Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/edcc9789-1388-4a5f-a1ae-1bb58c4cb319.roa
File: edcc9789-1388-4a5f-a1ae-1bb58c4cb319.roa (raw, json)
Hash identifier: bge6ccUE1oR987nwq4QdxiZWtdKJ++aQCN7EJF0mPvU=
Subject key identifier: D6:C2:79:FF:B1:12:CE:DD:BD:29:2A:58:C7:F2:6D:F2:82:A7:70:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A99D22BCD2CFD39115D6C3897032C9F8B562159
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/edcc9789-1388-4a5f-a1ae-1bb58c4cb319.roa
Signing time: Fri 11 Jul 2025 20:40:46 +0000
ROA not before: Fri 11 Jul 2025 20:40:46 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:99:d2:2b:cd:2c:fd:39:11:5d:6c:38:97:03:2c:9f:8b:56:21:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:40:46 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=1eeba2b13d8dcb8322df911d07924d096cdbc756e6a9ef94f39a2324d45dab01, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0d:4e:f5:75:84:38:98:c6:8a:1a:66:e6:37:
18:8a:f3:61:fb:ea:79:20:8b:4b:6c:8c:5a:8f:74:
15:92:c3:46:60:ad:a8:14:37:74:31:69:51:5f:44:
fd:fd:b5:03:33:49:0d:79:df:71:8f:41:3d:17:56:
98:7e:37:66:fd:be:67:2e:7a:93:c1:b8:05:70:06:
9a:43:0c:c7:41:74:b6:d3:32:92:cb:90:90:e2:98:
3c:c1:d9:72:f4:78:be:98:d0:c0:dd:98:b5:c8:10:
3b:9c:4b:d1:13:f6:80:24:50:8d:b4:0e:6e:96:8f:
6a:43:4f:f2:3f:4c:7e:2d:9d:48:bb:7c:30:26:8c:
5e:26:53:9c:95:84:9c:80:ef:1a:66:da:7e:9c:c1:
d1:55:e2:a7:2b:07:61:03:44:cc:b2:ee:ec:c2:14:
6d:18:10:b7:5a:be:83:4c:ea:a4:16:01:38:48:5c:
f3:74:a6:8a:1f:15:23:96:c7:cd:c3:7b:82:c7:65:
f6:e0:6a:6a:d1:62:15:14:0a:4d:ca:7b:2c:4f:0b:
8c:97:f2:5e:23:d1:b6:a0:e1:f0:99:ca:5c:d9:2b:
f9:29:74:17:e7:76:11:c6:9e:71:09:4b:5a:0e:fc:
c2:4c:4e:47:98:18:15:9b:21:fc:b3:88:b9:ef:99:
f5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:C2:79:FF:B1:12:CE:DD:BD:29:2A:58:C7:F2:6D:F2:82:A7:70:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/edcc9789-1388-4a5f-a1ae-1bb58c4cb319.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014::/38
Signature Algorithm: sha256WithRSAEncryption
96:59:32:f4:0d:41:8e:6a:2d:1e:f3:dd:ca:04:2a:94:e4:b8:
a1:76:5a:87:21:61:64:66:7b:14:d4:15:41:fd:cc:01:3b:2e:
51:a3:c2:6f:4e:31:66:61:34:a8:10:70:2f:2b:eb:b9:87:ab:
1b:f5:f6:d0:6c:9c:0b:26:0b:eb:11:33:2d:1e:92:bc:d3:dd:
56:1c:15:36:f0:78:da:c3:8c:2a:3c:ec:ea:5c:c7:ee:87:44:
44:8e:00:69:cf:63:3a:7b:f8:8c:cf:58:4e:b2:97:d6:f4:04:
49:82:6d:33:c4:4b:f8:17:c9:ee:5a:e9:3b:c9:33:51:61:14:
be:be:22:2a:98:2f:21:bf:e5:43:24:e9:d6:45:d8:8e:bc:bb:
18:3f:0c:c1:3e:c1:80:41:ad:e2:c7:23:9f:ff:25:23:a6:96:
87:ae:fa:03:48:73:0f:e3:39:12:14:2b:ad:60:c9:67:e0:f9:
a6:cf:53:47:da:eb:32:21:ad:4b:a8:80:a3:89:a7:d2:2c:dc:
7e:9c:ac:c4:9b:15:e1:f8:82:f3:78:bb:4e:76:90:48:4a:ab:
41:51:b2:46:06:4f:67:3b:ca:97:37:81:52:06:dc:3d:ac:eb:
ec:a3:75:69:b9:45:c0:fb:2e:b7:f8:95:6f:fa:7b:26:57:ef:
1a:aa:59:b0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUepnSK80s/TkRXWw4lwMsn4tWIVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQwNDZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlZWJhMmIxM2Q4ZGNiODMyMmRmOTExZDA3OTI0ZDA5NmNkYmM3NTZlNmE5
ZWY5NGYzOWEyMzI0ZDQ1ZGFiMDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYNTvV1hDiYxooaZuY3GIrzYfvqeSCLS2yMWo90FZLDRmCtqBQ3dDFpUV9E
/f21AzNJDXnfcY9BPRdWmH43Zv2+Zy56k8G4BXAGmkMMx0F0ttMyksuQkOKYPMHZ
cvR4vpjQwN2YtcgQO5xL0RP2gCRQjbQObpaPakNP8j9Mfi2dSLt8MCaMXiZTnJWE
nIDvGmbafpzB0VXipysHYQNEzLLu7MIUbRgQt1q+g0zqpBYBOEhc83Smih8VI5bH
zcN7gsdl9uBqatFiFRQKTcp7LE8LjJfyXiPRtqDh8JnKXNkr+Sl0F+d2EcaecQlL
Wg78wkxOR5gYFZsh/LOIue+Z9TMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTWwnn/
sRLO3b0pKljH8m3ygqdwyjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWRjYzk3ODktMTM4OC00YTVmLWExYWUtMWJiNThjNGNiMzE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQA
MA0GCSqGSIb3DQEBCwUAA4IBAQCWWTL0DUGOai0e893KBCqU5LihdlqHIWFkZnsU
1BVB/cwBOy5Ro8JvTjFmYTSoEHAvK+u5h6sb9fbQbJwLJgvrETMtHpK8091WHBU2
8Hjaw4wqPOzqXMfuh0REjgBpz2M6e/iMz1hOspfW9ARJgm0zxEv4F8nuWuk7yTNR
YRS+viIqmC8hv+VDJOnWRdiOvLsYPwzBPsGAQa3ixyOf/yUjppaHrvoDSHMP4zkS
FCutYMln4Pmmz1NH2usyIa1LqICjiafSLNx+nKzEmxXh+ILzeLtOdpBISqtBUbJG
Bk9nO8qXN4FSBtw9rOvso3VpuUXA+y63+JVv+nsmV+8aqlmw
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:44:56 2025 by rpki-client