Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ebcfa3d0-0fee-4dc1-aa5d-0061f89669ab.roa
File: ebcfa3d0-0fee-4dc1-aa5d-0061f89669ab.roa (raw, json)
Hash identifier: c1g/JisfubDB6CPux/W9o/7hH4msp8c4sIoeEk3mTKQ=
Subject key identifier: 3A:FE:51:94:DE:DF:3B:E6:FC:81:B7:B8:97:E9:89:3E:7F:F2:C2:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1386886044EABF901501AF4AC7AE474A3A1B3529
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ebcfa3d0-0fee-4dc1-aa5d-0061f89669ab.roa
Signing time: Fri 11 Jul 2025 19:41:37 +0000
ROA not before: Fri 11 Jul 2025 19:41:37 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:9080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:86:88:60:44:ea:bf:90:15:01:af:4a:c7:ae:47:4a:3a:1b:35:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:41:37 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=413aa977adb814a90f1b876c57052fcf753e333356321c058f628cc37b4397c6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5d:d6:7f:68:48:25:9c:f2:4a:17:4b:89:5a:
29:04:df:b2:b2:5a:31:35:64:8f:1e:4e:a8:72:b0:
f8:04:cf:c6:40:4f:a8:49:89:50:73:af:3d:4a:65:
c0:f6:19:37:c0:7d:ff:37:e7:f0:86:b8:df:cf:8d:
50:53:95:b4:a6:a5:09:c4:de:ac:8f:d5:d0:75:d8:
5f:ae:75:86:6f:d2:f4:5e:54:1d:6e:57:df:50:88:
25:24:c2:7b:8a:3d:32:de:de:1f:e3:ba:b5:1e:7b:
24:44:a8:11:dd:9c:f9:d3:2e:d7:a5:f8:2e:8c:d0:
2b:26:7d:7a:76:93:a0:fa:f3:d9:a4:8d:28:5c:bb:
aa:10:5a:02:b9:e8:5f:37:e9:c3:58:e5:53:67:37:
1f:94:98:0f:52:28:c5:ca:ca:e1:a3:ee:03:db:9b:
a2:1b:48:e4:ff:ad:e6:cc:bc:c8:47:4e:5c:59:29:
8b:14:31:99:4f:af:f5:67:ea:f7:2b:b9:c3:01:db:
31:9d:6b:c4:9a:7d:ec:73:2d:c8:83:f0:40:85:87:
99:b9:ec:41:16:ee:2d:8c:c6:ab:36:00:10:1b:56:
a3:99:a7:71:0a:6d:12:63:f9:71:91:74:54:74:30:
a1:e1:72:60:12:e5:6f:cb:de:39:34:d1:12:0f:cc:
f1:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:FE:51:94:DE:DF:3B:E6:FC:81:B7:B8:97:E9:89:3E:7F:F2:C2:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ebcfa3d0-0fee-4dc1-aa5d-0061f89669ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:9080::/46
Signature Algorithm: sha256WithRSAEncryption
3f:b9:7f:ef:9e:5a:41:95:f3:d7:65:ca:d9:b1:f3:88:7e:e0:
5e:4d:4b:11:a4:0a:e7:e2:fa:d6:da:6b:eb:cc:95:24:27:00:
1c:fb:ff:2d:6a:fe:ed:88:a9:8c:32:ad:e1:cd:2f:16:e0:e4:
80:df:3b:c7:a1:ed:75:6a:91:ae:c7:d3:4a:35:d7:1b:ed:81:
47:93:d2:7f:27:72:ee:a2:44:c8:88:10:57:e0:82:ce:be:ac:
a3:d2:99:c5:df:6d:e1:d2:58:81:51:9c:15:fa:8a:3c:fb:c1:
de:95:55:7f:0d:e4:88:10:47:23:f6:22:2c:76:7b:f1:62:f3:
14:a4:a8:8d:4c:96:66:1d:96:fd:12:6b:24:d2:7f:57:8f:e0:
6c:6b:9d:3c:80:99:9c:de:9b:ef:18:5c:ad:7f:94:69:a3:13:
6b:f6:a2:ea:4d:43:e0:be:b7:a0:64:e6:79:1b:bf:e2:f8:7e:
d4:2e:87:72:9b:7b:02:f6:71:45:0e:99:af:3c:25:56:a9:65:
61:4a:36:13:77:61:e9:3d:c2:99:59:9d:da:1e:68:a5:75:34:
2b:12:84:0f:d6:f0:85:c9:e6:3f:90:1d:40:0a:23:28:45:0e:
16:39:04:23:7b:3b:74:a5:32:fc:52:13:c1:53:91:1d:45:25:
c0:69:b8:c3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUE4aIYETqv5AVAa9Kx65HSjobNSkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTQxMzdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxM2FhOTc3YWRiODE0YTkwZjFiODc2YzU3MDUyZmNmNzUzZTMzMzM1NjMy
MWMwNThmNjI4Y2MzN2I0Mzk3YzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOJd1n9oSCWc8koXS4laKQTfsrJaMTVkjx5OqHKw+ATPxkBPqEmJUHOvPUpl
wPYZN8B9/zfn8Ia438+NUFOVtKalCcTerI/V0HXYX651hm/S9F5UHW5X31CIJSTC
e4o9Mt7eH+O6tR57JESoEd2c+dMu16X4LozQKyZ9enaToPrz2aSNKFy7qhBaArno
Xzfpw1jlU2c3H5SYD1IoxcrK4aPuA9ubohtI5P+t5sy8yEdOXFkpixQxmU+v9Wfq
9yu5wwHbMZ1rxJp97HMtyIPwQIWHmbnsQRbuLYzGqzYAEBtWo5mncQptEmP5cZF0
VHQwoeFyYBLlb8veOTTREg/M8cMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ6/lGU
3t875vyBt7iX6Yk+f/LCKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWJjZmEzZDAtMGZlZS00ZGMxLWFhNWQtMDA2MWY4OTY2OWFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HuQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAP7l/755aQZXz12XK2bHziH7gXk1LEaQK5+L6
1tpr68yVJCcAHPv/LWr+7YipjDKt4c0vFuDkgN87x6HtdWqRrsfTSjXXG+2BR5PS
fydy7qJEyIgQV+CCzr6so9KZxd9t4dJYgVGcFfqKPPvB3pVVfw3kiBBHI/YiLHZ7
8WLzFKSojUyWZh2W/RJrJNJ/V4/gbGudPICZnN6b7xhcrX+UaaMTa/ai6k1D4L63
oGTmeRu/4vh+1C6Hcpt7AvZxRQ6ZrzwlVqllYUo2E3dh6T3CmVmd2h5opXU0KxKE
D9bwhcnmP5AdQAojKEUOFjkEI3s7dKUy/FITwVORHUUlwGm4ww==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:34:26 2025 by rpki-client