Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f4392a9b-4dbd-4966-b39c-0f1163c52611.roa
File: f4392a9b-4dbd-4966-b39c-0f1163c52611.roa (raw, json)
Hash identifier: 97UGyXtaU1f+eG1NYlt5H1Pgll8KutV+H++vpyL9X6M=
Subject key identifier: 96:FD:2E:D4:00:C7:57:CE:AE:90:80:45:EE:2E:B2:37:A0:AA:82:6D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 110893699478E5362CF0BC3CB8FE1B02F4E7FAC1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f4392a9b-4dbd-4966-b39c-0f1163c52611.roa
Signing time: Fri 11 Jul 2025 19:41:42 +0000
ROA not before: Fri 11 Jul 2025 19:41:42 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:a040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:08:93:69:94:78:e5:36:2c:f0:bc:3c:b8:fe:1b:02:f4:e7:fa:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:41:42 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=104065fb0f78c8ef60dad850d072c86da9e516ef391060888d8b77189e9ce2a5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c0:07:81:19:0e:8b:49:d4:c2:d8:ee:8e:c9:
33:3a:9e:f4:8e:d4:65:66:53:1d:3d:1c:69:99:8a:
0b:66:39:b7:f8:4b:25:5c:2a:a4:d1:09:e5:85:fe:
7a:49:2f:e5:d3:d1:f0:81:e0:70:bd:74:e6:03:63:
19:1f:eb:d7:a9:ac:36:ce:61:a0:71:2e:d0:ac:50:
45:19:ba:99:5a:0a:6b:d3:5b:a2:13:ff:63:80:d4:
d6:28:2c:e7:29:91:ed:36:11:cc:e5:e9:85:0b:6d:
46:8f:df:dd:97:35:6b:ca:2b:b2:47:1c:36:a6:29:
45:b8:45:f6:d6:68:0a:d4:38:14:e8:6c:3e:bb:cb:
9a:9a:5a:5b:4a:71:ee:d4:09:a3:f5:1a:34:cd:56:
4f:63:e0:7f:5f:2e:5d:8f:40:31:fa:f3:0f:1b:fd:
38:6e:ba:95:2e:f0:99:a2:08:bf:56:92:38:7f:bc:
80:07:3e:b3:39:6b:fa:bd:85:b8:d7:32:6f:97:c0:
17:14:82:a8:04:20:bd:1d:56:81:a7:48:21:cd:81:
f9:c0:07:0b:a0:6e:b3:b4:86:fd:69:ad:4d:8f:27:
7a:2c:80:d1:c6:9a:1e:1e:20:1b:03:c5:c4:f1:0f:
3c:7c:fe:8c:3a:b2:da:3c:e9:fa:2d:cd:09:88:e9:
9a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:FD:2E:D4:00:C7:57:CE:AE:90:80:45:EE:2E:B2:37:A0:AA:82:6D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f4392a9b-4dbd-4966-b39c-0f1163c52611.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:a040::/46
Signature Algorithm: sha256WithRSAEncryption
37:f3:53:27:13:8c:0e:3d:35:9c:dc:c4:10:38:bd:73:d8:62:
57:39:cd:f9:e3:f7:f5:df:b5:45:b7:3a:f9:42:55:67:6b:01:
d6:1c:f8:70:a0:7d:87:06:2d:71:c0:93:c2:9c:bb:83:25:3a:
32:13:c6:b1:5d:4f:11:dd:d7:05:e3:58:ff:14:18:14:9c:10:
ef:18:b1:a7:33:ab:22:d4:0e:54:c4:ea:36:c8:53:9a:02:6a:
85:5a:f7:a1:53:f3:ee:e1:98:86:67:f4:a7:e1:af:07:22:40:
07:44:63:44:21:bb:4c:e0:72:8f:56:1d:af:d5:69:d7:46:8d:
fc:63:ba:f3:35:0f:b8:03:32:40:3d:62:3d:a6:e7:cf:0b:70:
70:8e:0c:df:4e:b6:05:8e:08:c7:da:5e:c7:b9:01:da:e7:18:
b2:84:62:2f:fa:95:e9:7a:72:8e:b5:78:b7:8b:2b:e1:4b:8e:
a2:af:43:af:b2:f9:ad:f7:45:6f:f6:b2:13:5c:8a:04:8f:96:
f2:53:0a:a8:74:14:7e:03:56:ee:24:94:e9:2f:70:3e:94:11:
05:0a:e3:b6:d0:8c:17:82:56:3c:a6:0c:e2:1d:e9:3a:bc:2a:
8f:6e:85:2a:16:e2:91:0f:cc:8e:8b:e5:8b:8c:11:6c:b5:d0:
e3:60:4a:48
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEQiTaZR45TYs8Lw8uP4bAvTn+sEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTQxNDJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwNDA2NWZiMGY3OGM4ZWY2MGRhZDg1MGQwNzJjODZkYTllNTE2ZWYzOTEw
NjA4ODhkOGI3NzE4OWU5Y2UyYTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/AB4EZDotJ1MLY7o7JMzqe9I7UZWZTHT0caZmKC2Y5t/hLJVwqpNEJ5YX+
ekkv5dPR8IHgcL105gNjGR/r16msNs5hoHEu0KxQRRm6mVoKa9NbohP/Y4DU1igs
5ymR7TYRzOXphQttRo/f3Zc1a8orskccNqYpRbhF9tZoCtQ4FOhsPrvLmppaW0px
7tQJo/UaNM1WT2Pgf18uXY9AMfrzDxv9OG66lS7wmaIIv1aSOH+8gAc+szlr+r2F
uNcyb5fAFxSCqAQgvR1WgadIIc2B+cAHC6Bus7SG/WmtTY8neiyA0caaHh4gGwPF
xPEPPHz+jDqy2jzp+i3NCYjpmuMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSW/S7U
AMdXzq6QgEXuLrI3oKqCbTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjQzOTJhOWItNGRiZC00OTY2LWIzOWMtMGYxMTYzYzUyNjExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0Hug
QDANBgkqhkiG9w0BAQsFAAOCAQEAN/NTJxOMDj01nNzEEDi9c9hiVznN+eP39d+1
Rbc6+UJVZ2sB1hz4cKB9hwYtccCTwpy7gyU6MhPGsV1PEd3XBeNY/xQYFJwQ7xix
pzOrItQOVMTqNshTmgJqhVr3oVPz7uGYhmf0p+GvByJAB0RjRCG7TOByj1Ydr9Vp
10aN/GO68zUPuAMyQD1iPabnzwtwcI4M3062BY4Ix9pex7kB2ucYsoRiL/qV6Xpy
jrV4t4sr4UuOoq9Dr7L5rfdFb/ayE1yKBI+W8lMKqHQUfgNW7iSU6S9wPpQRBQrj
ttCMF4JWPKYM4h3pOrwqj26FKhbikQ/Mjovli4wRbLXQ42BKSA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:35:49 2025 by rpki-client