Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
File: fc40321f-72c2-43a4-8c42-0e935f8f1943.roa (raw, json)
Hash identifier: mXhK/I13d/CUC/3Ue9du/RZe9hyPAN0/dwGy6HVEMZo=
Subject key identifier: 68:97:0A:50:45:D8:4B:96:D4:29:FE:08:AF:A0:66:DB:5C:03:91:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4BF82FFB00F820DCC4F3E419944CC07C0A4F0E0C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
Signing time: Fri 11 Jul 2025 19:01:28 +0000
ROA not before: Fri 11 Jul 2025 19:01:28 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:f8:2f:fb:00:f8:20:dc:c4:f3:e4:19:94:4c:c0:7c:0a:4f:0e:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:01:28 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=d24eb5c291fa342060cd93c4e1229e0ea029c9602386c5936cf872d85fd03502, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4b:7a:77:b4:0c:04:02:07:c4:6f:96:fc:59:
c5:a4:f3:8b:9b:a0:94:63:54:04:de:16:76:69:80:
31:02:93:f9:76:0b:67:c2:a4:cf:92:2a:58:bc:02:
59:db:05:24:6d:6b:b8:d6:ae:1e:4a:f2:90:6a:da:
0f:be:a4:77:c6:e1:ce:48:c5:64:cd:df:b8:4e:57:
f8:e7:52:9e:df:c7:03:77:7c:b4:40:98:19:f9:63:
5f:3b:a9:dc:52:18:ee:74:1e:99:c1:8d:82:a7:f8:
4a:5a:14:66:41:d8:ed:d1:86:3b:73:ad:f7:95:f8:
16:53:8b:f1:25:5c:b0:29:dd:bd:b9:db:54:f8:b5:
4f:7f:41:cb:66:46:62:14:33:0f:23:56:54:bd:46:
47:48:9e:ab:4a:2e:b8:88:5a:01:87:55:8e:b5:aa:
e6:c1:9a:66:37:a4:ae:79:0b:f6:cc:5a:2c:fc:a8:
41:2d:25:a3:fd:76:5e:c3:57:e2:ac:66:c6:6c:24:
b2:43:ba:91:d3:30:a1:d3:25:43:95:a3:ad:6e:0e:
97:b6:37:b1:8b:22:37:a1:20:ab:fd:f1:cc:5e:5c:
bd:7f:14:1f:56:c5:3b:05:41:d4:3f:38:bc:e4:59:
4a:a0:07:56:43:1c:82:68:20:02:de:1a:f3:27:6e:
2b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:97:0A:50:45:D8:4B:96:D4:29:FE:08:AF:A0:66:DB:5C:03:91:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
7d:d5:4e:f3:fd:d2:3b:7b:de:47:74:f8:5c:65:81:e0:db:76:
61:84:c9:54:4f:17:64:6d:30:74:8a:39:ad:23:04:a9:ef:ed:
b5:24:c2:17:2e:44:54:96:c4:f7:fa:c1:59:b7:d1:06:87:45:
82:27:44:73:0e:4f:b0:bd:ad:9b:83:da:b4:af:e1:4b:46:16:
89:5d:d0:5f:cf:d1:d5:16:26:34:4a:27:69:85:c6:89:0f:d5:
d2:bb:ed:62:18:ea:2a:09:2f:f0:80:0b:0c:57:9e:39:04:27:
7d:dc:8c:69:4d:2b:ca:61:91:38:54:f1:78:84:5f:0b:c3:2f:
ec:15:f9:d6:b0:47:24:b6:68:68:90:ae:15:0d:4d:7c:34:86:
26:c0:35:b2:e9:00:d2:af:af:5a:81:31:8e:5f:85:85:b1:15:
4d:5a:d5:b0:e6:33:12:01:36:c7:f0:76:93:14:47:11:45:08:
ed:8c:c1:d9:8b:be:8e:e8:e6:c1:e3:19:01:02:91:1d:e0:a9:
75:04:06:8b:c7:bc:0d:c0:63:21:cd:82:62:b6:7f:00:ce:66:
99:8c:12:e3:bc:25:4d:e8:68:3f:4d:5d:fb:01:f1:7a:83:73:
5d:2e:9b:de:ae:42:9a:c9:dc:28:e5:8a:00:16:0b:d7:e7:5e:
e1:54:03:9d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUS/gv+wD4INzE8+QZlEzAfApPDgwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTAxMjhaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyNGViNWMyOTFmYTM0MjA2MGNkOTNjNGUxMjI5ZTBlYTAyOWM5NjAyMzg2
YzU5MzZjZjg3MmQ4NWZkMDM1MDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9Lene0DAQCB8RvlvxZxaTzi5uglGNUBN4WdmmAMQKT+XYLZ8Kkz5IqWLwC
WdsFJG1ruNauHkrykGraD76kd8bhzkjFZM3fuE5X+OdSnt/HA3d8tECYGfljXzup
3FIY7nQemcGNgqf4SloUZkHY7dGGO3Ot95X4FlOL8SVcsCndvbnbVPi1T39By2ZG
YhQzDyNWVL1GR0ieq0ouuIhaAYdVjrWq5sGaZjekrnkL9sxaLPyoQS0lo/12XsNX
4qxmxmwkskO6kdMwodMlQ5WjrW4Ol7Y3sYsiN6Egq/3xzF5cvX8UH1bFOwVB1D84
vORZSqAHVkMcgmggAt4a8yduK0sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRolwpQ
RdhLltQp/givoGbbXAORuTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM0MDMyMWYtNzJjMi00M2E0LThjNDItMGU5MzVmOGYxOTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
wDANBgkqhkiG9w0BAQsFAAOCAQEAfdVO8/3SO3veR3T4XGWB4Nt2YYTJVE8XZG0w
dIo5rSMEqe/ttSTCFy5EVJbE9/rBWbfRBodFgidEcw5PsL2tm4PatK/hS0YWiV3Q
X8/R1RYmNEonaYXGiQ/V0rvtYhjqKgkv8IALDFeeOQQnfdyMaU0rymGROFTxeIRf
C8Mv7BX51rBHJLZoaJCuFQ1NfDSGJsA1sukA0q+vWoExjl+FhbEVTVrVsOYzEgE2
x/B2kxRHEUUI7YzB2Yu+jujmweMZAQKRHeCpdQQGi8e8DcBjIc2CYrZ/AM5mmYwS
47wlTehoP01d+wHxeoNzXS6b3q5CmsncKOWKABYL1+de4VQDnQ==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:47 2025 by rpki-client