Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
File: f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa (raw, json)
Hash identifier: zjjtQ95cSW9q90oi89CdmR6ydB0KyG4jRc/+FFL4eHs=
Subject key identifier: AD:1C:69:29:EA:FE:F8:24:57:73:AD:67:0F:81:82:33:75:38:D9:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1FA0685A229956EAAF5161522574D5CC94564CFD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
Signing time: Fri 11 Jul 2025 18:40:09 +0000
ROA not before: Fri 11 Jul 2025 18:40:09 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:a0:68:5a:22:99:56:ea:af:51:61:52:25:74:d5:cc:94:56:4c:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:40:09 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=ff7c6b2dca925fa4436f4e2a3332f53fbe52b965710e3e04feabfa24ef201632, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9b:ba:78:d7:ed:92:ff:08:52:d0:7c:d3:d8:
ff:3b:20:b4:02:c6:1e:ec:7a:fb:0d:39:61:d0:ba:
bd:e5:56:fe:c6:c9:ce:79:4c:f2:25:78:14:54:3f:
29:9e:a4:22:ce:f6:0c:bc:d4:94:25:87:4e:b9:eb:
91:2e:1b:e1:66:b1:67:7c:ea:f2:fc:4b:e5:d0:36:
3a:cd:e7:0b:39:8f:f1:87:f0:39:a0:22:ff:59:e3:
92:dd:dd:9e:1f:82:f3:ae:18:36:75:20:97:86:aa:
1c:e6:15:40:d0:64:0c:c9:3d:49:e2:ac:30:e5:22:
77:01:4c:0c:f8:64:7c:3e:d9:e2:a4:47:d1:c8:78:
4a:e1:8e:e4:bb:d7:ee:c5:e3:1c:63:52:7d:83:d0:
6b:77:28:ef:2b:c8:48:02:8d:6c:6b:08:ab:dc:61:
95:8d:26:96:29:e9:77:28:9d:41:01:05:ca:6b:8e:
c2:d8:d0:bd:55:a8:a0:84:64:23:97:e9:b6:1f:7f:
8d:01:5e:0f:21:1d:6d:ca:28:29:4c:70:14:81:29:
58:e0:fc:88:f2:3d:08:b1:b1:b4:e5:63:89:77:09:
6e:35:0e:ab:32:f5:bf:ce:36:6b:ca:df:83:b4:05:
20:db:60:f2:83:20:00:9b:c0:13:83:72:dd:fc:87:
d6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:1C:69:29:EA:FE:F8:24:57:73:AD:67:0F:81:82:33:75:38:D9:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6040::/48
Signature Algorithm: sha256WithRSAEncryption
4e:ec:9e:d3:08:cc:46:99:51:98:30:ee:57:97:67:91:57:78:
6b:1d:e0:12:59:8f:ea:16:91:c3:06:16:93:e1:11:7b:c5:5f:
f0:68:86:74:8a:57:38:00:36:dc:49:a5:fc:46:34:c7:ec:3f:
da:88:e8:bc:c3:38:eb:0f:18:e9:31:98:70:ec:2a:81:e7:52:
fa:c4:0a:29:44:67:c2:84:30:65:7f:5d:49:f4:b3:3b:69:4f:
18:8e:a9:08:47:a1:1b:58:41:a9:ce:3c:69:7c:b7:40:f2:f3:
08:f7:b7:2c:01:b3:bc:7e:fd:1b:29:dd:d2:5b:a5:b6:e9:0f:
39:67:14:bd:52:96:8e:6e:69:d1:b5:8a:71:b2:07:bc:c4:72:
a7:0c:d4:4f:41:c3:f5:55:94:a9:7e:38:1f:49:ea:0d:76:c2:
c2:20:b7:6c:59:8a:82:e0:e3:9d:97:e6:89:b3:2f:47:07:91:
a9:bc:1b:65:2d:aa:97:7a:53:2f:da:e4:af:5a:46:c4:d0:73:
c6:50:e2:e0:8a:95:e7:f0:03:53:f8:0a:89:57:93:37:1e:8e:
b7:58:95:96:27:b7:99:90:87:be:7f:84:c8:dd:ab:8f:c4:2e:
b6:1b:ff:28:c7:98:af:08:38:57:4c:c3:4b:48:6c:26:f6:2e:
5b:77:4c:a0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUH6BoWiKZVuqvUWFSJXTVzJRWTP0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQwMDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmN2M2YjJkY2E5MjVmYTQ0MzZmNGUyYTMzMzJmNTNmYmU1MmI5NjU3MTBl
M2UwNGZlYWJmYTI0ZWYyMDE2MzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMybunjX7ZL/CFLQfNPY/zsgtALGHux6+w05YdC6veVW/sbJznlM8iV4FFQ/
KZ6kIs72DLzUlCWHTrnrkS4b4WaxZ3zq8vxL5dA2Os3nCzmP8YfwOaAi/1njkt3d
nh+C864YNnUgl4aqHOYVQNBkDMk9SeKsMOUidwFMDPhkfD7Z4qRH0ch4SuGO5LvX
7sXjHGNSfYPQa3co7yvISAKNbGsIq9xhlY0mlinpdyidQQEFymuOwtjQvVWooIRk
I5fpth9/jQFeDyEdbcooKUxwFIEpWOD8iPI9CLGxtOVjiXcJbjUOqzL1v842a8rf
g7QFINtg8oMgAJvAE4Ny3fyH1kUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBStHGkp
6v74JFdzrWcPgYIzdTjZkjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjVlNjQ5MzgtZmMyZC00OTcxLWIyZGEtYWFiYzlmZTU1NmZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
QDANBgkqhkiG9w0BAQsFAAOCAQEATuye0wjMRplRmDDuV5dnkVd4ax3gElmP6haR
wwYWk+ERe8Vf8GiGdIpXOAA23Eml/EY0x+w/2ojovMM46w8Y6TGYcOwqgedS+sQK
KURnwoQwZX9dSfSzO2lPGI6pCEehG1hBqc48aXy3QPLzCPe3LAGzvH79Gynd0lul
tukPOWcUvVKWjm5p0bWKcbIHvMRypwzUT0HD9VWUqX44H0nqDXbCwiC3bFmKguDj
nZfmibMvRweRqbwbZS2ql3pTL9rkr1pGxNBzxlDi4IqV5/ADU/gKiVeTNx6Ot1iV
lie3mZCHvn+EyN2rj8Quthv/KMeYrwg4V0zDS0hsJvYuW3dMoA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:37 2025 by rpki-client