Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
File: f51bf20f-531a-411e-baff-37a38bc29ce9.roa (raw, json)
Hash identifier: rA+0iWxA3gIltNmpn+JFRpsjz9f1lyXqqX82KzoIfZs=
Subject key identifier: 6E:00:DB:C3:CD:3C:CF:02:C0:9D:B0:3C:CE:4D:3B:3B:8D:E4:B7:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65AA5D82A0DA8370B372B63C6F12584A3B1A27DA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
Signing time: Fri 11 Jul 2025 19:10:46 +0000
ROA not before: Fri 11 Jul 2025 19:10:46 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:aa:5d:82:a0:da:83:70:b3:72:b6:3c:6f:12:58:4a:3b:1a:27:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:10:46 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=92f1233e03f94cfdcef5edfe77cd4fa84f7ea9b43692ceda26e8d8bfc975af8e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:21:01:66:10:42:70:82:f3:3c:08:74:90:cc:
15:81:90:aa:02:76:72:a7:80:fe:6c:77:ac:8b:e7:
1d:0f:b9:96:33:cc:94:31:fc:49:28:d2:ce:36:bb:
9b:1b:6d:97:ee:46:68:81:d1:d4:7e:cc:c4:41:64:
ea:06:c4:4c:e5:b9:28:36:21:32:c9:a9:bf:d4:8f:
83:e6:68:04:23:92:15:c6:5e:41:5e:2b:4a:be:43:
e3:b5:5a:4e:ec:28:c6:da:89:3b:0b:e6:62:f4:39:
f3:11:ea:f5:8c:5a:ce:56:29:77:b7:92:d0:a7:c6:
a2:c5:06:f9:7e:38:d5:36:f3:0a:db:8c:5d:98:a7:
b7:1b:84:8c:4c:52:07:74:d1:65:d3:a1:a2:e4:ae:
23:d9:27:b4:a4:19:55:1c:eb:93:01:fb:25:eb:83:
f3:6d:17:1e:5c:95:e9:8a:ad:2b:bf:49:8a:a7:fe:
63:5c:69:ff:ce:c3:9d:7d:fd:90:f0:00:0b:d6:dd:
02:de:bf:7b:71:22:04:74:1c:bb:42:39:9d:de:49:
89:85:19:8c:94:9d:f0:7b:61:fd:8c:58:6c:00:98:
d5:3b:d1:22:1e:be:a8:4b:93:de:d2:f8:f9:85:3e:
3d:fe:63:92:79:9c:8e:00:30:cb:39:b5:cc:cf:5f:
19:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:00:DB:C3:CD:3C:CF:02:C0:9D:B0:3C:CE:4D:3B:3B:8D:E4:B7:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8020::/48
Signature Algorithm: sha256WithRSAEncryption
67:4b:86:55:58:17:46:1c:29:6e:3c:c0:49:ec:ad:46:07:7d:
a4:fb:7c:30:5e:97:12:e6:1f:8b:01:92:87:4d:29:57:d8:8c:
02:b7:c0:79:b2:ef:cb:a8:d6:fd:7c:d4:1e:d5:2a:49:b5:d0:
c0:f0:d5:0e:57:2d:b9:76:d4:e0:88:7a:18:e0:54:d4:d7:59:
b0:ad:bc:12:97:40:b7:95:02:68:b4:ee:ac:43:91:3d:13:d9:
1a:1d:09:c5:7a:7c:a8:c8:f4:52:0a:6a:ca:20:e4:38:00:65:
64:0c:41:7a:24:09:40:82:af:4c:7d:fb:33:6f:01:fa:5a:35:
32:09:9c:df:a4:31:53:44:63:12:c5:8c:d9:3c:c7:96:cb:a0:
5e:e6:71:e7:32:64:98:94:d7:e1:2c:4d:56:fd:8c:56:85:76:
28:71:2f:5c:44:c1:98:9f:1c:5c:2c:b6:42:0d:53:bb:b0:15:
f1:93:02:24:69:6e:fa:fa:00:6c:04:3d:7a:cf:c6:06:3e:cc:
f3:85:b9:ff:1b:43:78:d8:f9:c1:54:09:c8:1b:f2:5a:02:16:
0e:a4:73:ea:ac:cb:72:05:30:82:61:08:d4:73:cb:75:72:cc:
0f:3f:5b:7c:c4:fa:8b:8c:9f:b0:d2:d9:1f:67:7c:53:cf:8a:
4d:75:a0:c0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZapdgqDag3CzcrY8bxJYSjsaJ9owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTEwNDZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyZjEyMzNlMDNmOTRjZmRjZWY1ZWRmZTc3Y2Q0ZmE4NGY3ZWE5YjQzNjky
Y2VkYTI2ZThkOGJmYzk3NWFmOGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJwhAWYQQnCC8zwIdJDMFYGQqgJ2cqeA/mx3rIvnHQ+5ljPMlDH8SSjSzja7
mxttl+5GaIHR1H7MxEFk6gbETOW5KDYhMsmpv9SPg+ZoBCOSFcZeQV4rSr5D47Va
TuwoxtqJOwvmYvQ58xHq9YxazlYpd7eS0KfGosUG+X441TbzCtuMXZintxuEjExS
B3TRZdOhouSuI9kntKQZVRzrkwH7JeuD820XHlyV6YqtK79Jiqf+Y1xp/87DnX39
kPAAC9bdAt6/e3EiBHQcu0I5nd5JiYUZjJSd8Hth/YxYbACY1TvRIh6+qEuT3tL4
+YU+Pf5jknmcjgAwyzm1zM9fGWECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRuANvD
zTzPAsCdsDzOTTs7jeS36DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjUxYmYyMGYtNTMxYS00MTFlLWJhZmYtMzdhMzhiYzI5Y2U5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
IDANBgkqhkiG9w0BAQsFAAOCAQEAZ0uGVVgXRhwpbjzASeytRgd9pPt8MF6XEuYf
iwGSh00pV9iMArfAebLvy6jW/XzUHtUqSbXQwPDVDlctuXbU4Ih6GOBU1NdZsK28
EpdAt5UCaLTurEORPRPZGh0JxXp8qMj0UgpqyiDkOABlZAxBeiQJQIKvTH37M28B
+lo1Mgmc36QxU0RjEsWM2TzHlsugXuZx5zJkmJTX4SxNVv2MVoV2KHEvXETBmJ8c
XCy2Qg1Tu7AV8ZMCJGlu+voAbAQ9es/GBj7M84W5/xtDeNj5wVQJyBvyWgIWDqRz
6qzLcgUwgmEI1HPLdXLMDz9bfMT6i4yfsNLZH2d8U8+KTXWgwA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:49 2025 by rpki-client