Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
File: fec4786d-f73f-4e64-99a3-0377bdf5c566.roa (raw, json)
Hash identifier: xIQwsXHDbP/64356tyPmNXwLHcsMbIi4IKeAdR+6Trg=
Subject key identifier: E4:15:6B:CA:2E:D9:71:50:27:0D:5B:A5:E2:FB:3B:F8:66:75:49:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C5FBB8DDA331CD03778105F69F97E5B1D1DD4FC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
Signing time: Fri 11 Jul 2025 20:50:54 +0000
ROA not before: Fri 11 Jul 2025 20:50:54 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02e::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:5f:bb:8d:da:33:1c:d0:37:78:10:5f:69:f9:7e:5b:1d:1d:d4:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:50:54 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a0be1e4a0341c04baec058c013995249ae05a030a546f618df332402cdcbb1a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f7:c5:f9:aa:61:e3:dc:04:f7:77:83:ed:ef:
35:d9:d1:2a:35:ff:26:9d:1f:a7:2d:57:45:86:7d:
01:26:ae:54:90:80:4d:4e:04:ff:ee:c5:2d:2d:66:
2d:ac:09:0d:6f:1f:4e:e8:12:5d:ab:d6:30:3d:57:
14:f9:2c:7e:d6:33:c3:8a:ea:f5:33:f6:20:1f:a9:
de:fa:6a:31:85:53:75:f6:95:11:61:7c:7b:d0:15:
9c:45:57:98:55:e7:f8:5a:8b:79:83:41:1d:56:48:
14:5f:ae:13:af:2c:cb:86:22:57:58:b1:78:b5:68:
fe:9f:0a:f7:3f:ea:54:96:ca:90:04:21:34:e8:66:
99:80:b6:82:f9:6d:c2:d3:30:80:19:6a:ef:ee:a7:
ba:58:72:80:0a:ad:4d:f7:74:0b:f3:c7:84:eb:ed:
be:08:a1:73:4d:d1:64:94:8a:03:bb:86:e1:95:b0:
ce:47:c2:56:0e:1d:7d:8c:ca:3b:63:79:ce:27:a4:
89:58:28:8f:42:22:87:d9:bc:0a:56:02:7b:0b:29:
95:ee:85:bf:41:a9:60:fe:eb:3a:ce:f8:65:3e:8d:
48:f0:cf:b7:d5:6c:0d:4b:7a:d8:2b:4b:00:06:e9:
e7:0b:ae:fe:4d:b4:bb:3c:27:b0:b5:dd:07:39:3f:
c9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:15:6B:CA:2E:D9:71:50:27:0D:5B:A5:E2:FB:3B:F8:66:75:49:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fec4786d-f73f-4e64-99a3-0377bdf5c566.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02e::/36
Signature Algorithm: sha256WithRSAEncryption
1e:62:bc:ac:66:de:d5:cc:45:a2:9b:fb:48:01:e9:3f:03:a9:
f5:c4:ff:a4:04:a2:f7:d1:3c:79:1f:7c:87:33:8b:ab:f8:43:
7b:a1:ac:b9:f0:00:ac:18:3c:08:b4:b2:f2:62:ab:8f:93:51:
1e:e4:f9:14:1e:2f:73:23:b3:d2:d8:44:bf:6e:21:1a:cf:c0:
62:1d:4b:0d:5a:67:28:56:1f:7e:ed:8a:5a:76:d5:db:65:35:
a5:71:6e:e7:bd:ef:b4:5e:16:30:5b:d2:84:62:78:45:4b:37:
b1:a6:1a:5c:88:a7:eb:a2:46:54:4d:5b:02:d0:37:97:ab:13:
a6:16:f0:ab:ca:3f:96:4e:23:df:98:41:68:bf:c2:21:9c:3c:
e9:43:5e:69:0f:ba:b6:f6:50:27:69:c9:fb:e9:39:e5:e5:e0:
a0:a5:38:dc:5c:81:f4:d6:dc:80:47:af:ed:5d:83:10:f8:7b:
a1:41:e7:7a:57:e3:98:57:49:8a:eb:7e:95:86:ad:bc:04:bf:
5a:7e:10:3c:9d:f8:06:5e:a1:a2:59:a1:cd:aa:ea:05:77:83:
a0:b8:af:1a:50:0b:fe:d2:75:05:a4:ba:13:ce:b1:70:8e:7d:
1a:2f:d5:6b:41:8a:ee:14:59:f6:47:32:b0:f2:b0:ed:a8:ba:
ba:4a:7c:4d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfF+7jdozHNA3eBBfafl+Wx0d1PwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDUwNTRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwYmUxZTRhMDM0MWMwNGJhZWMwNThjMDEzOTk1MjQ5YWUwNWEwMzBhNTQ2
ZjYxOGRmMzMyNDAyY2RjYmIxYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALz3xfmqYePcBPd3g+3vNdnRKjX/Jp0fpy1XRYZ9ASauVJCATU4E/+7FLS1m
LawJDW8fTugSXavWMD1XFPksftYzw4rq9TP2IB+p3vpqMYVTdfaVEWF8e9AVnEVX
mFXn+FqLeYNBHVZIFF+uE68sy4YiV1ixeLVo/p8K9z/qVJbKkAQhNOhmmYC2gvlt
wtMwgBlq7+6nulhygAqtTfd0C/PHhOvtvgihc03RZJSKA7uG4ZWwzkfCVg4dfYzK
O2N5ziekiVgoj0Iih9m8ClYCewsple6Fv0GpYP7rOs74ZT6NSPDPt9VsDUt62CtL
AAbp5wuu/k20uzwnsLXdBzk/ybkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTkFWvK
LtlxUCcNW6Xi+zv4ZnVJbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmVjNDc4NmQtZjczZi00ZTY0LTk5YTMtMDM3N2JkZjVjNTY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C4A
MA0GCSqGSIb3DQEBCwUAA4IBAQAeYrysZt7VzEWim/tIAek/A6n1xP+kBKL30Tx5
H3yHM4ur+EN7oay58ACsGDwItLLyYquPk1Ee5PkUHi9zI7PS2ES/biEaz8BiHUsN
WmcoVh9+7YpadtXbZTWlcW7nve+0XhYwW9KEYnhFSzexphpciKfrokZUTVsC0DeX
qxOmFvCryj+WTiPfmEFov8IhnDzpQ15pD7q29lAnacn76Tnl5eCgpTjcXIH01tyA
R6/tXYMQ+HuhQed6V+OYV0mK636Vhq28BL9afhA8nfgGXqGiWaHNquoFd4OguK8a
UAv+0nUFpLoTzrFwjn0aL9VrQYruFFn2RzKw8rDtqLq6SnxN
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:34:40 2025 by rpki-client