Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed090164-248d-4744-ac85-e5cadbc41a70.roa
File: ed090164-248d-4744-ac85-e5cadbc41a70.roa (raw, json)
Hash identifier: 54jSr2kvcVRJqKGan0XvyORs/3NrJBDajHbuuPPQ818=
Subject key identifier: 73:E2:76:75:7E:AE:5C:7A:C7:D5:CB:A7:3E:58:15:80:B7:04:DE:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 593802A329CB8A3CB7064C377CAA2D4881CED42D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed090164-248d-4744-ac85-e5cadbc41a70.roa
Signing time: Fri 11 Jul 2025 20:01:33 +0000
ROA not before: Fri 11 Jul 2025 20:01:33 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:38:02:a3:29:cb:8a:3c:b7:06:4c:37:7c:aa:2d:48:81:ce:d4:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:01:33 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=febf379ba60a0116c00e897e6f9a3fde0d0e2dbc557eedd1292873f02cbfb857, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f5:0d:a9:2e:f8:1a:89:19:4b:66:94:ab:79:
53:fe:f9:af:2f:51:62:7d:99:19:50:7c:b6:07:25:
d7:92:e2:bb:f3:db:d5:ef:ea:06:88:fd:6f:2e:79:
15:9e:58:ef:5a:ff:17:81:82:43:80:33:aa:9e:46:
80:bf:f6:7b:1c:5c:47:28:0b:bd:d7:ae:03:74:d0:
44:ec:aa:54:87:eb:3a:75:b8:3b:bf:2f:62:b9:3d:
9a:35:e4:59:a6:56:20:51:0f:7a:d7:f4:11:f3:07:
7a:3e:7e:4d:03:d5:02:31:51:0b:0a:97:09:33:f1:
83:08:7b:58:b0:4e:4f:71:0e:02:a3:aa:e6:39:5c:
f4:0c:0e:b8:0e:76:87:bd:9e:12:cf:3d:4c:cf:5e:
a6:68:87:af:0f:2e:cc:f0:30:78:5c:18:12:65:e7:
6f:1a:bc:bf:78:10:79:e0:72:f4:a5:a2:43:c8:df:
fe:7b:bc:f5:16:f8:e1:74:dc:06:8a:6a:3b:a6:11:
78:67:c0:14:ae:d0:02:8c:e0:b7:fb:9d:33:9d:ed:
00:c1:aa:79:03:93:be:81:bc:9d:3c:56:e2:63:32:
af:01:0b:ef:75:c5:72:e6:e4:5e:37:e0:d9:30:ad:
64:64:1c:c9:35:ee:c1:4d:95:1d:2f:1d:4e:b1:78:
a4:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E2:76:75:7E:AE:5C:7A:C7:D5:CB:A7:3E:58:15:80:B7:04:DE:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed090164-248d-4744-ac85-e5cadbc41a70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:e000::/40
Signature Algorithm: sha256WithRSAEncryption
67:f8:18:9d:eb:b2:18:4f:cb:8d:ca:06:2f:88:bf:66:1b:fa:
04:c9:4a:a8:7d:01:43:8d:a4:b7:e7:0d:e6:dd:db:1c:c7:8f:
0e:84:91:2f:8b:b4:29:d3:44:67:fd:39:37:84:2c:ae:a9:2f:
f0:f6:92:cb:1f:3b:40:41:ae:f4:b4:e7:e5:4f:8c:81:45:83:
ff:30:83:fd:ec:79:2d:43:82:15:b3:d9:ef:77:60:5d:1e:f2:
39:77:c9:b3:c3:82:bf:aa:62:73:59:39:49:54:43:01:55:6e:
2f:ed:69:74:06:22:8f:09:8b:c0:e4:6f:36:27:3f:e6:d8:de:
30:f6:41:ad:c4:f5:7e:81:1a:5a:57:3f:a2:0e:21:75:fc:9f:
e7:55:4b:89:c7:2c:9d:dd:ec:c8:61:db:07:51:f4:d1:72:d1:
bd:3c:a5:15:d9:89:d4:0f:af:ec:3d:41:13:be:a3:ba:82:f2:
32:d4:43:e6:ac:ca:cd:03:44:56:f6:46:21:0e:66:66:bd:f1:
3a:90:ae:4d:b7:36:d1:a0:82:4a:2d:1e:d4:ba:00:a2:f1:03:
d1:3c:fa:91:20:2a:a9:6e:7e:4d:b3:f6:ff:d9:e1:ae:5a:aa:
b5:60:ed:9b:2b:9b:6d:e4:82:2a:6c:57:24:1b:b7:c4:ed:e7:
fc:12:7e:6f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWTgCoynLijy3Bkw3fKotSIHO1C0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAxMzNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlYmYzNzliYTYwYTAxMTZjMDBlODk3ZTZmOWEzZmRlMGQwZTJkYmM1NTdl
ZWRkMTI5Mjg3M2YwMmNiZmI4NTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJn1Daku+BqJGUtmlKt5U/75ry9RYn2ZGVB8tgcl15Liu/Pb1e/qBoj9by55
FZ5Y71r/F4GCQ4Azqp5GgL/2exxcRygLvdeuA3TQROyqVIfrOnW4O78vYrk9mjXk
WaZWIFEPetf0EfMHej5+TQPVAjFRCwqXCTPxgwh7WLBOT3EOAqOq5jlc9AwOuA52
h72eEs89TM9epmiHrw8uzPAweFwYEmXnbxq8v3gQeeBy9KWiQ8jf/nu89Rb44XTc
BopqO6YReGfAFK7QAozgt/udM53tAMGqeQOTvoG8nTxW4mMyrwEL73XFcubkXjfg
2TCtZGQcyTXuwU2VHS8dTrF4pAkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRz4nZ1
fq5cesfVy6c+WBWAtwTeGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWQwOTAxNjQtMjQ4ZC00NzQ0LWFjODUtZTVjYWRiYzQxYTcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hfg
MA0GCSqGSIb3DQEBCwUAA4IBAQBn+Bid67IYT8uNygYviL9mG/oEyUqofQFDjaS3
5w3m3dscx48OhJEvi7Qp00Rn/Tk3hCyuqS/w9pLLHztAQa70tOflT4yBRYP/MIP9
7HktQ4IVs9nvd2BdHvI5d8mzw4K/qmJzWTlJVEMBVW4v7Wl0BiKPCYvA5G82Jz/m
2N4w9kGtxPV+gRpaVz+iDiF1/J/nVUuJxyyd3ezIYdsHUfTRctG9PKUV2YnUD6/s
PUETvqO6gvIy1EPmrMrNA0RW9kYhDmZmvfE6kK5NtzbRoIJKLR7UugCi8QPRPPqR
ICqpbn5Ns/b/2eGuWqq1YO2bK5tt5IIqbFckG7fE7ef8En5v
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:14 2025 by rpki-client