Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa
File: 8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa (raw, json)
Hash identifier: y+jm4ivV/RYnJQBs5QGH2xZbSC7mkp9DxlGGeLzKYWc=
Subject key identifier: 4D:6F:0E:8B:A8:B7:F9:77:D5:95:1C:77:92:B8:AE:AB:36:8D:57:EB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43DD3CBA748EEBA80C65B14BA84CBDAB111E6813
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa
Signing time: Thu 26 Jun 2025 19:38:48 +0000
ROA not before: Thu 26 Jun 2025 19:38:48 +0000
ROA not after: Thu 31 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:9040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:dd:3c:ba:74:8e:eb:a8:0c:65:b1:4b:a8:4c:bd:ab:11:1e:68:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 26 19:38:48 2025 GMT
Not After : Jul 31 23:59:59 2025 GMT
Subject: serialNumber=af3311ef3dbe0669a4011ce028dd0da5aaef12d429a55f5a65833bfe370e4ec4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:81:76:fd:97:1d:8e:c1:62:f5:2b:38:d4:67:
2b:29:38:31:16:27:66:b5:92:1d:6e:e3:10:69:d4:
c4:2e:9a:46:e8:bf:05:0d:be:a2:94:12:79:5e:e0:
42:ac:c8:d2:07:f5:cd:de:b0:5e:09:7f:fa:6a:d3:
af:4b:5e:5b:18:be:c9:68:70:b7:63:88:b5:e1:66:
1f:39:be:a4:d0:47:ad:dd:60:23:51:e9:8f:0a:00:
44:61:b6:26:38:ec:85:9d:b1:6c:f5:0e:a6:10:33:
29:50:5c:1d:c0:1d:ef:15:0b:74:48:68:72:36:fd:
74:47:f6:25:9a:4f:dc:8c:a8:df:b1:a1:b9:c3:ff:
9f:09:66:a5:86:c4:75:8c:06:1b:3e:b9:49:aa:5c:
27:8c:18:35:91:d2:f9:4d:51:23:57:12:56:18:ac:
c6:2b:98:39:72:02:f3:8e:e1:49:07:d0:33:2d:64:
dd:06:13:d9:bc:20:f1:f8:de:fa:f7:07:d5:9d:ae:
52:80:7b:f1:f9:ad:89:36:24:d5:2b:cc:e2:3d:c0:
d5:c1:eb:eb:a5:c1:2b:7a:da:ef:33:f1:b6:7d:da:
ec:08:45:cb:be:56:17:6d:e0:52:18:18:45:76:8f:
2c:ce:d9:76:e8:25:c8:d2:94:44:21:00:a7:f3:52:
c2:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:6F:0E:8B:A8:B7:F9:77:D5:95:1C:77:92:B8:AE:AB:36:8D:57:EB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:9040::/46
Signature Algorithm: sha256WithRSAEncryption
be:90:a8:aa:6b:ee:46:2d:98:f5:2f:85:e6:8a:68:a2:af:d0:
ed:de:ba:a7:a2:4d:72:9e:a2:cc:1e:73:12:a2:16:f7:3a:77:
3f:57:8a:c0:98:60:61:da:15:4b:89:9f:5e:07:5c:ed:8a:98:
f5:52:cb:db:24:31:8e:96:21:5f:ed:ae:c0:f6:ac:37:d4:68:
1a:5e:77:2a:b4:0d:81:3e:81:63:fa:61:c6:82:27:2b:64:e3:
6e:24:a2:92:56:91:31:a2:49:49:79:3b:3e:d0:26:db:2f:38:
e4:45:73:2c:03:1c:16:41:c1:a4:b2:e7:f1:85:79:9a:d1:6e:
a2:68:a1:4f:12:be:80:f2:e6:9a:cc:85:ac:7d:19:e3:7a:d6:
02:86:6d:a7:40:ad:f6:f8:8f:da:fe:35:61:ff:65:6b:a7:8d:
df:b2:d5:26:83:58:71:21:42:db:b1:43:30:fd:bc:03:1c:58:
d4:d1:d7:97:7c:eb:ed:56:d6:9e:4a:e0:f8:22:7d:cc:a4:c9:
81:85:5c:11:79:80:6e:e9:c1:20:68:41:7a:b7:8b:1a:e3:4f:
6c:d2:56:65:f8:96:c3:42:38:72:b2:61:63:d8:17:85:d0:00:
0d:d2:7d:e8:5c:12:24:f2:6a:d8:c9:c1:5a:1a:7f:2d:ae:44:
f1:5a:9d:38
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQ908unSO66gMZbFLqEy9qxEeaBMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MjYxOTM4NDhaFw0yNTA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmMzMxMWVmM2RiZTA2NjlhNDAxMWNlMDI4ZGQwZGE1YWFlZjEyZDQyOWE1
NWY1YTY1ODMzYmZlMzcwZTRlYzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCBdv2XHY7BYvUrONRnKyk4MRYnZrWSHW7jEGnUxC6aRui/BQ2+opQSeV7g
QqzI0gf1zd6wXgl/+mrTr0teWxi+yWhwt2OIteFmHzm+pNBHrd1gI1HpjwoARGG2
JjjshZ2xbPUOphAzKVBcHcAd7xULdEhocjb9dEf2JZpP3Iyo37GhucP/nwlmpYbE
dYwGGz65SapcJ4wYNZHS+U1RI1cSVhisxiuYOXIC847hSQfQMy1k3QYT2bwg8fje
+vcH1Z2uUoB78fmtiTYk1SvM4j3A1cHr66XBK3ra7zPxtn3a7AhFy75WF23gUhgY
RXaPLM7ZduglyNKURCEAp/NSwpkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRNbw6L
qLf5d9WVHHeSuK6rNo1X6zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODUxOGI4MWQtYzcwMC00ZDNmLThlZjQtNWFiZThkMzQ4ZDNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAvpCoqmvuRi2Y9S+F5opooq/Q7d66p6JNcp6i
zB5zEqIW9zp3P1eKwJhgYdoVS4mfXgdc7YqY9VLL2yQxjpYhX+2uwPasN9RoGl53
KrQNgT6BY/phxoInK2TjbiSiklaRMaJJSXk7PtAm2y845EVzLAMcFkHBpLLn8YV5
mtFuomihTxK+gPLmmsyFrH0Z43rWAoZtp0Ct9viP2v41Yf9la6eN37LVJoNYcSFC
27FDMP28AxxY1NHXl3zr7VbWnkrg+CJ9zKTJgYVcEXmAbunBIGhBereLGuNPbNJW
ZfiWw0I4crJhY9gXhdAADdJ96FwSJPJq2MnBWhp/La5E8VqdOA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:51:20 2025 by rpki-client