Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c850bbe8-9ff4-4e13-ae90-de5774a81d86.roa
File: c850bbe8-9ff4-4e13-ae90-de5774a81d86.roa (raw, json)
Hash identifier: KbFg5U+z+4OHcQA7dHVR6djWytV79gPVp+yYoK/8b1w=
Subject key identifier: 26:88:B5:77:D4:DE:08:C9:DA:F0:61:0A:EE:DB:45:63:98:5A:CA:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E30F90CA74F86F13330C4B9AAAB1246F2892775
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c850bbe8-9ff4-4e13-ae90-de5774a81d86.roa
Signing time: Mon 21 Jul 2025 16:40:19 +0000
ROA not before: Mon 21 Jul 2025 16:40:19 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:30:f9:0c:a7:4f:86:f1:33:30:c4:b9:aa:ab:12:46:f2:89:27:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:40:19 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=2b5274a477b1ddba34a2d075991d43a28bc16b87e761169d22869c82322b276d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:af:24:2a:85:8d:91:15:f6:43:78:f3:97:50:
73:9a:65:48:d6:ae:89:c9:fb:b9:a6:b5:c1:e2:af:
0f:67:dc:65:08:f9:d7:33:af:22:35:02:a9:40:bc:
a8:43:c1:21:52:eb:4d:68:7d:9f:61:a9:c2:4b:81:
d0:cb:52:08:45:db:63:ad:c7:8a:e6:69:66:48:d1:
69:ee:fb:26:13:a7:e6:d1:f0:b9:62:d8:33:86:71:
cb:ef:d5:82:59:74:dc:e8:a5:8c:4c:13:1f:b5:e5:
01:2c:d1:a8:73:91:17:ea:a2:48:56:06:ea:d8:65:
7d:b4:82:31:3f:38:c5:6a:82:2c:a1:ff:70:60:e5:
84:48:df:00:20:90:f7:8a:ad:ba:50:66:34:a7:f4:
18:a8:89:a4:9d:43:e2:df:71:c1:c4:7c:e0:01:8f:
bc:23:bc:8f:1f:fc:6a:ec:7f:06:35:9c:8c:12:1f:
eb:62:81:fc:e5:bf:99:fb:05:31:c5:40:f4:a0:fd:
47:cd:f4:32:3d:38:d8:97:eb:60:a5:12:c8:b8:8b:
0f:76:fc:eb:e7:4c:57:5a:27:00:33:e5:00:03:d1:
47:ae:aa:db:06:aa:e4:bc:90:ee:d9:f1:33:15:eb:
e4:7c:70:d0:ff:ae:52:af:1e:f1:1e:55:60:47:3e:
31:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:88:B5:77:D4:DE:08:C9:DA:F0:61:0A:EE:DB:45:63:98:5A:CA:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c850bbe8-9ff4-4e13-ae90-de5774a81d86.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:c000::/40
Signature Algorithm: sha256WithRSAEncryption
9a:df:74:52:8c:e6:a3:d5:db:2a:f8:66:2d:ad:7d:0a:5d:06:
31:eb:74:c6:bd:fa:b1:3c:6f:61:87:b1:f7:9a:55:62:a8:98:
ce:c1:0a:96:a5:d7:a1:9d:24:49:9b:4a:40:30:7f:63:ba:69:
46:0b:e1:d4:ab:ca:26:ea:3b:c1:c3:66:29:62:e4:a3:5b:1c:
2a:2b:3a:1d:ec:df:6f:6c:e4:a3:a5:23:b6:2a:69:1e:16:63:
77:5b:90:c8:b7:0f:2b:cf:d1:3b:73:31:d7:b9:be:d7:2e:d2:
e4:98:72:ff:09:35:22:6f:cf:d6:cc:33:c8:10:14:55:8d:4f:
a8:19:8f:82:49:dd:04:20:5a:f2:7d:4d:d3:70:c1:a8:1e:e1:
d4:55:62:2b:66:4a:c6:75:1c:32:ce:0e:3f:d4:12:83:c1:65:
85:65:fd:be:10:ef:59:e6:d6:c6:e8:fd:ad:ba:86:74:60:80:
db:b2:cf:6c:8a:27:12:90:09:9a:15:47:58:43:4c:1d:84:48:
97:57:de:00:c4:ba:86:89:00:1a:19:4b:98:e8:ef:0e:11:02:
0b:44:f6:04:6b:95:0e:04:f3:e8:40:e3:32:e5:39:da:0d:ce:
9e:68:b4:aa:c3:25:81:5f:48:64:ce:24:62:68:dd:8b:37:c0:
27:f5:2d:ed
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHjD5DKdPhvEzMMS5qqsSRvKJJ3UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjQwMTlaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiNTI3NGE0NzdiMWRkYmEzNGEyZDA3NTk5MWQ0M2EyOGJjMTZiODdlNzYx
MTY5ZDIyODY5YzgyMzIyYjI3NmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALavJCqFjZEV9kN485dQc5plSNauicn7uaa1weKvD2fcZQj51zOvIjUCqUC8
qEPBIVLrTWh9n2GpwkuB0MtSCEXbY63HiuZpZkjRae77JhOn5tHwuWLYM4Zxy+/V
gll03OiljEwTH7XlASzRqHORF+qiSFYG6thlfbSCMT84xWqCLKH/cGDlhEjfACCQ
94qtulBmNKf0GKiJpJ1D4t9xwcR84AGPvCO8jx/8aux/BjWcjBIf62KB/OW/mfsF
McVA9KD9R830Mj042JfrYKUSyLiLD3b86+dMV1onADPlAAPRR66q2waq5LyQ7tnx
MxXr5Hxw0P+uUq8e8R5VYEc+MY0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQmiLV3
1N4IydrwYQru20VjmFrK1TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzg1MGJiZTgtOWZmNC00ZTEzLWFlOTAtZGU1Nzc0YTgxZDg2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DXA
MA0GCSqGSIb3DQEBCwUAA4IBAQCa33RSjOaj1dsq+GYtrX0KXQYx63TGvfqxPG9h
h7H3mlViqJjOwQqWpdehnSRJm0pAMH9jumlGC+HUq8om6jvBw2YpYuSjWxwqKzod
7N9vbOSjpSO2KmkeFmN3W5DItw8rz9E7czHXub7XLtLkmHL/CTUib8/WzDPIEBRV
jU+oGY+CSd0EIFryfU3TcMGoHuHUVWIrZkrGdRwyzg4/1BKDwWWFZf2+EO9Z5tbG
6P2tuoZ0YIDbss9siicSkAmaFUdYQ0wdhEiXV94AxLqGiQAaGUuY6O8OEQILRPYE
a5UOBPPoQOMy5TnaDc6eaLSqwyWBX0hkziRiaN2LN8An9S3t
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:48:00 2025 by rpki-client