Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
File: fc452689-b0a6-4816-a48a-8c8854d225f8.roa (raw, json)
Hash identifier: o7gG7WVilo1Pk4MFpSJfyT1v5wWU1pMHvZmEok3ZKbY=
Subject key identifier: 38:CA:EB:37:02:C3:3A:87:5E:32:A8:89:2D:23:BE:C4:85:EE:59:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3930B9CA0EA5D8478483BC4E6922FA50BC6C0152
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
Signing time: Mon 30 Jun 2025 17:50:54 +0000
ROA not before: Mon 30 Jun 2025 17:50:54 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:30:b9:ca:0e:a5:d8:47:84:83:bc:4e:69:22:fa:50:bc:6c:01:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 17:50:54 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=cd460619197c2687b44a2e04400f393003f9b5665d03ae72b71f6667eb86e4d2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:6b:f6:75:d0:79:3b:96:34:c0:2e:a7:58:27:
f2:64:8d:7f:a0:25:41:f6:a3:99:d4:fc:8a:39:d1:
f6:41:46:95:fa:ea:aa:fc:e7:a2:0c:32:db:81:d9:
a6:c9:a3:79:bb:f5:4b:42:6e:57:10:f8:71:6a:1d:
b8:ef:8e:26:a9:a2:c8:0a:a0:77:f5:bd:7d:da:31:
ac:fe:6f:80:bf:57:4d:45:50:65:42:74:8a:85:ee:
b7:42:a0:c1:b9:12:76:bc:80:f0:c6:d5:81:2e:1f:
19:be:cc:c3:a6:e1:9c:3f:58:7f:32:60:9d:ee:50:
7d:f2:19:c2:18:66:ce:3c:64:4a:a4:78:94:d2:e6:
8c:a6:1c:7d:5c:63:69:56:37:92:ab:50:8d:85:a2:
9d:1b:f5:cf:b7:f8:1d:7a:14:ce:71:8c:05:b2:f9:
8c:be:e3:71:b0:a8:75:d9:9d:77:45:67:79:85:11:
c8:f6:c9:c9:4c:6b:ff:ac:86:21:9f:98:6a:73:03:
13:c3:49:d3:ee:c2:df:30:b6:1c:77:4b:d3:58:7e:
49:80:0f:63:89:9b:f6:0b:d0:74:7a:9b:54:f3:fa:
55:dd:42:47:f9:3a:7b:44:f3:1e:8c:41:f5:58:96:
48:06:fd:ea:36:e0:c9:77:6f:34:ce:31:78:c6:2d:
81:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:CA:EB:37:02:C3:3A:87:5E:32:A8:89:2D:23:BE:C4:85:EE:59:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c000::/40
Signature Algorithm: sha256WithRSAEncryption
20:4a:42:f4:55:0c:e5:08:94:56:10:23:27:d4:33:44:47:5c:
75:5a:cb:be:39:81:6c:ca:e4:cf:da:87:9a:29:63:0f:e0:f8:
49:0f:2b:8f:6d:9e:e6:6c:81:09:9f:40:af:98:d1:26:e7:aa:
d2:bf:22:8e:73:46:67:e4:a1:bc:84:7f:67:ef:ad:1b:f2:8f:
f8:9b:cd:46:1e:8d:f0:cc:b8:1a:4a:d0:4b:20:d7:2d:08:ec:
94:73:6e:51:53:f0:2b:32:a0:6c:e2:11:31:7d:c0:da:29:cb:
81:d8:09:16:52:64:71:0b:35:76:1a:39:f5:7b:f7:95:ae:af:
c2:6e:13:45:92:c7:88:d2:de:10:a0:43:3e:d5:d9:2b:33:54:
54:20:35:ad:1f:db:ff:21:80:1a:b9:3b:8c:dd:2c:9e:62:e3:
e2:68:9d:fa:42:b0:fa:74:8b:a4:6d:5d:da:e0:31:3a:ed:25:
c1:83:6e:70:e4:b5:3e:b0:f7:50:28:1b:87:7b:8c:5f:f5:65:
29:05:d7:93:ef:0e:58:6b:34:86:2f:3a:dd:7e:91:bc:85:27:
e8:79:2b:99:35:ae:1b:45:9b:39:b2:41:ee:7b:d0:df:6a:e4:
e5:a6:2c:ba:6b:86:32:de:9b:ec:73:82:81:c2:af:44:07:4a:
29:1d:56:94
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOTC5yg6l2EeEg7xOaSL6ULxsAVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxNzUwNTRaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkNDYwNjE5MTk3YzI2ODdiNDRhMmUwNDQwMGYzOTMwMDNmOWI1NjY1ZDAz
YWU3MmI3MWY2NjY3ZWI4NmU0ZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOBr9nXQeTuWNMAup1gn8mSNf6AlQfajmdT8ijnR9kFGlfrqqvznogwy24HZ
psmjebv1S0JuVxD4cWoduO+OJqmiyAqgd/W9fdoxrP5vgL9XTUVQZUJ0ioXut0Kg
wbkSdryA8MbVgS4fGb7Mw6bhnD9YfzJgne5QffIZwhhmzjxkSqR4lNLmjKYcfVxj
aVY3kqtQjYWinRv1z7f4HXoUznGMBbL5jL7jcbCoddmdd0VneYURyPbJyUxr/6yG
IZ+YanMDE8NJ0+7C3zC2HHdL01h+SYAPY4mb9gvQdHqbVPP6Vd1CR/k6e0TzHoxB
9ViWSAb96jbgyXdvNM4xeMYtgdkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ4yus3
AsM6h14yqIktI77Ehe5ZZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM0NTI2ODktYjBhNi00ODE2LWE0OGEtOGM4ODU0ZDIyNWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTA
MA0GCSqGSIb3DQEBCwUAA4IBAQAgSkL0VQzlCJRWECMn1DNER1x1Wsu+OYFsyuTP
2oeaKWMP4PhJDyuPbZ7mbIEJn0CvmNEm56rSvyKOc0Zn5KG8hH9n760b8o/4m81G
Ho3wzLgaStBLINctCOyUc25RU/ArMqBs4hExfcDaKcuB2AkWUmRxCzV2Gjn1e/eV
rq/CbhNFkseI0t4QoEM+1dkrM1RUIDWtH9v/IYAauTuM3SyeYuPiaJ36QrD6dIuk
bV3a4DE67SXBg25w5LU+sPdQKBuHe4xf9WUpBdeT7w5YazSGLzrdfpG8hSfoeSuZ
Na4bRZs5skHue9DfauTlpiy6a4Yy3pvsc4KBwq9EB0opHVaU
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:47 2025 by rpki-client