Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7eb04123-5564-4d2f-bd3c-2a08a42d7579.roa
File: 7eb04123-5564-4d2f-bd3c-2a08a42d7579.roa (raw, json)
Hash identifier: 5w59wUYCCV4skcND1Qlyw/T7EnhiZ+fpcyF95F9lxRY=
Subject key identifier: EE:77:17:F0:E3:99:15:CF:CE:46:C4:B4:B8:A9:BA:9A:3E:16:63:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53357A9D4CFF4864C6B6D181109058EAA86ACE8C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7eb04123-5564-4d2f-bd3c-2a08a42d7579.roa
Signing time: Fri 11 Jul 2025 20:01:36 +0000
ROA not before: Fri 11 Jul 2025 20:01:36 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:35:7a:9d:4c:ff:48:64:c6:b6:d1:81:10:90:58:ea:a8:6a:ce:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:01:36 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=b40192c9c925f641eb00dccc7edd542d00164544cd284bc314467b357e6072e1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ab:35:89:da:fd:65:9a:97:9d:fd:91:67:6d:
c6:93:8a:03:e2:b9:5b:5d:57:7f:93:f8:50:a8:ac:
4e:c2:56:21:50:29:5c:2a:c1:bd:34:0e:56:d6:b0:
a9:3f:3f:b0:48:6a:c5:98:ce:60:44:65:85:27:0b:
00:6b:3a:94:fc:ca:fb:74:c6:32:4a:db:0e:46:e5:
39:1e:2b:75:fa:c4:e2:87:0c:88:23:73:25:73:ba:
4b:06:30:ad:1e:36:7f:f3:25:28:23:b5:8c:6e:ef:
9c:c5:ff:7a:e5:77:fc:97:b6:e9:08:3d:91:a1:39:
6b:2a:f9:7b:e5:25:77:82:24:c8:d3:ef:45:e6:2d:
0a:65:c4:ca:d8:fa:8a:2e:dc:85:91:12:d7:5b:bf:
13:a6:38:35:41:85:44:3e:27:2f:da:e4:7e:31:dc:
44:76:09:d7:fb:40:58:93:c1:d9:32:51:87:bf:7b:
77:4d:98:f2:7d:d0:9b:8c:03:28:3f:d8:dd:4b:f4:
79:ec:17:9e:18:f6:97:2e:b7:27:84:33:fe:7b:18:
97:a9:a3:45:b5:df:e3:48:83:92:d0:4b:99:72:27:
9a:36:68:f8:c8:90:c7:6c:42:d6:da:e7:3b:18:1d:
74:15:ec:4c:ef:13:a7:4d:da:1f:2e:75:13:19:ca:
17:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:77:17:F0:E3:99:15:CF:CE:46:C4:B4:B8:A9:BA:9A:3E:16:63:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7eb04123-5564-4d2f-bd3c-2a08a42d7579.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:8000::/40
Signature Algorithm: sha256WithRSAEncryption
09:04:e0:62:c0:83:aa:bc:27:3b:f2:39:1a:c2:9d:95:d4:e4:
af:15:a7:8c:6d:8a:2a:8f:40:f7:ed:22:7e:9b:5f:44:ce:ee:
67:f3:5a:ff:a1:ec:38:fa:aa:f4:9c:25:1a:a7:93:ff:0a:0a:
94:44:51:76:aa:ef:63:10:d8:8a:14:6d:32:01:00:0f:19:52:
9b:71:c6:98:51:f4:3e:0a:7c:b3:41:95:14:57:bd:7f:d9:bb:
a5:62:cf:13:ca:7f:df:70:7b:77:b2:c9:fe:2b:01:1f:d0:ec:
48:ad:c9:c9:d8:a4:32:5d:bc:ef:56:c6:ba:df:d9:68:43:be:
42:63:e6:16:70:ce:40:18:3b:a9:69:82:cb:35:ee:7f:d7:35:
0e:11:b5:9b:ed:91:b8:69:88:1b:79:d1:04:37:c5:51:b0:79:
de:ac:24:31:58:47:91:ea:1c:eb:60:e3:c0:dd:96:97:5b:a5:
e9:35:e8:32:6b:c4:78:aa:d8:9f:15:aa:42:42:e6:35:0f:33:
e9:86:dc:1c:b2:65:01:19:65:15:3f:c9:d6:43:46:27:fa:e8:
ef:40:b8:28:b7:02:78:c9:2a:87:76:85:ee:30:dc:95:12:28:
da:6c:9d:2e:66:0e:53:ae:53:c0:de:b1:05:e1:84:27:a7:2d:
6b:e4:5b:0f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUzV6nUz/SGTGttGBEJBY6qhqzowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAxMzZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0MDE5MmM5YzkyNWY2NDFlYjAwZGNjYzdlZGQ1NDJkMDAxNjQ1NDRjZDI4
NGJjMzE0NDY3YjM1N2U2MDcyZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALirNYna/WWal539kWdtxpOKA+K5W11Xf5P4UKisTsJWIVApXCrBvTQOVtaw
qT8/sEhqxZjOYERlhScLAGs6lPzK+3TGMkrbDkblOR4rdfrE4ocMiCNzJXO6SwYw
rR42f/MlKCO1jG7vnMX/euV3/Je26Qg9kaE5ayr5e+Uld4IkyNPvReYtCmXEytj6
ii7chZES11u/E6Y4NUGFRD4nL9rkfjHcRHYJ1/tAWJPB2TJRh797d02Y8n3Qm4wD
KD/Y3Uv0eewXnhj2ly63J4Qz/nsYl6mjRbXf40iDktBLmXInmjZo+MiQx2xC1trn
OxgddBXsTO8Tp03aHy51ExnKFycCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTudxfw
45kVz85GxLS4qbqaPhZjMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2ViMDQxMjMtNTU2NC00ZDJmLWJkM2MtMmEwOGE0MmQ3NTc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HuA
MA0GCSqGSIb3DQEBCwUAA4IBAQAJBOBiwIOqvCc78jkawp2V1OSvFaeMbYoqj0D3
7SJ+m19Ezu5n81r/oew4+qr0nCUap5P/CgqURFF2qu9jENiKFG0yAQAPGVKbccaY
UfQ+CnyzQZUUV71/2bulYs8Tyn/fcHt3ssn+KwEf0OxIrcnJ2KQyXbzvVsa639lo
Q75CY+YWcM5AGDupaYLLNe5/1zUOEbWb7ZG4aYgbedEEN8VRsHnerCQxWEeR6hzr
YOPA3ZaXW6XpNegya8R4qtifFapCQuY1DzPphtwcsmUBGWUVP8nWQ0Yn+ujvQLgo
twJ4ySqHdoXuMNyVEijabJ0uZg5TrlPA3rEF4YQnpy1r5FsP
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:36:57 2025 by rpki-client