Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
File: 0ca11d15-d37b-4319-9b90-152e667f85ef.roa (raw, json)
Hash identifier: WHWw2vik4QpmJCxluRoAddJ9kqv6ZpVFOTdML7LmIiw=
Subject key identifier: 46:77:F4:53:93:DA:39:27:2A:45:4A:EA:25:91:42:88:4C:A4:CF:C2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 457177EB504CBDC7D27136BA0FE78860F483A32C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
Signing time: Tue 05 Aug 2025 19:31:09 +0000
ROA not before: Tue 05 Aug 2025 19:31:09 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:71:77:eb:50:4c:bd:c7:d2:71:36:ba:0f:e7:88:60:f4:83:a3:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:31:09 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=389344dbfc44de66aaeca1868a367fc38eb0a56fe0cf9e5a3ebe7fed3b0f27d9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:30:e1:aa:29:d5:b5:f0:cc:ce:14:b1:2e:70:
61:f2:78:22:ed:a3:bd:d0:f6:74:31:9a:75:bf:0d:
04:47:cb:2e:dd:ea:67:93:55:7f:50:3b:74:16:18:
7b:d5:fa:47:bc:6e:b8:66:1f:39:ae:33:34:fc:0f:
34:54:a3:e1:c1:dc:09:29:3f:d9:19:5d:ae:88:ab:
30:0a:7b:e5:34:fe:fb:51:bc:e7:74:70:07:15:15:
45:7f:d6:8b:29:66:4a:0b:6b:45:89:7a:af:3c:de:
63:14:df:9e:4e:b7:73:99:e0:be:8a:78:17:4c:96:
80:0e:46:3d:30:89:88:5a:ba:93:44:df:b6:61:aa:
95:af:df:54:59:dc:cd:21:38:ea:e2:49:36:5c:29:
cb:f9:36:97:25:1b:5e:95:c7:f6:dd:af:5d:c0:d4:
e5:50:1f:98:d6:76:ea:17:92:ea:2f:67:7c:9d:48:
84:85:92:d8:0a:82:39:9b:a7:68:46:30:87:fe:e9:
6c:34:74:76:9f:d8:c4:71:0c:69:27:0d:7c:07:2f:
6d:ee:dc:ec:19:ed:2a:ee:6b:91:59:a5:40:e3:95:
f8:0b:d6:cd:ab:5d:38:0e:34:87:47:08:e1:98:76:
00:69:5f:5f:74:25:66:13:3d:bc:74:1a:99:7e:e8:
74:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:77:F4:53:93:DA:39:27:2A:45:4A:EA:25:91:42:88:4C:A4:CF:C2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6000::/40
Signature Algorithm: sha256WithRSAEncryption
68:84:30:8a:5d:f4:00:f6:83:f7:e6:46:70:30:06:f3:d6:b7:
e3:03:ef:c6:a8:9c:ae:11:8b:ca:3a:e5:1c:66:98:17:bc:c1:
3c:45:1c:16:95:88:d5:a2:44:30:1d:57:ee:2f:0d:02:ae:6a:
46:75:a9:e3:89:4c:8c:52:4d:02:19:12:41:2a:f4:ca:b4:5c:
28:f4:8a:94:ad:cb:bd:2f:7c:a2:05:fa:22:93:3f:b0:de:c5:
d8:d6:60:c4:31:d4:d3:25:1e:9e:47:30:f6:f3:1c:cf:3f:4c:
b3:22:59:f0:da:2b:1c:bf:d1:dc:de:dc:8a:0b:d3:45:7b:79:
49:19:29:b0:fa:01:9f:d9:df:d6:8d:50:09:4f:6d:11:46:62:
e3:28:30:a4:74:7a:d8:1f:a1:b0:7d:09:e0:31:6a:d4:a4:78:
9c:71:ec:1d:f4:d7:a0:a6:bf:1a:12:d8:2f:90:12:9c:9a:52:
87:e7:28:cd:52:24:95:64:9c:04:32:23:20:b8:89:6c:4b:98:
c5:a6:f5:d4:9e:70:98:e0:4e:84:e0:15:90:f5:76:05:7e:11:
9e:21:d1:5e:14:85:21:fb:fe:5b:be:a2:8f:8c:29:0d:b2:22:
4b:60:3b:5d:89:a5:4c:d8:1e:cf:4c:27:52:a0:f6:0f:4e:d3:
d9:03:a4:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURXF361BMvcfScTa6D+eIYPSDoywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMxMDlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4OTM0NGRiZmM0NGRlNjZhYWVjYTE4NjhhMzY3ZmMzOGViMGE1NmZlMGNm
OWU1YTNlYmU3ZmVkM2IwZjI3ZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUw4aop1bXwzM4UsS5wYfJ4Iu2jvdD2dDGadb8NBEfLLt3qZ5NVf1A7dBYY
e9X6R7xuuGYfOa4zNPwPNFSj4cHcCSk/2RldroirMAp75TT++1G853RwBxUVRX/W
iylmSgtrRYl6rzzeYxTfnk63c5ngvop4F0yWgA5GPTCJiFq6k0TftmGqla/fVFnc
zSE46uJJNlwpy/k2lyUbXpXH9t2vXcDU5VAfmNZ26heS6i9nfJ1IhIWS2AqCOZun
aEYwh/7pbDR0dp/YxHEMaScNfAcvbe7c7BntKu5rkVmlQOOV+AvWzatdOA40h0cI
4Zh2AGlfX3QlZhM9vHQamX7odJECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRGd/RT
k9o5JypFSuolkUKITKTPwjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGNhMTFkMTUtZDM3Yi00MzE5LTliOTAtMTUyZTY2N2Y4NWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1g
MA0GCSqGSIb3DQEBCwUAA4IBAQBohDCKXfQA9oP35kZwMAbz1rfjA+/GqJyuEYvK
OuUcZpgXvME8RRwWlYjVokQwHVfuLw0CrmpGdanjiUyMUk0CGRJBKvTKtFwo9IqU
rcu9L3yiBfoikz+w3sXY1mDEMdTTJR6eRzD28xzPP0yzIlnw2iscv9Hc3tyKC9NF
e3lJGSmw+gGf2d/WjVAJT20RRmLjKDCkdHrYH6GwfQngMWrUpHiccewd9Negpr8a
EtgvkBKcmlKH5yjNUiSVZJwEMiMguIlsS5jFpvXUnnCY4E6E4BWQ9XYFfhGeIdFe
FIUh+/5bvqKPjCkNsiJLYDtdiaVM2B7PTCdSoPYPTtPZA6Sc
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:33 2025 by rpki-client