Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ead335a6-c944-4428-8125-039e74da6674.roa
File: ead335a6-c944-4428-8125-039e74da6674.roa (raw, json)
Hash identifier: FEDRi0A6mTFZSkJVPjGcul3poQBYT9FDV1yZL05cVWA=
Subject key identifier: 92:52:06:1D:FE:EE:A9:15:07:CD:C6:6C:B0:46:83:0C:BB:50:3F:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1EE6C34C16EADB7C0019C06B2CADF592F529BA5F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ead335a6-c944-4428-8125-039e74da6674.roa
Signing time: Fri 11 Jul 2025 20:01:16 +0000
ROA not before: Fri 11 Jul 2025 20:01:16 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:e6:c3:4c:16:ea:db:7c:00:19:c0:6b:2c:ad:f5:92:f5:29:ba:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:01:16 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=ab4d4a4080abb94c467113f0f7bf45e7fbae25fdfceed254fa7ce760acbc918d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:72:6d:52:bf:a7:8a:60:80:18:68:af:55:93:
22:9d:cd:5a:03:03:d2:5e:d0:c7:92:ef:b9:78:d3:
4f:82:17:b3:f8:da:5a:6b:e3:47:66:32:1f:dd:56:
3d:6d:c5:ed:fe:35:ff:34:b9:eb:7c:19:12:96:5a:
c4:1e:49:60:61:92:ee:7b:56:76:f4:b4:c1:28:06:
59:ed:a1:47:66:f4:a6:b2:63:be:98:74:2c:87:2f:
87:40:ce:b0:72:e6:3d:3d:c1:fb:fa:cf:db:ad:0e:
fe:64:55:d1:65:e8:f9:24:2c:55:de:6f:7f:fd:5a:
4c:54:3a:47:23:f0:f6:21:5d:25:8e:00:8a:cf:60:
6d:46:54:92:cd:20:ce:5f:af:09:90:6c:1a:43:ba:
80:a3:35:98:6f:3d:a0:98:95:91:2b:02:6c:dc:a3:
a8:d1:79:ff:5f:1b:98:c6:6b:8e:27:3d:4a:e7:1c:
33:38:de:29:c4:90:45:f5:ea:eb:ab:95:4d:2b:a4:
25:14:bc:2d:e8:8a:97:97:b7:db:cc:7a:23:2a:95:
12:c2:37:68:9e:ba:ee:c0:03:7c:2f:35:d5:5e:6b:
82:ab:d0:2a:09:7f:c1:f6:48:ff:00:38:f4:64:c2:
55:36:59:7b:99:3e:3e:70:c1:59:aa:1e:88:85:c4:
85:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:52:06:1D:FE:EE:A9:15:07:CD:C6:6C:B0:46:83:0C:BB:50:3F:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ead335a6-c944-4428-8125-039e74da6674.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:2000::/40
Signature Algorithm: sha256WithRSAEncryption
6e:5e:75:98:0f:a1:97:3c:33:51:43:d8:bd:35:b5:ca:f0:ba:
12:e6:b8:95:b1:68:c7:02:17:67:54:c6:c6:39:3b:97:7a:c6:
f3:63:7b:a6:0a:69:01:de:98:29:0e:49:bc:20:18:82:cb:77:
1e:91:a7:f0:7d:df:9d:35:be:ea:c7:18:38:44:bc:e5:e8:ca:
b1:4a:b7:d4:e6:c2:7f:aa:fd:d7:a3:b1:88:1c:50:36:f5:50:
2a:fd:d2:10:20:9c:6e:e3:94:88:7a:fc:be:57:75:5f:f5:c4:
63:41:66:8e:58:ab:f7:0c:e0:5e:8a:a0:70:db:45:7d:96:54:
54:38:71:75:c2:2a:83:9b:95:30:85:95:eb:ba:55:18:c9:ae:
eb:f1:48:f7:2b:c2:ae:f1:83:12:d5:4a:83:34:c9:a4:3a:22:
3f:c5:6e:4e:6c:48:e1:ba:b5:c9:fb:a0:57:da:7a:57:74:2f:
2c:03:82:17:e5:05:3b:2b:e0:6e:81:df:f7:07:d8:a8:20:d5:
14:1c:8b:34:9b:80:e5:97:27:18:2c:af:ce:a1:3a:4f:30:a0:
0b:47:a4:59:7b:36:bd:18:f7:ce:c8:ec:99:25:82:e0:fc:b9:
03:f5:3f:f5:9e:cf:29:40:15:7e:a8:b7:f5:1a:41:0d:0d:a3:
50:54:c2:51
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHubDTBbq23wAGcBrLK31kvUpul8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAxMTZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiNGQ0YTQwODBhYmI5NGM0NjcxMTNmMGY3YmY0NWU3ZmJhZTI1ZmRmY2Vl
ZDI1NGZhN2NlNzYwYWNiYzkxOGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJybVK/p4pggBhor1WTIp3NWgMD0l7Qx5LvuXjTT4IXs/jaWmvjR2YyH91W
PW3F7f41/zS563wZEpZaxB5JYGGS7ntWdvS0wSgGWe2hR2b0prJjvph0LIcvh0DO
sHLmPT3B+/rP260O/mRV0WXo+SQsVd5vf/1aTFQ6RyPw9iFdJY4Ais9gbUZUks0g
zl+vCZBsGkO6gKM1mG89oJiVkSsCbNyjqNF5/18bmMZrjic9SuccMzjeKcSQRfXq
66uVTSukJRS8LeiKl5e328x6IyqVEsI3aJ667sADfC811V5rgqvQKgl/wfZI/wA4
9GTCVTZZe5k+PnDBWaoeiIXEhX0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSSUgYd
/u6pFQfNxmywRoMMu1A/0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWFkMzM1YTYtYzk0NC00NDI4LTgxMjUtMDM5ZTc0ZGE2Njc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hsg
MA0GCSqGSIb3DQEBCwUAA4IBAQBuXnWYD6GXPDNRQ9i9NbXK8LoS5riVsWjHAhdn
VMbGOTuXesbzY3umCmkB3pgpDkm8IBiCy3cekafwfd+dNb7qxxg4RLzl6MqxSrfU
5sJ/qv3Xo7GIHFA29VAq/dIQIJxu45SIevy+V3Vf9cRjQWaOWKv3DOBeiqBw20V9
llRUOHF1wiqDm5UwhZXrulUYya7r8Uj3K8Ku8YMS1UqDNMmkOiI/xW5ObEjhurXJ
+6BX2npXdC8sA4IX5QU7K+Bugd/3B9ioINUUHIs0m4DllycYLK/OoTpPMKALR6RZ
eza9GPfOyOyZJYLg/LkD9T/1ns8pQBV+qLf1GkENDaNQVMJR
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:42 2025 by rpki-client