Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa
File: da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa (raw, json)
Hash identifier: DdcNKQQLrB/vm1di0+HUGZlm0AAE8We3p8nJ/FtnpuU=
Subject key identifier: CF:25:28:05:0E:9D:D6:90:64:DC:BD:C7:30:06:E9:A3:C9:7C:9A:A5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E502C48DF69E93AFED50002EFCE90CCE3797627
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa
Signing time: Fri 01 Aug 2025 17:10:25 +0000
ROA not before: Fri 01 Aug 2025 17:10:25 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:50:2c:48:df:69:e9:3a:fe:d5:00:02:ef:ce:90:cc:e3:79:76:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:10:25 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=3ac2725c4c2da05ffd82882510a9453be10d98321c20f46efae4ad23c26197d5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d1:d8:a5:69:55:78:4c:99:c6:0e:c1:5b:2c:
b2:e0:ab:fd:63:a3:33:e7:74:6d:bb:ea:37:bb:8a:
a1:28:46:5f:f2:20:27:fa:5e:01:47:d6:12:64:db:
2d:d1:5f:fd:fd:04:bc:7a:d4:6c:5d:d9:03:a6:14:
dd:25:6f:5c:0a:d1:bb:d7:8b:3a:72:41:9a:28:19:
84:14:68:bf:76:60:54:32:2f:13:74:1a:03:8d:19:
f1:6f:5d:91:35:ae:40:b6:53:c5:72:72:42:27:47:
55:59:bf:54:6a:bc:30:f5:d7:b4:0d:26:bb:70:7d:
03:42:32:3a:b4:c9:74:ee:ca:b7:a5:a4:83:67:16:
88:42:26:09:f8:27:46:35:37:31:2b:dd:43:42:a2:
62:30:f4:e7:8e:5b:d6:4b:0a:62:5e:fc:f7:8d:6f:
e2:c2:41:59:02:86:31:2d:70:4e:0e:6c:f6:bc:10:
77:3f:e7:7e:5f:f3:1e:d6:a9:0e:56:d4:5d:63:1e:
d4:dc:68:3d:1a:cd:b2:d2:72:77:53:b5:f7:67:ae:
1c:fd:81:ef:65:53:7e:ad:a4:2e:be:db:87:81:54:
4e:66:dd:4e:b3:1c:44:9f:80:76:f2:9f:f4:93:b4:
54:c9:61:10:70:76:6c:e4:31:2f:c4:5e:53:06:b6:
27:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:25:28:05:0E:9D:D6:90:64:DC:BD:C7:30:06:E9:A3:C9:7C:9A:A5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:880::/48
Signature Algorithm: sha256WithRSAEncryption
54:80:d7:8c:9b:48:24:3e:62:b0:f1:30:bc:eb:2d:ae:e8:e2:
e4:53:d3:cc:32:ec:b7:8e:87:30:1c:ac:40:e4:bb:f7:aa:bc:
03:fc:35:a4:15:d3:02:82:0b:85:cb:d4:91:3d:8b:f9:44:ff:
52:a7:73:12:d5:14:18:84:a2:59:63:5f:56:bf:68:16:e4:0f:
e0:a8:73:ce:0e:d2:59:cd:e6:72:9f:9d:ba:b7:01:5d:c9:54:
c3:6f:47:48:40:4c:bc:6c:19:6a:3c:14:6e:95:e4:f5:9f:d9:
fc:1b:cd:7d:d3:34:ed:00:2d:ea:68:17:0c:31:a1:d0:82:5c:
9f:45:aa:ca:14:dd:f1:2f:c0:83:5b:b3:8c:8f:a8:10:17:f3:
28:b8:75:67:16:46:5b:a6:32:7e:5b:93:cb:f1:09:b1:fa:63:
37:9b:da:3b:87:6b:4f:80:75:35:76:6f:37:c6:5d:2e:18:9d:
84:1a:8f:58:67:1c:64:ab:a5:ee:ca:2a:b2:57:43:c3:6a:6f:
65:f4:68:a7:a2:c5:06:41:60:46:13:d7:b8:e1:4f:62:49:b8:
70:84:ae:05:9b:f1:12:cd:5c:a9:93:f4:c9:89:21:6c:3b:e2:
89:ec:8e:7a:85:58:4d:f9:d1:b7:e8:33:3d:89:af:4e:7e:c3:
32:b5:6d:05
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDlAsSN9p6Tr+1QAC786QzON5dicwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzEwMjVaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhYzI3MjVjNGMyZGEwNWZmZDgyODgyNTEwYTk0NTNiZTEwZDk4MzIxYzIw
ZjQ2ZWZhZTRhZDIzYzI2MTk3ZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzR2KVpVXhMmcYOwVsssuCr/WOjM+d0bbvqN7uKoShGX/IgJ/peAUfWEmTb
LdFf/f0EvHrUbF3ZA6YU3SVvXArRu9eLOnJBmigZhBRov3ZgVDIvE3QaA40Z8W9d
kTWuQLZTxXJyQidHVVm/VGq8MPXXtA0mu3B9A0IyOrTJdO7Kt6Wkg2cWiEImCfgn
RjU3MSvdQ0KiYjD0545b1ksKYl78941v4sJBWQKGMS1wTg5s9rwQdz/nfl/zHtap
DlbUXWMe1NxoPRrNstJyd1O192euHP2B72VTfq2kLr7bh4FUTmbdTrMcRJ+AdvKf
9JO0VMlhEHB2bOQxL8ReUwa2J28CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTPJSgF
Dp3WkGTcvccwBumjyXyapTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGE3YjhjNGUtZWUwYS00NWNkLWI2ZTMtN2JhY2Y4YTllMmYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I
gDANBgkqhkiG9w0BAQsFAAOCAQEAVIDXjJtIJD5isPEwvOstruji5FPTzDLst46H
MBysQOS796q8A/w1pBXTAoILhcvUkT2L+UT/UqdzEtUUGISiWWNfVr9oFuQP4Khz
zg7SWc3mcp+durcBXclUw29HSEBMvGwZajwUbpXk9Z/Z/BvNfdM07QAt6mgXDDGh
0IJcn0WqyhTd8S/Ag1uzjI+oEBfzKLh1ZxZGW6YyfluTy/EJsfpjN5vaO4drT4B1
NXZvN8ZdLhidhBqPWGccZKul7soqsldDw2pvZfRop6LFBkFgRhPXuOFPYkm4cISu
BZvxEs1cqZP0yYkhbDviieyOeoVYTfnRt+gzPYmvTn7DMrVtBQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:21 2025 by rpki-client