Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
File: e5179068-cbcf-4f9a-864d-3c97430c84f4.roa (raw, json)
Hash identifier: /8jbGCndrorHqq36UgHB3LTGmXWtqEB78VXSNB0h/SQ=
Subject key identifier: 67:1A:DE:BF:DA:F6:59:88:C8:15:A5:6A:2B:98:CE:02:6B:63:59:12
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73022A0A36721B9F7A337B7F954C3F5C57C77FFF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
Signing time: Fri 11 Jul 2025 20:40:47 +0000
ROA not before: Fri 11 Jul 2025 20:40:47 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:02:2a:0a:36:72:1b:9f:7a:33:7b:7f:95:4c:3f:5c:57:c7:7f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:40:47 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=3e6131bbbe0f52c4c680038377c8f7174495ce4374faf4f5103fcf0410b99e78, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bd:bf:39:3e:e1:97:cd:5e:a6:57:7d:72:f8:
d6:46:1d:ec:86:4d:da:c2:4e:90:4e:ae:49:d7:18:
65:88:a5:50:11:6f:52:dc:27:84:62:c9:d7:d7:e6:
e4:8a:85:0c:7f:d5:7b:ee:89:66:48:82:17:5a:f8:
8e:88:1d:f5:12:5d:20:ed:5e:27:a7:9f:c7:64:d4:
ee:e5:c0:a8:b9:9b:85:bc:53:5e:a2:5f:05:b4:a3:
96:26:27:41:5f:73:76:a9:af:f2:a6:46:d4:c0:72:
15:a9:73:86:2b:3b:20:c2:8f:0e:1e:08:b8:34:fd:
e6:3b:3c:30:af:76:88:ee:8d:bf:78:25:f9:37:08:
79:47:4d:1d:94:29:57:63:b3:2b:ef:ee:82:9c:41:
19:e2:19:a7:ad:4d:74:2d:57:27:e5:95:5b:17:3f:
b8:68:6c:61:c9:19:fd:d3:a6:ed:7d:0e:44:a8:c5:
85:e2:5a:12:84:1b:fd:f8:a4:00:ea:5b:cf:a4:45:
e1:73:b1:ae:7d:cc:87:93:25:51:d7:20:36:35:a8:
40:b9:18:1a:b9:d9:a4:c4:f8:96:52:9c:a4:ab:83:
b1:9d:e3:66:9b:17:57:de:e6:a0:2a:fc:f3:ea:82:
cc:3a:28:28:a9:44:d2:9e:73:d3:c3:57:64:e3:a5:
5b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:1A:DE:BF:DA:F6:59:88:C8:15:A5:6A:2B:98:CE:02:6B:63:59:12
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015::/38
Signature Algorithm: sha256WithRSAEncryption
02:ee:a9:ce:02:47:96:a1:8c:42:bf:a7:ba:9b:06:bd:79:6d:
16:cb:f2:fc:38:3b:59:73:af:f8:02:a1:1f:7e:41:f4:40:71:
04:3e:ed:27:39:99:e0:af:fc:56:31:bd:de:57:fc:74:aa:4f:
3a:a0:c2:aa:ae:46:d8:78:58:f7:bb:af:0d:5f:f8:4a:80:f0:
74:d5:74:59:d8:af:d2:78:39:61:91:bb:f8:ee:28:06:22:9b:
be:9b:de:7d:04:57:6a:41:ef:e2:b3:e8:24:d2:53:d6:f7:01:
78:54:5d:72:38:90:a9:c1:7c:6c:28:5f:f3:36:f9:79:1e:f2:
87:ec:ce:21:f3:af:35:cc:f7:2e:a5:56:56:79:65:f5:74:27:
8d:59:e3:4b:94:14:3c:5e:f9:21:5c:ec:1c:2c:aa:ca:d7:08:
73:65:71:d5:85:e6:9b:f4:ac:9b:e6:63:78:e2:30:04:d2:29:
ed:78:b0:db:66:97:51:f4:ef:a4:2d:e6:03:bc:2e:e9:da:c8:
56:2f:9c:3f:a1:1e:3f:98:72:c1:41:36:96:f9:d7:99:be:9a:
ec:9a:d8:98:21:ac:7b:1c:56:90:0b:b2:65:3a:06:34:e4:24:
ce:07:28:f2:e9:97:94:d4:4d:bd:ca:f3:b3:40:9d:5a:28:59:
c6:cb:13:fd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcwIqCjZyG596M3t/lUw/XFfHf/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQwNDdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlNjEzMWJiYmUwZjUyYzRjNjgwMDM4Mzc3YzhmNzE3NDQ5NWNlNDM3NGZh
ZjRmNTEwM2ZjZjA0MTBiOTllNzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKy9vzk+4ZfNXqZXfXL41kYd7IZN2sJOkE6uSdcYZYilUBFvUtwnhGLJ19fm
5IqFDH/Ve+6JZkiCF1r4jogd9RJdIO1eJ6efx2TU7uXAqLmbhbxTXqJfBbSjliYn
QV9zdqmv8qZG1MByFalzhis7IMKPDh4IuDT95js8MK92iO6Nv3gl+TcIeUdNHZQp
V2OzK+/ugpxBGeIZp61NdC1XJ+WVWxc/uGhsYckZ/dOm7X0ORKjFheJaEoQb/fik
AOpbz6RF4XOxrn3Mh5MlUdcgNjWoQLkYGrnZpMT4llKcpKuDsZ3jZpsXV97moCr8
8+qCzDooKKlE0p5z08NXZOOlW3cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRnGt6/
2vZZiMgVpWormM4Ca2NZEjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTUxNzkwNjgtY2JjZi00ZjlhLTg2NGQtM2M5NzQzMGM4NGY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUA
MA0GCSqGSIb3DQEBCwUAA4IBAQAC7qnOAkeWoYxCv6e6mwa9eW0Wy/L8ODtZc6/4
AqEffkH0QHEEPu0nOZngr/xWMb3eV/x0qk86oMKqrkbYeFj3u68NX/hKgPB01XRZ
2K/SeDlhkbv47igGIpu+m959BFdqQe/is+gk0lPW9wF4VF1yOJCpwXxsKF/zNvl5
HvKH7M4h8681zPcupVZWeWX1dCeNWeNLlBQ8XvkhXOwcLKrK1whzZXHVheab9Kyb
5mN44jAE0inteLDbZpdR9O+kLeYDvC7p2shWL5w/oR4/mHLBQTaW+deZvprsmtiY
Iax7HFaQC7JlOgY05CTOByjy6ZeU1E29yvOzQJ1aKFnGyxP9
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:43 2025 by rpki-client