Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8feef1e-9058-4b34-a7f2-24e5e044fea2.roa
File: e8feef1e-9058-4b34-a7f2-24e5e044fea2.roa (raw, json)
Hash identifier: DN0Hr43uzNhDC6eKHGz7YSGFrQtY15n9MGAz/AIXOiI=
Subject key identifier: 7B:07:78:D0:2B:48:60:1F:1C:69:1E:28:C1:64:C7:9B:F9:67:A2:54
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C6A2767BFA94155796334A42C013B4DF285B28A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8feef1e-9058-4b34-a7f2-24e5e044fea2.roa
Signing time: Fri 25 Jul 2025 16:50:08 +0000
ROA not before: Fri 25 Jul 2025 16:50:08 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:6a:27:67:bf:a9:41:55:79:63:34:a4:2c:01:3b:4d:f2:85:b2:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:50:08 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=a9fafd10ad78e471765bfa3dc883d0e2a3c92e8b19451ae5ecd20e6e034ae805, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9e:29:ce:2c:8a:e4:5b:df:8d:73:25:4a:53:
23:90:81:5a:9b:15:1d:9a:d4:40:3e:ae:3e:2a:60:
67:46:e4:96:33:c8:9e:63:88:b6:34:d0:30:5a:0a:
e2:e8:87:6b:01:0c:bf:0a:a5:41:a4:22:fe:4d:92:
d3:17:d1:fb:1f:b1:39:38:6d:1e:d4:a1:56:f5:e5:
30:3e:fe:85:d2:02:44:0b:6c:0f:46:76:dc:6b:ea:
95:15:31:c9:86:0f:68:f6:89:8b:65:8b:00:21:d9:
20:30:fd:b1:71:2c:15:ba:b1:19:59:f7:e3:5f:c4:
01:da:22:5d:25:a4:8c:a6:da:7e:1e:a9:5c:65:81:
ed:e4:1f:55:ab:eb:5d:1b:ef:a0:99:d6:90:f2:0a:
8b:50:9b:2c:8f:74:d9:12:70:d4:51:90:ef:b1:05:
97:cf:d9:d2:33:78:d8:49:45:18:d4:47:03:b5:ce:
9f:1c:ff:d8:7e:90:7e:cd:61:17:72:f0:57:64:e2:
53:b6:76:59:6d:4b:9e:09:80:57:19:02:2b:46:3c:
9a:4c:5e:ff:5f:db:9e:1c:54:f8:7c:b6:2a:29:6f:
81:59:da:f4:5d:8d:5a:e8:e9:82:4e:8b:a9:df:61:
14:6a:36:49:72:79:f4:85:56:57:00:64:ec:2e:43:
11:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:07:78:D0:2B:48:60:1F:1C:69:1E:28:C1:64:C7:9B:F9:67:A2:54
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8feef1e-9058-4b34-a7f2-24e5e044fea2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:e000::/40
Signature Algorithm: sha256WithRSAEncryption
89:eb:19:61:96:53:c3:2b:ba:7e:38:25:16:31:8f:8e:69:9c:
79:7c:c9:07:30:23:66:ba:f6:c7:21:5c:91:e1:d9:10:7d:a3:
35:17:bd:f3:9c:40:3b:20:f9:26:ce:4b:bc:5c:2e:cf:28:70:
42:9a:cc:4b:17:32:8a:6d:6b:a7:e3:2a:f3:db:6b:a0:18:af:
60:10:f3:99:30:8a:48:08:68:cd:b7:aa:6d:74:e9:7b:51:c7:
57:c4:ec:fa:43:49:8d:d2:ac:03:51:6d:31:af:7c:a3:77:6c:
0d:07:4c:f8:8d:7a:3c:e6:47:22:a9:a1:40:db:01:05:15:a1:
bd:93:17:93:c8:02:2f:fa:7c:da:d9:37:e5:37:a6:e1:ab:a0:
e6:f8:9f:6a:0c:77:5d:dc:1b:45:5d:24:d6:ef:c5:2e:eb:85:
3d:7f:c6:45:33:7d:82:89:7c:53:68:49:e3:c7:c7:6b:36:23:
7e:b8:99:a3:10:dc:3d:da:11:ef:39:9e:46:3a:66:62:e1:7a:
9b:21:f6:ba:81:c8:ee:4a:f8:8f:0c:8c:46:5e:b5:6a:e8:91:
8a:34:9f:25:66:e0:f0:bb:42:15:f7:2e:a5:23:cc:a5:75:eb:
14:bd:d7:1e:e8:18:36:c3:6b:4b:56:35:f5:3b:f4:7b:03:b4:
ed:f2:0b:e1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTGonZ7+pQVV5YzSkLAE7TfKFsoowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUwMDhaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5ZmFmZDEwYWQ3OGU0NzE3NjViZmEzZGM4ODNkMGUyYTNjOTJlOGIxOTQ1
MWFlNWVjZDIwZTZlMDM0YWU4MDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyeKc4siuRb341zJUpTI5CBWpsVHZrUQD6uPipgZ0bkljPInmOItjTQMFoK
4uiHawEMvwqlQaQi/k2S0xfR+x+xOThtHtShVvXlMD7+hdICRAtsD0Z23GvqlRUx
yYYPaPaJi2WLACHZIDD9sXEsFbqxGVn341/EAdoiXSWkjKbafh6pXGWB7eQfVavr
XRvvoJnWkPIKi1CbLI902RJw1FGQ77EFl8/Z0jN42ElFGNRHA7XOnxz/2H6Qfs1h
F3LwV2TiU7Z2WW1LngmAVxkCK0Y8mkxe/1/bnhxU+Hy2KilvgVna9F2NWujpgk6L
qd9hFGo2SXJ59IVWVwBk7C5DEYUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR7B3jQ
K0hgHxxpHijBZMeb+WeiVDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZThmZWVmMWUtOTA1OC00YjM0LWE3ZjItMjRlNWUwNDRmZWEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTg
MA0GCSqGSIb3DQEBCwUAA4IBAQCJ6xlhllPDK7p+OCUWMY+OaZx5fMkHMCNmuvbH
IVyR4dkQfaM1F73znEA7IPkmzku8XC7PKHBCmsxLFzKKbWun4yrz22ugGK9gEPOZ
MIpICGjNt6ptdOl7UcdXxOz6Q0mN0qwDUW0xr3yjd2wNB0z4jXo85kciqaFA2wEF
FaG9kxeTyAIv+nza2TflN6bhq6Dm+J9qDHdd3BtFXSTW78Uu64U9f8ZFM32CiXxT
aEnjx8drNiN+uJmjENw92hHvOZ5GOmZi4XqbIfa6gcjuSviPDIxGXrVq6JGKNJ8l
ZuDwu0IV9y6lI8yldesUvdce6Bg2w2tLVjX1O/R7A7Tt8gvh
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:06 2025 by rpki-client