Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
File: f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa (raw, json)
Hash identifier: M71QNFumEXuTYZuwYklAUmP0acAcYCCKkJ/4ib/1Uek=
Subject key identifier: 25:5F:DB:53:A6:57:42:09:E9:43:D9:A4:96:49:61:2F:4D:75:42:DA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D7307B9D1654883525EAC43C15301817D161D40
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
Signing time: Fri 11 Jul 2025 20:40:37 +0000
ROA not before: Fri 11 Jul 2025 20:40:37 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:73:07:b9:d1:65:48:83:52:5e:ac:43:c1:53:01:81:7d:16:1d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:40:37 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=cf49dc92d4ca3fecb3e99371e35e51c2ec693ae2c9b3996419cb7f9b528efac8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:58:8c:4a:13:bc:ae:2e:94:85:97:f3:1c:c5:
8b:9c:3f:7b:1c:48:a4:72:05:fb:44:39:24:dc:54:
ef:df:9f:a5:6b:41:43:16:72:60:30:79:4a:f5:48:
1f:e3:b8:8f:d0:b3:f7:ef:2b:f7:bf:42:8b:63:e6:
06:c3:e2:4e:c8:56:6d:05:f8:85:70:72:b4:d7:06:
46:3b:69:5e:16:65:39:48:db:01:20:b5:38:f1:c3:
62:ee:09:e6:85:37:5a:28:d2:27:e4:9c:bd:bb:74:
44:42:e7:90:32:89:31:a0:84:fb:34:76:3b:0b:62:
3a:30:d6:a5:b8:86:e6:48:cb:bd:79:c3:aa:9a:0b:
e4:c4:35:56:77:33:ae:49:9b:41:9b:06:cd:bd:44:
9e:c0:c7:b2:3c:13:f3:06:07:8d:28:a5:56:79:c5:
b6:96:5a:8e:4e:a6:ad:78:1a:5c:68:a2:1f:d3:0d:
0b:5e:21:24:79:97:8b:60:40:62:6c:f8:b2:a9:49:
28:57:25:ca:5f:91:c2:bb:ba:ad:32:cf:a9:f3:c5:
2d:36:b7:04:bf:fa:8d:c4:11:a5:60:82:3d:4f:59:
54:fc:eb:62:50:07:6a:34:8a:68:1b:2a:db:ad:fa:
0b:da:e4:42:6f:75:ea:cd:5f:ae:1c:3a:d0:f4:a8:
99:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:5F:DB:53:A6:57:42:09:E9:43:D9:A4:96:49:61:2F:4D:75:42:DA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019::/36
Signature Algorithm: sha256WithRSAEncryption
3b:23:64:db:7b:33:2b:fa:e8:7a:e9:df:6c:bf:90:43:a2:e4:
b4:b2:e6:0d:6b:ad:41:ee:e1:61:ae:03:6a:45:55:83:e9:7f:
fd:20:f1:49:9a:39:9d:ff:c9:f1:55:76:13:66:e2:c9:af:31:
9e:65:0d:11:28:2f:2d:4e:a9:61:cc:a3:3c:0e:6a:7a:59:50:
d4:8e:0b:84:60:63:e6:a3:3b:16:25:c5:5c:76:05:f5:47:64:
91:c4:42:16:8c:47:70:a2:69:2d:ab:b9:5e:0a:13:27:50:dd:
77:7f:ba:03:cf:11:b4:69:7c:5c:f0:ad:6b:38:de:c3:60:28:
e3:f4:6b:e1:43:be:8d:cd:6a:57:e6:da:28:7a:d8:98:bc:81:
65:e7:cb:94:ca:99:7a:07:34:f4:ca:b6:51:1a:70:b3:38:1d:
c6:b0:b9:ba:78:32:df:ed:36:a6:1e:ba:4c:ac:43:82:93:0e:
f7:90:a9:1e:7d:7e:fc:95:42:2c:1d:be:e7:39:86:4f:f2:28:
48:4a:c8:d7:d5:38:ff:a8:3f:76:53:ab:dd:3f:c9:de:3d:51:
62:7a:0f:bf:ae:db:36:7e:bf:c0:d1:53:26:1f:1e:98:9a:ba:
71:a6:99:cf:d1:0d:b9:7d:9b:b7:dc:ce:4a:11:c1:1f:6e:32:
31:05:d8:47
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbXMHudFlSINSXqxDwVMBgX0WHUAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQwMzdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmNDlkYzkyZDRjYTNmZWNiM2U5OTM3MWUzNWU1MWMyZWM2OTNhZTJjOWIz
OTk2NDE5Y2I3ZjliNTI4ZWZhYzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9YjEoTvK4ulIWX8xzFi5w/exxIpHIF+0Q5JNxU79+fpWtBQxZyYDB5SvVI
H+O4j9Cz9+8r979Ci2PmBsPiTshWbQX4hXBytNcGRjtpXhZlOUjbASC1OPHDYu4J
5oU3WijSJ+Scvbt0RELnkDKJMaCE+zR2OwtiOjDWpbiG5kjLvXnDqpoL5MQ1Vncz
rkmbQZsGzb1EnsDHsjwT8wYHjSilVnnFtpZajk6mrXgaXGiiH9MNC14hJHmXi2BA
Ymz4sqlJKFclyl+Rwru6rTLPqfPFLTa3BL/6jcQRpWCCPU9ZVPzrYlAHajSKaBsq
2636C9rkQm916s1frhw60PSomRMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQlX9tT
pldCCelD2aSWSWEvTXVC2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdmY2NjMmEtYWE4YS00Y2JjLTg5ZDctZDZhOGNhMTIxYmEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BkA
MA0GCSqGSIb3DQEBCwUAA4IBAQA7I2TbezMr+uh66d9sv5BDouS0suYNa61B7uFh
rgNqRVWD6X/9IPFJmjmd/8nxVXYTZuLJrzGeZQ0RKC8tTqlhzKM8Dmp6WVDUjguE
YGPmozsWJcVcdgX1R2SRxEIWjEdwomktq7leChMnUN13f7oDzxG0aXxc8K1rON7D
YCjj9GvhQ76NzWpX5tooetiYvIFl58uUypl6BzT0yrZRGnCzOB3GsLm6eDLf7Tam
HrpMrEOCkw73kKkefX78lUIsHb7nOYZP8ihISsjX1Tj/qD92U6vdP8nePVFieg+/
rts2fr/A0VMmHx6YmrpxppnP0Q25fZu33M5KEcEfbjIxBdhH
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:19 2025 by rpki-client