Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
File: fbd3a3af-f307-4148-9e34-70199540a838.roa (raw, json)
Hash identifier: 0aBW3abQCEvfYhZO6KtI6WdIcHi8Hsh4eJfQdflZb4w=
Subject key identifier: 12:DF:99:7E:0C:A4:8D:A4:94:39:71:6D:86:55:61:E6:10:FB:45:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 638FF2521D991224503CF4B5204ED0646DE295A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
Signing time: Fri 11 Jul 2025 19:21:24 +0000
ROA not before: Fri 11 Jul 2025 19:21:24 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:8f:f2:52:1d:99:12:24:50:3c:f4:b5:20:4e:d0:64:6d:e2:95:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:21:24 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=b311e20d382bb4f5d5b4b4948f585acf311f3621fc0cf5e418e93a570f111b95, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e2:0d:3c:c6:c4:43:16:7c:6e:3e:ac:da:16:
88:05:f5:5e:73:d0:94:29:5a:57:f6:05:7f:8a:f8:
57:00:b7:9a:4f:54:07:6c:15:83:a5:37:3f:98:2b:
e2:a9:79:87:48:5c:86:9e:b4:f7:ad:c7:4a:1f:1f:
97:8b:75:14:50:91:97:8c:2d:90:2f:21:82:4f:70:
41:14:85:14:f0:48:cf:aa:24:11:53:98:99:0a:8c:
8f:ed:e5:a1:33:ce:8b:83:60:5a:a2:9b:52:68:16:
2a:b8:bf:60:96:17:42:33:3e:9b:93:95:40:ac:2f:
37:c5:cf:ea:96:18:b7:bc:b2:60:34:84:94:ff:71:
02:a9:29:82:27:0a:87:f4:77:b6:ef:bb:11:af:fb:
ee:34:be:f0:28:ef:19:76:90:97:8e:36:36:a6:39:
26:4b:ef:d3:9b:17:3e:38:01:9e:2d:8a:9d:24:ab:
69:84:c8:01:27:f1:db:95:d9:cd:7a:fa:ed:ce:17:
eb:88:06:8a:3d:a6:fe:32:22:2e:3b:56:7a:c8:4d:
9c:37:1b:21:ca:f7:5b:8a:39:16:fb:9b:81:aa:ba:
3a:c6:be:f1:99:69:ca:6d:db:e0:74:1b:48:d0:9c:
df:20:de:9a:33:9b:fd:7c:4a:7c:8f:85:e9:7f:ce:
0a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:DF:99:7E:0C:A4:8D:A4:94:39:71:6D:86:55:61:E6:10:FB:45:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:b000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:55:4f:8e:d2:be:1a:ae:16:86:a2:13:61:24:24:1b:f8:25:
9b:4f:65:ba:11:b8:d8:eb:a4:7d:47:1b:6a:65:9a:74:e1:b0:
99:72:2b:d9:03:16:13:16:71:4a:de:08:d0:22:de:a6:d4:41:
a3:f6:42:ce:50:10:12:9f:d4:32:84:af:3f:76:ad:52:0c:4d:
f2:8a:bc:26:ad:3c:8c:26:46:a6:8e:a2:4f:a5:7e:da:a3:c2:
67:1b:5a:90:da:15:95:c2:87:f7:ae:5d:c5:16:60:8e:63:ab:
a5:7d:9f:d4:f6:d7:80:17:64:fe:79:e2:fe:b4:8e:09:db:af:
93:96:2e:34:6a:d5:22:fd:c6:2f:bb:30:44:cf:8c:a9:df:3f:
c4:3f:c0:01:92:10:17:b5:52:dd:a4:f3:c4:de:b9:14:9d:8f:
82:53:fa:3e:9b:67:7a:5f:f3:09:89:c3:e6:db:2b:ba:47:75:
5b:fb:4e:b4:17:05:35:28:a4:b4:cc:7e:b4:be:f8:3a:6d:43:
6c:1e:f5:6f:ba:b2:e4:dc:12:a5:80:ef:0f:66:36:2d:5d:11:
4c:30:3e:a0:66:79:27:0b:dd:bf:64:0e:ca:ec:c2:e9:1c:7e:
15:8a:8c:88:c4:b0:67:50:56:7e:d9:5d:22:d9:46:88:3a:35:
1f:d1:93:d9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY4/yUh2ZEiRQPPS1IE7QZG3ilaAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIxMjRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzMTFlMjBkMzgyYmI0ZjVkNWI0YjQ5NDhmNTg1YWNmMzExZjM2MjFmYzBj
ZjVlNDE4ZTkzYTU3MGYxMTFiOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDiDTzGxEMWfG4+rNoWiAX1XnPQlClaV/YFf4r4VwC3mk9UB2wVg6U3P5gr
4ql5h0hchp60963HSh8fl4t1FFCRl4wtkC8hgk9wQRSFFPBIz6okEVOYmQqMj+3l
oTPOi4NgWqKbUmgWKri/YJYXQjM+m5OVQKwvN8XP6pYYt7yyYDSElP9xAqkpgicK
h/R3tu+7Ea/77jS+8CjvGXaQl442NqY5Jkvv05sXPjgBni2KnSSraYTIASfx25XZ
zXr67c4X64gGij2m/jIiLjtWeshNnDcbIcr3W4o5Fvubgaq6Osa+8Zlpym3b4HQb
SNCc3yDemjOb/XxKfI+F6X/OCjcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQS35l+
DKSNpJQ5cW2GVWHmEPtFkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmJkM2EzYWYtZjMwNy00MTQ4LTllMzQtNzAxOTk1NDBhODM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Diw
MA0GCSqGSIb3DQEBCwUAA4IBAQDBVU+O0r4arhaGohNhJCQb+CWbT2W6EbjY66R9
RxtqZZp04bCZcivZAxYTFnFK3gjQIt6m1EGj9kLOUBASn9QyhK8/dq1SDE3yirwm
rTyMJkamjqJPpX7ao8JnG1qQ2hWVwof3rl3FFmCOY6ulfZ/U9teAF2T+eeL+tI4J
26+Tli40atUi/cYvuzBEz4yp3z/EP8ABkhAXtVLdpPPE3rkUnY+CU/o+m2d6X/MJ
icPm2yu6R3Vb+060FwU1KKS0zH60vvg6bUNsHvVvurLk3BKlgO8PZjYtXRFMMD6g
ZnknC92/ZA7K7MLpHH4VioyIxLBnUFZ+2V0i2UaIOjUf0ZPZ
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:44:36 2025 by rpki-client