Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
File: f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa (raw, json)
Hash identifier: v4kobrh6oJkIktjmo14SRJRyIoagXG3nDEkSn5PcHYc=
Subject key identifier: 9D:BA:9A:9B:C7:E3:EE:4A:BA:E3:14:58:DF:B8:5F:24:86:1C:E7:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58B9C22017960FA93CF3FE59B6B3D987D0D8C98D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
Signing time: Mon 21 Jul 2025 17:00:05 +0000
ROA not before: Mon 21 Jul 2025 17:00:05 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:b9:c2:20:17:96:0f:a9:3c:f3:fe:59:b6:b3:d9:87:d0:d8:c9:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 17:00:05 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=fcd092640b94c3d6b7b548f04bce1fee01b210bb5a0b1d058736b041f79979c2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:fd:76:dd:48:25:bf:73:4c:33:64:8d:de:22:
d9:2f:c1:37:34:01:f2:02:11:49:31:72:d4:3d:78:
1a:66:74:2d:11:6a:1b:53:0c:fa:2c:d9:17:07:c5:
e3:2c:b1:d6:ea:44:b5:7e:e2:64:e5:56:8c:2d:a4:
e6:60:89:41:b7:8d:f4:31:10:21:33:6d:94:63:c2:
60:95:10:05:6e:96:17:39:1a:03:36:87:7a:63:85:
ac:47:7b:51:03:7a:80:53:22:3d:7f:fc:35:4d:c1:
09:99:b6:cc:c7:72:01:a7:0f:71:29:13:76:b6:86:
f5:52:63:d6:9b:2b:c6:44:82:41:44:45:6e:3a:bb:
53:85:a4:5f:02:32:92:16:d1:df:ff:43:7f:66:8a:
28:b4:10:5e:e5:51:e2:ba:86:55:86:b0:e9:ff:86:
28:e3:2b:57:8b:d8:aa:ff:25:3c:c6:11:48:fa:95:
37:3e:1c:ad:41:b0:43:ed:bf:42:f3:a8:5f:44:9d:
f2:2f:74:e1:0c:ca:38:d0:99:8c:35:32:ef:f3:fa:
68:d5:0c:79:e2:b0:f3:90:6c:b9:4c:f7:52:88:6e:
5f:9a:42:df:cd:90:a8:5f:21:f1:14:14:41:52:c3:
a9:93:19:57:2f:7d:27:7d:23:a7:6c:3e:ae:0a:9b:
bb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:BA:9A:9B:C7:E3:EE:4A:BA:E3:14:58:DF:B8:5F:24:86:1C:E7:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
68:61:3a:a2:af:9b:4c:31:e5:6a:97:3f:38:c6:fc:3f:b0:30:
93:0a:df:37:22:f2:f0:d1:aa:e9:73:28:57:d9:31:55:f3:d0:
03:b2:fb:43:cc:ed:26:0b:58:67:5e:ba:5c:9f:a6:0b:a3:ae:
a3:2f:01:7f:25:f6:3d:ca:e1:97:04:6c:da:d4:3d:10:25:74:
58:c7:68:36:b2:0a:5b:1f:52:8d:91:db:04:32:cd:6f:fa:be:
7b:c2:f1:c2:7e:a1:a2:c7:09:44:0b:5e:88:fa:7a:a9:6d:c4:
1d:66:92:7a:1f:7e:30:06:67:e1:ba:94:4a:e4:91:28:7f:d9:
dc:ea:e6:4d:ec:b1:e7:ab:82:1e:fc:95:7e:0e:79:5a:28:a3:
77:ed:1b:28:9c:1e:ab:a3:09:3d:f3:1f:23:9b:a0:16:42:b6:
c6:a7:31:d4:08:43:0f:ac:af:5c:02:52:57:1a:16:36:da:3a:
c8:8a:55:61:5d:ec:fc:a0:6e:ab:b8:30:d9:26:10:8b:ed:eb:
5f:58:0f:f4:ae:fc:92:c9:a3:80:0e:57:07:d6:1c:3e:23:13:
63:76:93:87:cc:a8:28:9a:a1:6e:5f:b6:8f:89:60:4e:c7:57:
fb:95:df:b8:1e:56:5b:0e:a4:25:e7:d0:a5:c0:84:12:4a:95:
31:23:56:72
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUWLnCIBeWD6k88/5ZtrPZh9DYyY0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNzAwMDVaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjZDA5MjY0MGI5NGMzZDZiN2I1NDhmMDRiY2UxZmVlMDFiMjEwYmI1YTBi
MWQwNTg3MzZiMDQxZjc5OTc5YzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKX9dt1IJb9zTDNkjd4i2S/BNzQB8gIRSTFy1D14GmZ0LRFqG1MM+izZFwfF
4yyx1upEtX7iZOVWjC2k5mCJQbeN9DEQITNtlGPCYJUQBW6WFzkaAzaHemOFrEd7
UQN6gFMiPX/8NU3BCZm2zMdyAacPcSkTdraG9VJj1psrxkSCQURFbjq7U4WkXwIy
khbR3/9Df2aKKLQQXuVR4rqGVYaw6f+GKOMrV4vYqv8lPMYRSPqVNz4crUGwQ+2/
QvOoX0Sd8i904QzKONCZjDUy7/P6aNUMeeKw85BsuUz3UohuX5pC382QqF8h8RQU
QVLDqZMZVy99J30jp2w+rgqbu/ECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSdupqb
x+PuSrrjFFjfuF8khhzn7TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjEzZjU0NDQtMzc3YS00ZTUxLWExYzctMTBjMmEzYTNkNmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBAGhhOqKvm0wx5WqXPzjG/D+wMJMK3zci8vDRqulz
KFfZMVXz0AOy+0PM7SYLWGdeulyfpgujrqMvAX8l9j3K4ZcEbNrUPRAldFjHaDay
ClsfUo2R2wQyzW/6vnvC8cJ+oaLHCUQLXoj6eqltxB1mknoffjAGZ+G6lErkkSh/
2dzq5k3sseergh78lX4OeVooo3ftGyicHqujCT3zHyOboBZCtsanMdQIQw+sr1wC
UlcaFjbaOsiKVWFd7Pygbqu4MNkmEIvt619YD/Su/JLJo4AOVwfWHD4jE2N2k4fM
qCiaoW5fto+JYE7HV/uV37geVlsOpCXn0KXAhBJKlTEjVnI=
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:32:40 2025 by rpki-client