Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
File: fad76837-d6e1-4885-9781-3088c0b0c06c.roa (raw, json)
Hash identifier: gyAtlsS/lJc2pfZ8dytbPVPxLg7CcdsMaQ0p0/2ILhU=
Subject key identifier: 3C:BB:A5:AD:FA:D0:DA:16:54:2E:BD:9A:14:0B:83:55:7B:3D:AD:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C3E4AEC31932C6F789CD3DD7AF3A7E445B0D35B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
Signing time: Sat 12 Jul 2025 00:51:31 +0000
ROA not before: Sat 12 Jul 2025 00:51:31 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:3e:4a:ec:31:93:2c:6f:78:9c:d3:dd:7a:f3:a7:e4:45:b0:d3:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:51:31 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=053be1f66d40a594e9c865d73ac6d789a5d0a8b778b2571d4e858e0cfe39f2dc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:93:99:0b:8a:a3:04:c6:1c:40:40:7f:e8:19:
1d:de:5d:e3:d0:2a:24:b4:c3:89:80:cc:72:69:ac:
19:e6:d1:46:76:6e:c0:63:f7:ec:9b:7f:bc:22:38:
11:c6:43:14:58:2f:59:fc:de:a9:95:95:7b:8d:52:
66:98:df:ea:be:df:2b:7d:14:a6:3f:7d:5d:ee:53:
19:71:9c:26:68:59:d8:66:7d:26:f9:29:b8:26:08:
06:b0:11:fc:09:0f:5f:df:8a:84:f1:f8:2d:13:f9:
96:11:87:5b:c6:61:fe:06:0e:5a:9d:ae:2b:48:d1:
15:35:83:c2:cf:8e:ae:c3:57:ed:24:61:3d:de:cf:
f8:74:96:d8:36:f9:f0:2c:d5:5e:d1:c3:d4:01:fc:
47:78:99:22:77:66:46:63:2b:b6:b0:d4:2e:2e:b6:
f4:01:84:c6:03:2f:37:08:33:36:be:c9:f8:dd:7d:
bc:cc:81:c8:22:4e:58:b7:39:d2:78:90:a9:e9:23:
88:c2:dd:e0:a7:26:5c:c7:7f:ed:34:b0:5a:be:24:
e9:95:25:43:86:af:57:fa:17:dc:96:82:6b:ae:a6:
ff:7b:7a:df:3b:d4:11:b2:b3:2f:7d:e3:46:43:bd:
ea:99:2d:1e:cb:ec:49:2a:58:31:5b:16:f3:36:25:
35:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:BB:A5:AD:FA:D0:DA:16:54:2E:BD:9A:14:0B:83:55:7B:3D:AD:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:6000::/40
Signature Algorithm: sha256WithRSAEncryption
ca:64:eb:d0:7e:9a:4b:12:22:ec:a4:2e:0d:86:1a:32:b9:3d:
af:aa:be:30:c5:0b:f6:ac:02:95:97:b3:1b:8f:be:63:75:69:
09:de:6e:c4:b3:2c:0e:2e:2a:40:7c:61:5b:4a:1c:33:31:9c:
42:a9:40:4c:05:60:a1:b1:a5:fe:55:a8:bf:a4:81:5b:52:6b:
49:60:4e:06:62:ce:f2:3b:8e:8c:bf:eb:5b:b3:df:39:ff:f8:
e6:66:46:1e:94:2c:8b:ef:1c:e4:3b:46:9b:01:53:3d:bb:7b:
93:0a:a5:89:f3:f1:3f:ff:b1:d5:af:4c:93:60:e1:9a:56:bf:
7e:47:5a:94:f8:54:a7:10:4e:2a:77:5c:d5:0b:f4:eb:83:19:
a4:b8:39:e2:b6:41:5f:cf:4b:3b:f2:c1:89:9a:c9:6a:6f:d2:
25:0a:5f:e1:31:18:45:5d:b3:ad:6f:f7:12:fc:53:66:bd:6c:
f9:3e:c1:8b:e0:7f:f7:a0:0e:ec:2d:be:56:31:c7:f7:c5:c7:
f0:4e:c1:07:1a:01:be:34:64:e1:b8:51:69:ed:13:78:65:71:
30:2a:45:2c:93:df:2f:73:0d:d1:7a:cc:78:f0:df:ee:18:00:
6d:f7:aa:98:1d:86:fd:06:a5:5f:0a:a7:97:a6:da:69:1e:de:
70:74:87:8c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfD5K7DGTLG94nNPdevOn5EWw01swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUxMzFaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1M2JlMWY2NmQ0MGE1OTRlOWM4NjVkNzNhYzZkNzg5YTVkMGE4Yjc3OGIy
NTcxZDRlODU4ZTBjZmUzOWYyZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANeTmQuKowTGHEBAf+gZHd5d49AqJLTDiYDMcmmsGebRRnZuwGP37Jt/vCI4
EcZDFFgvWfzeqZWVe41SZpjf6r7fK30Upj99Xe5TGXGcJmhZ2GZ9JvkpuCYIBrAR
/AkPX9+KhPH4LRP5lhGHW8Zh/gYOWp2uK0jRFTWDws+OrsNX7SRhPd7P+HSW2Db5
8CzVXtHD1AH8R3iZIndmRmMrtrDULi629AGExgMvNwgzNr7J+N19vMyByCJOWLc5
0niQqekjiMLd4KcmXMd/7TSwWr4k6ZUlQ4avV/oX3JaCa66m/3t63zvUEbKzL33j
RkO96pktHsvsSSpYMVsW8zYlNQkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ8u6Wt
+tDaFlQuvZoUC4NVez2tqjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmFkNzY4MzctZDZlMS00ODg1LTk3ODEtMzA4OGMwYjBjMDZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dhg
MA0GCSqGSIb3DQEBCwUAA4IBAQDKZOvQfppLEiLspC4NhhoyuT2vqr4wxQv2rAKV
l7Mbj75jdWkJ3m7EsywOLipAfGFbShwzMZxCqUBMBWChsaX+Vai/pIFbUmtJYE4G
Ys7yO46Mv+tbs985//jmZkYelCyL7xzkO0abAVM9u3uTCqWJ8/E//7HVr0yTYOGa
Vr9+R1qU+FSnEE4qd1zVC/TrgxmkuDnitkFfz0s78sGJmslqb9IlCl/hMRhFXbOt
b/cS/FNmvWz5PsGL4H/3oA7sLb5WMcf3xcfwTsEHGgG+NGThuFFp7RN4ZXEwKkUs
k98vcw3Resx48N/uGABt96qYHYb9BqVfCqeXptppHt5wdIeM
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:36:43 2025 by rpki-client