Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f2d2dfe9-f57a-43e4-8471-748b12e9dda6.roa
File: f2d2dfe9-f57a-43e4-8471-748b12e9dda6.roa (raw, json)
Hash identifier: WZTH5rAc75WFnqd8h8ympbDqAIrgBmqAMRnYJ+vvyyI=
Subject key identifier: 8B:F1:03:0C:7D:58:F1:53:1E:18:41:6D:E2:40:8D:1B:C2:99:B2:43
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06044FDDA132951C60DD2A738F68A275A7E1C8E7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f2d2dfe9-f57a-43e4-8471-748b12e9dda6.roa
Signing time: Fri 11 Jul 2025 19:20:52 +0000
ROA not before: Fri 11 Jul 2025 19:20:52 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:04:4f:dd:a1:32:95:1c:60:dd:2a:73:8f:68:a2:75:a7:e1:c8:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:20:52 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=3de398095a48e08fffe8653366837bddb74d8ceca7e31f108a40e16874f55b06, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:8a:e9:d9:09:ba:6c:48:60:6d:c1:de:3d:8d:
e7:e2:3f:a1:6a:b9:8d:30:7f:92:aa:4d:b4:77:22:
92:d2:a5:4a:58:01:e6:14:30:ce:1f:6e:07:3f:70:
6c:37:74:ef:03:97:7a:a6:f8:fd:ea:fe:eb:61:3e:
b3:a8:54:73:5f:ae:ca:a8:86:d4:a5:8a:c7:c4:8c:
fd:e6:c2:c7:df:dc:cb:3d:ab:3c:4a:2d:a5:1b:c1:
b0:d2:61:04:4d:39:d5:60:12:7b:fa:49:bf:da:e8:
59:cb:b2:4f:7d:ce:9f:aa:f4:73:56:23:98:48:3d:
ec:9d:af:f1:ad:31:5d:5c:0c:6d:1b:84:9d:20:ea:
c6:c5:89:27:e0:5b:2e:fa:79:7c:87:6c:50:12:d1:
41:b3:07:7d:03:16:a9:f2:16:bb:08:8e:15:34:40:
5f:df:6b:86:ff:32:bf:3e:61:60:b3:92:d8:1c:8f:
e9:f8:fe:8e:aa:22:0c:15:09:f2:20:f9:9d:63:0e:
93:b7:10:46:79:32:0a:1f:09:44:c2:f0:ab:66:b1:
dd:8f:f6:d7:b6:b3:c3:02:89:e0:f5:8b:7f:b8:a3:
f5:9d:ca:b0:32:3b:60:f8:c9:c2:0e:a7:a2:af:40:
7e:45:58:63:3f:3c:d4:7f:10:31:5f:0a:3f:84:e3:
c4:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F1:03:0C:7D:58:F1:53:1E:18:41:6D:E2:40:8D:1B:C2:99:B2:43
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f2d2dfe9-f57a-43e4-8471-748b12e9dda6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8000::/40
Signature Algorithm: sha256WithRSAEncryption
32:f7:da:53:d3:9b:f3:f6:82:11:5e:9d:54:1d:50:ea:85:bb:
81:0c:d3:ac:89:45:11:e2:d6:58:71:04:68:23:5e:8b:7f:3c:
8d:f0:e7:0f:7f:29:0a:61:74:9d:45:eb:d7:ba:2c:cf:dd:77:
9a:00:13:56:3d:bb:78:9b:84:44:4c:67:f7:56:d3:7a:5b:7f:
3a:9c:31:df:33:35:42:51:39:44:b2:12:f5:fa:48:15:99:17:
0a:fa:16:e4:b3:c6:f4:a2:76:18:bd:d6:84:2d:dd:82:48:c5:
44:22:47:35:0d:b1:67:55:c6:73:6f:54:b1:bb:c5:31:a8:78:
db:ba:08:8f:cf:09:09:65:65:ec:b0:22:3c:81:6d:44:5d:b4:
ad:7a:e1:29:06:88:79:81:4a:0c:d0:7c:52:5e:86:d0:8d:2a:
62:91:10:33:21:27:b3:01:e1:4c:03:eb:79:5c:b1:59:b3:ab:
32:9e:04:1e:5d:a7:66:bd:1f:a4:3b:39:da:7a:ad:53:cb:e5:
01:4a:32:e4:89:62:87:a7:40:dc:6e:32:6e:9c:ac:f1:1b:31:
c7:10:9a:25:05:2d:1d:a2:26:51:b7:f9:27:9d:d7:1a:a2:20:
29:c3:42:f5:f3:4a:31:c2:dd:be:1b:07:b8:11:5d:b7:bb:07:
e5:c6:89:5a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBgRP3aEylRxg3Spzj2iidafhyOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIwNTJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkZTM5ODA5NWE0OGUwOGZmZmU4NjUzMzY2ODM3YmRkYjc0ZDhjZWNhN2Uz
MWYxMDhhNDBlMTY4NzRmNTViMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOKK6dkJumxIYG3B3j2N5+I/oWq5jTB/kqpNtHciktKlSlgB5hQwzh9uBz9w
bDd07wOXeqb4/er+62E+s6hUc1+uyqiG1KWKx8SM/ebCx9/cyz2rPEotpRvBsNJh
BE051WASe/pJv9roWcuyT33On6r0c1YjmEg97J2v8a0xXVwMbRuEnSDqxsWJJ+Bb
Lvp5fIdsUBLRQbMHfQMWqfIWuwiOFTRAX99rhv8yvz5hYLOS2ByP6fj+jqoiDBUJ
8iD5nWMOk7cQRnkyCh8JRMLwq2ax3Y/217azwwKJ4PWLf7ij9Z3KsDI7YPjJwg6n
oq9AfkVYYz881H8QMV8KP4TjxLsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSL8QMM
fVjxUx4YQW3iQI0bwpmyQzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjJkMmRmZTktZjU3YS00M2U0LTg0NzEtNzQ4YjEyZTlkZGE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKA
MA0GCSqGSIb3DQEBCwUAA4IBAQAy99pT05vz9oIRXp1UHVDqhbuBDNOsiUUR4tZY
cQRoI16LfzyN8OcPfykKYXSdRevXuizP3XeaABNWPbt4m4RETGf3VtN6W386nDHf
MzVCUTlEshL1+kgVmRcK+hbks8b0onYYvdaELd2CSMVEIkc1DbFnVcZzb1Sxu8Ux
qHjbugiPzwkJZWXssCI8gW1EXbSteuEpBoh5gUoM0HxSXobQjSpikRAzISezAeFM
A+t5XLFZs6syngQeXadmvR+kOznaeq1Ty+UBSjLkiWKHp0DcbjJunKzxGzHHEJol
BS0doiZRt/knndcaoiApw0L180oxwt2+Gwe4EV23uwflxola
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:49 2025 by rpki-client