Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b35b46ca-e9e4-4035-b6e5-e098ff8fe794.roa
File: b35b46ca-e9e4-4035-b6e5-e098ff8fe794.roa (raw, json)
Hash identifier: Je5sUSGc4JBNzifPgQihnGharHH5u863w6PEG4o533Y=
Subject key identifier: 0D:71:10:B1:E5:F4:E5:19:5F:AE:B5:67:BB:35:D5:B7:2F:70:34:68
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24BCEEAACD533EE5944148D69F0F437B7D18FE8B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b35b46ca-e9e4-4035-b6e5-e098ff8fe794.roa
Signing time: Mon 21 Jul 2025 16:51:02 +0000
ROA not before: Mon 21 Jul 2025 16:51:02 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:4020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:bc:ee:aa:cd:53:3e:e5:94:41:48:d6:9f:0f:43:7b:7d:18:fe:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:51:02 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=24a4edae09fde8d23e17f969bf56b35fa891f7d78de2f290cfcd91126b7b043a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b9:41:61:57:bb:3c:87:8d:ae:7b:e0:19:a4:
1d:48:de:8b:fa:49:48:02:11:46:d6:89:ee:28:78:
6d:79:65:f6:b4:5e:24:c3:6a:80:5c:89:d7:87:e5:
35:cc:c0:ea:5a:2e:4b:24:13:d8:ae:cc:f1:81:40:
90:f5:c9:14:d8:eb:1e:b7:aa:d2:15:06:4c:10:fc:
4a:5e:3a:01:c8:f2:97:51:ee:92:1d:e0:20:b7:1c:
b5:59:6c:38:ac:cb:bf:24:1c:51:d2:25:14:06:41:
d0:df:06:1d:68:36:e4:d8:a1:2f:06:f2:c8:09:60:
97:a2:9c:90:53:13:00:df:0e:96:8c:f6:94:81:c2:
67:e2:24:75:15:8e:fe:1a:5d:1e:69:6a:37:cb:e0:
5a:b7:ae:30:a3:90:64:94:8c:f3:61:28:a8:4c:b5:
30:df:c0:1c:39:cf:ed:76:ca:9d:c8:49:e7:1a:ad:
20:01:2a:14:de:7a:ef:7e:9c:7d:4b:fa:f4:68:c0:
cf:a1:6c:74:30:7a:b9:19:34:23:d6:d5:1a:dc:99:
6c:bc:0c:29:fa:21:88:18:50:ce:5f:fb:3f:fc:b2:
f4:f9:79:3c:f4:e2:bd:e1:79:fe:7b:74:89:ec:61:
03:9d:5d:c2:c1:60:fc:39:7c:f3:e2:3f:be:a9:87:
fc:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:71:10:B1:E5:F4:E5:19:5F:AE:B5:67:BB:35:D5:B7:2F:70:34:68
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b35b46ca-e9e4-4035-b6e5-e098ff8fe794.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:4020::/46
Signature Algorithm: sha256WithRSAEncryption
ad:3b:12:9a:ee:b9:d9:95:91:c3:e0:3e:79:44:83:c6:63:95:
ab:dd:7e:ad:23:98:fd:de:dc:73:a6:2d:05:2c:bb:4a:da:55:
12:f0:24:f0:63:eb:a6:31:c2:a7:d8:0a:35:6a:4b:06:8b:54:
3e:f8:8f:11:e3:97:89:8e:9a:57:c4:4e:8a:da:a1:5c:af:50:
ee:8a:c5:05:39:c9:32:df:c5:9a:b5:1c:43:e4:ac:10:e8:7f:
38:d1:5f:5d:88:84:6d:49:b6:9a:b8:07:22:92:41:03:47:ec:
8e:ab:5a:16:05:e9:a5:71:a5:c1:73:49:73:ce:f8:f5:fe:e5:
d8:b9:0e:8a:71:2c:3f:11:fd:ff:7a:5b:55:3f:63:5e:a9:c9:
88:33:7a:e8:ca:ac:c3:d6:35:b0:ee:d8:d1:b8:04:79:63:4e:
55:a1:7d:5d:d2:4f:72:0d:b0:7d:ae:f5:1b:78:6d:85:77:75:
75:d4:2e:8e:78:cd:3b:26:36:fd:6b:9c:aa:ea:9c:db:bb:ba:
87:e9:68:4d:7e:45:17:c7:7e:d2:a8:10:92:03:33:1b:30:9e:
d1:c9:8a:61:ab:10:3b:be:a4:f0:6e:a4:78:0f:e0:7e:98:fa:
a9:6c:04:7e:55:2c:93:b7:fd:62:3c:62:64:49:72:9e:e2:15:
a3:36:a2:68
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJLzuqs1TPuWUQUjWnw9De30Y/oswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjUxMDJaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0YTRlZGFlMDlmZGU4ZDIzZTE3Zjk2OWJmNTZiMzVmYTg5MWY3ZDc4ZGUy
ZjI5MGNmY2Q5MTEyNmI3YjA0M2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMu5QWFXuzyHja574BmkHUjei/pJSAIRRtaJ7ih4bXll9rReJMNqgFyJ14fl
NczA6louSyQT2K7M8YFAkPXJFNjrHreq0hUGTBD8Sl46Acjyl1Hukh3gILcctVls
OKzLvyQcUdIlFAZB0N8GHWg25NihLwbyyAlgl6KckFMTAN8Oloz2lIHCZ+IkdRWO
/hpdHmlqN8vgWreuMKOQZJSM82EoqEy1MN/AHDnP7XbKnchJ5xqtIAEqFN56736c
fUv69GjAz6FsdDB6uRk0I9bVGtyZbLwMKfohiBhQzl/7P/yy9Pl5PPTiveF5/nt0
iexhA51dwsFg/Dl88+I/vqmH/IsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQNcRCx
5fTlGV+utWe7NdW3L3A0aDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjM1YjQ2Y2EtZTllNC00MDM1LWI2ZTUtZTA5OGZmOGZlNzk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNA
IDANBgkqhkiG9w0BAQsFAAOCAQEArTsSmu652ZWRw+A+eUSDxmOVq91+rSOY/d7c
c6YtBSy7StpVEvAk8GPrpjHCp9gKNWpLBotUPviPEeOXiY6aV8ROitqhXK9Q7orF
BTnJMt/FmrUcQ+SsEOh/ONFfXYiEbUm2mrgHIpJBA0fsjqtaFgXppXGlwXNJc874
9f7l2LkOinEsPxH9/3pbVT9jXqnJiDN66Mqsw9Y1sO7Y0bgEeWNOVaF9XdJPcg2w
fa71G3hthXd1ddQujnjNOyY2/Wucquqc27u6h+loTX5FF8d+0qgQkgMzGzCe0cmK
YasQO76k8G6keA/gfpj6qWwEflUsk7f9YjxiZElynuIVozaiaA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:37 2025 by rpki-client