Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99404275-57dd-4a36-8c29-529ab06d1d00.roa
File: 99404275-57dd-4a36-8c29-529ab06d1d00.roa (raw, json)
Hash identifier: 3xqrHAxioU6lQW2yhupU55+G+XqEIj+utdZyXX6HwBM=
Subject key identifier: ED:60:DB:11:C9:21:AC:77:EE:BF:19:5E:83:51:68:4D:D9:A2:7A:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52CD2657F98413F6BF89196978862D9613C69CB3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99404275-57dd-4a36-8c29-529ab06d1d00.roa
Signing time: Fri 11 Jul 2025 20:21:07 +0000
ROA not before: Fri 11 Jul 2025 20:21:07 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:cd:26:57:f9:84:13:f6:bf:89:19:69:78:86:2d:96:13:c6:9c:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:21:07 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a75a3feea64f4ba7db09f87c1927de71ce9451c3a1f9f095ddda7342cbd4f23b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2f:64:52:f3:2c:8a:b1:20:44:0f:2b:4d:9f:
7a:98:e4:d2:b9:e9:95:c9:a4:52:ab:c7:a0:2f:93:
1b:ab:61:ba:34:53:26:4a:8f:60:43:56:99:97:01:
48:3d:d8:8c:6c:44:d7:c4:90:c6:b9:5d:df:d0:f4:
6a:2a:18:b4:64:61:6a:3d:72:9f:36:9b:cc:a3:a2:
d6:25:af:de:14:ee:6d:a6:91:ee:0c:a9:a3:57:b2:
fe:b2:d2:63:f2:04:e1:07:1e:f7:96:fe:89:0b:e6:
58:18:9c:90:c5:ad:15:f1:ea:62:a9:a0:dd:e8:71:
98:11:53:c0:34:4d:65:4d:0f:61:04:bb:74:61:a7:
7a:47:2a:99:48:ae:2f:c7:98:e0:87:6c:2c:4f:d1:
e0:45:aa:ba:89:87:37:2f:2d:ea:c4:73:82:d1:84:
1a:c9:58:1b:32:35:9d:02:8e:ad:22:77:dd:e8:21:
58:72:d4:1f:0c:fd:db:1d:34:7d:a5:58:ad:36:60:
f9:e6:b9:47:5f:54:f4:24:b0:f6:64:12:31:6d:6a:
2e:29:93:05:76:fc:b7:a6:33:05:ec:e3:d3:3c:f4:
8b:8e:17:cf:54:be:8c:27:4e:da:7d:8e:9c:4a:41:
c9:96:ff:2e:1a:e8:2d:f4:dd:ca:f1:a4:91:40:2e:
01:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:60:DB:11:C9:21:AC:77:EE:BF:19:5E:83:51:68:4D:D9:A2:7A:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99404275-57dd-4a36-8c29-529ab06d1d00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:b000::/40
Signature Algorithm: sha256WithRSAEncryption
1a:91:17:83:cf:ce:f0:61:5d:50:61:df:31:1d:0c:9a:5c:88:
ff:f3:a7:cb:b5:f8:49:46:fc:64:56:fd:3b:80:b3:61:85:d4:
88:d2:f7:77:f5:3b:61:e2:1b:e3:cc:80:70:20:d6:c1:3c:99:
4d:8e:3f:87:e3:b1:8b:4d:4b:22:30:3b:e8:b3:6e:ec:f5:d5:
fd:cf:20:41:79:e1:fd:2f:a7:b0:7b:f4:44:d3:ed:d2:31:af:
45:9d:a9:22:56:0a:e0:fd:88:53:40:b6:e9:bd:ee:81:ea:bf:
db:69:8a:0e:9d:1d:04:b0:b1:65:62:5a:c0:a5:21:2b:8f:d0:
2c:f0:52:2b:39:7a:e5:29:2a:fc:f5:ce:9e:34:74:0a:be:11:
ce:fb:ee:29:96:cf:a4:e6:37:e7:0b:aa:52:d6:8c:5b:dc:f2:
56:7a:c6:6a:d7:fa:17:70:39:4b:f5:15:0f:ee:92:18:89:1e:
3d:5c:e0:b4:f0:4b:c0:0a:5c:a2:5f:af:a0:3d:07:38:72:a6:
a0:53:c3:fb:2d:c8:e2:78:ff:d6:36:94:64:a5:74:76:81:36:
f6:cd:1f:1f:40:2a:44:40:f8:d2:59:f9:b8:93:16:86:9a:b0:
67:90:a7:cd:c0:98:e9:39:62:50:b5:07:6b:f4:4c:74:9c:fb:
6b:9f:74:02
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUs0mV/mEE/a/iRlpeIYtlhPGnLMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDIxMDdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3NWEzZmVlYTY0ZjRiYTdkYjA5Zjg3YzE5MjdkZTcxY2U5NDUxYzNhMWY5
ZjA5NWRkZGE3MzQyY2JkNGYyM2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4vZFLzLIqxIEQPK02fepjk0rnplcmkUqvHoC+TG6thujRTJkqPYENWmZcB
SD3YjGxE18SQxrld39D0aioYtGRhaj1ynzabzKOi1iWv3hTubaaR7gypo1ey/rLS
Y/IE4Qce95b+iQvmWBickMWtFfHqYqmg3ehxmBFTwDRNZU0PYQS7dGGnekcqmUiu
L8eY4IdsLE/R4EWquomHNy8t6sRzgtGEGslYGzI1nQKOrSJ33eghWHLUHwz92x00
faVYrTZg+ea5R19U9CSw9mQSMW1qLimTBXb8t6YzBezj0zz0i44Xz1S+jCdO2n2O
nEpByZb/LhroLfTdyvGkkUAuAWsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTtYNsR
ySGsd+6/GV6DUWhN2aJ6nDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk0MDQyNzUtNTdkZC00YTM2LThjMjktNTI5YWIwNmQxZDAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dqw
MA0GCSqGSIb3DQEBCwUAA4IBAQAakReDz87wYV1QYd8xHQyaXIj/86fLtfhJRvxk
Vv07gLNhhdSI0vd39Tth4hvjzIBwINbBPJlNjj+H47GLTUsiMDvos27s9dX9zyBB
eeH9L6ewe/RE0+3SMa9FnakiVgrg/YhTQLbpve6B6r/baYoOnR0EsLFlYlrApSEr
j9As8FIrOXrlKSr89c6eNHQKvhHO++4pls+k5jfnC6pS1oxb3PJWesZq1/oXcDlL
9RUP7pIYiR49XOC08EvAClyiX6+gPQc4cqagU8P7LcjieP/WNpRkpXR2gTb2zR8f
QCpEQPjSWfm4kxaGmrBnkKfNwJjpOWJQtQdr9Ex0nPtrn3QC
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:29 2025 by rpki-client