Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c47d9bf7-3e9b-4ad5-958a-dde7cadfa89f.roa
File: c47d9bf7-3e9b-4ad5-958a-dde7cadfa89f.roa (raw, json)
Hash identifier: Pw6AMcVOqjYYIyOp60eFUsjwOiWZt0vWJoQ47QQFANE=
Subject key identifier: 21:30:E0:FF:72:DA:8C:A0:09:63:B5:D6:1F:DB:4A:2F:8D:B1:AA:F6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71C0D1A61C3C20977684E80573333785F20F2DEB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c47d9bf7-3e9b-4ad5-958a-dde7cadfa89f.roa
Signing time: Mon 21 Jul 2025 16:50:50 +0000
ROA not before: Mon 21 Jul 2025 16:50:50 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:40c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:c0:d1:a6:1c:3c:20:97:76:84:e8:05:73:33:37:85:f2:0f:2d:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:50:50 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=cfefcd1418b34f638404c33bfbd748bdad771e0eb41ef22a9f84d210f87f8604, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2e:34:ec:42:5a:59:f1:86:75:9a:79:5f:ad:
a8:e7:76:bf:e2:9c:10:82:6d:a7:00:44:62:83:33:
3c:79:2a:b9:b2:91:ab:ae:24:e0:d3:52:74:e8:08:
72:41:2c:7b:d1:94:4d:b1:79:cd:53:d5:89:2a:e7:
85:84:76:af:4c:aa:78:65:38:40:2f:cb:bb:ca:48:
a0:a1:30:1b:b1:a3:fc:c9:8c:08:a9:2e:a7:59:d3:
89:02:2a:46:8a:3a:e8:e1:02:d4:9a:a2:14:eb:f8:
1d:ce:a5:c4:ae:1e:c2:9a:3a:3f:c9:a9:28:2d:98:
8a:b1:94:cd:dc:4f:ad:9e:2a:d4:0f:79:76:c4:5c:
a5:76:6d:55:2a:5f:bb:2a:0b:2a:ac:be:01:06:e9:
d6:72:9e:e5:56:71:32:26:09:91:3d:87:e3:b3:3e:
2c:7b:e7:85:cf:56:8e:4b:b8:c5:64:5c:6e:63:81:
cd:5e:0c:8a:c1:b1:85:be:43:66:05:df:53:02:f4:
76:ec:02:d7:c6:ee:67:cd:ab:8c:31:8a:c1:88:3c:
01:c3:df:91:7c:91:f6:d4:70:06:7a:e7:ea:29:5b:
1b:93:16:4f:8d:db:62:90:22:ff:96:1d:71:3e:97:
9a:0d:c5:c4:79:1f:e3:42:fa:6b:58:25:8c:f7:4b:
72:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:30:E0:FF:72:DA:8C:A0:09:63:B5:D6:1F:DB:4A:2F:8D:B1:AA:F6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c47d9bf7-3e9b-4ad5-958a-dde7cadfa89f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:40c0::/46
Signature Algorithm: sha256WithRSAEncryption
22:72:8f:ce:21:8e:c4:48:3e:13:b9:bf:b4:5d:c7:f7:a3:1b:
fc:b7:a4:f4:e4:42:3f:2e:c4:14:8b:de:4a:19:ba:50:db:c6:
e1:8f:51:74:95:8a:47:9c:1b:82:30:ca:a7:53:78:3a:34:be:
71:84:6a:8a:a6:25:8f:99:ce:e1:ae:a7:87:07:52:88:07:ca:
03:13:51:10:41:39:53:c5:2b:e7:b9:24:6f:58:bf:77:fe:04:
d2:b3:fb:f2:50:37:d8:0a:ef:33:77:75:11:29:eb:ca:3b:9e:
7c:da:6f:f6:32:d5:a3:9b:0d:28:b1:f3:c2:10:91:bb:ca:56:
26:7a:ad:e7:ef:68:55:f1:8b:2d:f0:a3:97:5f:61:56:f8:c2:
49:cf:ef:e8:6b:43:1f:9d:cc:6b:89:72:56:d6:b0:65:ba:06:
e8:12:c0:b8:1e:be:9d:3b:be:68:38:b0:35:03:ba:e1:28:6a:
48:6e:90:4c:81:8f:7f:a3:0e:c0:bf:3d:67:fe:2a:85:e7:6b:
75:28:2d:26:14:46:62:bc:01:44:91:64:99:a7:5a:4d:ea:d8:
25:80:07:90:d5:26:ea:ea:21:15:f0:28:e0:97:e4:f5:f2:45:
a9:aa:22:1f:62:57:1e:08:ca:fc:b1:c0:af:76:8f:26:b5:07:
bd:a3:9f:0d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUccDRphw8IJd2hOgFczM3hfIPLeswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjUwNTBaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmZWZjZDE0MThiMzRmNjM4NDA0YzMzYmZiZDc0OGJkYWQ3NzFlMGViNDFl
ZjIyYTlmODRkMjEwZjg3Zjg2MDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJEuNOxCWlnxhnWaeV+tqOd2v+KcEIJtpwBEYoMzPHkqubKRq64k4NNSdOgI
ckEse9GUTbF5zVPViSrnhYR2r0yqeGU4QC/Lu8pIoKEwG7Gj/MmMCKkup1nTiQIq
Roo66OEC1JqiFOv4Hc6lxK4ewpo6P8mpKC2YirGUzdxPrZ4q1A95dsRcpXZtVSpf
uyoLKqy+AQbp1nKe5VZxMiYJkT2H47M+LHvnhc9Wjku4xWRcbmOBzV4MisGxhb5D
ZgXfUwL0duwC18buZ82rjDGKwYg8AcPfkXyR9tRwBnrn6ilbG5MWT43bYpAi/5Yd
cT6Xmg3FxHkf40L6a1gljPdLcvUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQhMOD/
ctqMoAljtdYf20ovjbGq9jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzQ3ZDliZjctM2U5Yi00YWQ1LTk1OGEtZGRlN2NhZGZhODlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNA
wDANBgkqhkiG9w0BAQsFAAOCAQEAInKPziGOxEg+E7m/tF3H96Mb/Lek9ORCPy7E
FIveShm6UNvG4Y9RdJWKR5wbgjDKp1N4OjS+cYRqiqYlj5nO4a6nhwdSiAfKAxNR
EEE5U8Ur57kkb1i/d/4E0rP78lA32ArvM3d1ESnryjuefNpv9jLVo5sNKLHzwhCR
u8pWJnqt5+9oVfGLLfCjl19hVvjCSc/v6GtDH53Ma4lyVtawZboG6BLAuB6+nTu+
aDiwNQO64ShqSG6QTIGPf6MOwL89Z/4qhedrdSgtJhRGYrwBRJFkmadaTerYJYAH
kNUm6uohFfAo4Jfk9fJFqaoiH2JXHgjK/LHAr3aPJrUHvaOfDQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:14 2025 by rpki-client