAEncryption
13:47:cb:50:de:a7:25:0c:1d:01:42:0b:c5:e8:80:7e:12:49:
ef:e6:bb:a3:8f:98:b5:58:57:09:2c:00:99:e7:a3:8b:b6:4f:
54:f0:a9:f6:67:8f:f1:07:9c:ce:00:7f:3d:fa:fd:69:b6:c9:
0c:6e:8d:91:5c:78:7e:c5:7f:05:2e:92:a4:d8:f3:90:80:02:
52:cc:93:d2:93:1d:67:16:ba:5f:c7:51:76:e7:d5:cb:94:b9:
cf:17:a1:c4:b9:52:c3:78:2f:36:38:0e:0a:98:80:ab:63:c8:
6a:2c:f6:70:38:0b:f9:a6:16:6d:0e:c8:ec:e3:b0:7f:3c:2d:
fc:4f:d8:84:63:89:b5:30:0d:2a:8f:ae:a4:f9:1f:e0:d0:1b:
e8:71:52:7c:75:66:7a:d0:5c:06:3b:0e:89:82:06:35:eb:9a:
0c:22:6e:05:f5:a1:a9:25:55:1b:89:f0:92:d2:50:bc:cf:3a:
1f:c0:ff:6a:72:2e:e6:32:f4:44:53:6d:e1:de:d3:2f:d3:3b:
4a:8c:b2:da:2d:9a:56:c8:81:18:af:af:55:86:45:5a:d0:4a:
4f:95:01:c2:f9:a4:cb:5f:0f:6f:56:92:af:87:fb:de:84:f6:
e8:33:aa:da:7a:76:65:cc:fa:60:ab:c3:14:73:dd:9b:5c:d2:
43:3a:14:f4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUTle/r7uo1XekJrMejSPEjLY10gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQwMTNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyMjc2OWZiYTI1MGZhNWQ2Yjc3ZjI5OWI5ZmQxNDE2ZDYwOWJlN2M4NmEw
OGRjMDViZDczZTFjZWYzMWNiNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOZAMmOx+sG4LJdXJT2G6JsBohSCmefL5YjbpJNtr16vbFGiaf8qt2qiwpY8
ibctVGKfdW4a+a1WtYPdCg1OOkJGDksypd060Pxz07hDiUo/lMjhbeo9MRW3hn6a
BuFyuFJEQEvM9v0LNKOElvlfE4hejWutSokrthqKePuY2uepEWMsmYYyUz/GWF8g
8jum1JD/KUT8n/N5V91+livdl3h4dy0pyBnGUTm7/OIxQ1GTVWQ51cfLW8/r8ZQb
jDhnKmTVdz+yHuBDeQxEAqndd/Sb+sF9yFzU5gq+w6rRkioJju4sCDlB9qfP1Rxx
5v/9af3JW/yfD+FR0b18gsSb8TUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBShvb3N
6MGmzmTt4F8QEZMu8IiA2TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWEyNzFmNzctNzYzZC00MmY4LWEzMTUtNjAwODE4NDdkMDU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg
QDANBgkqhkiG9w0BAQsFAAOCAQEAE0fLUN6nJQwdAUILxeiAfhJJ7+a7o4+YtVhX
CSwAmeeji7ZPVPCp9meP8QeczgB/Pfr9abbJDG6NkVx4fsV/BS6SpNjzkIACUsyT
0pMdZxa6X8dRdufVy5S5zxehxLlSw3gvNjgOCpiAq2PIaiz2cDgL+aYWbQ7I7OOw
fzwt/E/YhGOJtTANKo+upPkf4NAb6HFSfHVmetBcBjsOiYIGNeuaDCJuBfWhqSVV
G4nwktJQvM86H8D/anIu5jL0RFNt4d7TL9M7Soyy2i2aVsiBGK+vVYZFWtBKT5UB
wvmky18Pb1aSr4f73oT26DOq2np2Zcz6YKvDFHPdm1zSQzoU9A==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:13 2025 by rpki-client