Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
File: 190e1645-8146-4d32-be0a-feed324f8efa.roa (raw, json)
Hash identifier: OmFzkyUITXxojZLX9gad3LBDzFmFPNeDi9W+z7XgxtE=
Subject key identifier: 4C:87:13:AF:AB:33:0B:0B:EB:B2:D9:E7:86:A3:57:69:F9:27:D9:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77F929211BF098F28FEFF19F9D4BF997840BC6F7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
Signing time: Tue 05 Aug 2025 19:31:05 +0000
ROA not before: Tue 05 Aug 2025 19:31:05 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:f9:29:21:1b:f0:98:f2:8f:ef:f1:9f:9d:4b:f9:97:84:0b:c6:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:31:05 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=95f753ded0cf84f1958c786a14ead2d155a7dd333e8775a8f00ee7fd76907b5e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9e:07:f9:dc:d5:72:1a:93:ac:0b:64:34:d3:
85:1f:1c:d4:38:ce:5a:2f:11:5b:1d:92:ee:a4:8f:
02:f8:bd:03:63:7c:79:19:97:22:b1:a2:9a:d0:95:
1b:7b:d5:28:8e:c6:83:71:eb:53:a9:a0:da:8e:aa:
46:16:9e:dc:84:6c:d8:38:12:5e:e5:65:97:a3:82:
36:75:70:15:df:0d:d9:0f:5c:9c:15:e7:95:a3:0d:
bc:2c:de:cf:54:53:9b:fc:e9:41:83:a5:e0:12:38:
93:60:89:19:9b:7d:c9:3f:8a:56:65:7f:ae:cd:1c:
13:ff:33:a1:c8:0f:3a:2e:f3:35:8d:a9:e5:e1:9c:
3e:4d:5b:e2:11:42:a4:bd:3f:fa:49:15:da:f4:74:
ef:a6:c6:21:66:af:cb:2a:8a:fc:58:72:20:0d:25:
5c:06:a4:f1:84:60:0a:da:6d:57:1a:0c:d2:4c:1b:
db:61:9a:6d:61:32:30:43:e2:27:c3:1e:0e:66:a2:
5e:8c:f9:b7:b0:84:78:c2:e4:23:fa:53:7d:8c:ef:
9d:60:84:2e:20:4d:0c:22:44:ce:dc:77:9e:e5:1a:
e2:e4:39:72:9d:41:8d:1f:0c:fa:4d:82:f7:fb:aa:
85:21:19:f2:57:c7:da:2b:00:7c:7f:a1:a9:2c:2a:
77:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:87:13:AF:AB:33:0B:0B:EB:B2:D9:E7:86:A3:57:69:F9:27:D9:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:a000::/40
Signature Algorithm: sha256WithRSAEncryption
62:c1:08:e7:5b:8f:42:52:ba:3c:13:27:ad:aa:2b:02:ad:6a:
55:b2:30:29:1b:c6:ac:03:ec:90:c1:ac:91:aa:b5:5c:c8:c5:
74:57:5a:4e:07:bf:05:da:9d:e7:38:2a:64:ed:d8:bc:39:d6:
2d:0f:91:22:eb:cb:7b:61:3f:18:cd:dc:02:46:8c:38:35:1f:
6a:b3:f3:42:1d:c0:2c:ac:0d:f1:77:e3:ec:bc:7b:93:22:b4:
d0:fb:94:ad:7f:ca:57:cc:30:31:69:a4:e0:6f:a6:29:26:40:
42:ee:9b:e4:80:e7:76:b9:19:d4:ad:ca:ec:7e:85:0a:23:cc:
5c:91:68:27:a7:54:25:29:04:2c:a3:7c:f7:72:9e:3c:50:db:
6e:3f:c3:50:0a:4a:44:e7:8e:19:0b:16:73:e7:1b:00:5c:68:
63:e4:24:c5:99:2a:d4:0b:50:f3:af:a0:ee:00:f8:d1:b8:0d:
42:81:e9:37:a1:13:bb:5d:5f:61:37:36:3c:06:59:5c:4a:8a:
14:e6:4b:2b:5f:bf:98:03:34:b6:1d:b4:b7:e4:87:7d:0e:2e:
c1:78:e2:f3:fa:a4:8e:b9:76:96:98:37:5c:9a:bf:61:1d:0e:
01:c4:12:fd:25:84:2b:15:db:f0:40:62:28:d9:7c:d3:7b:5d:
b0:e7:94:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd/kpIRvwmPKP7/GfnUv5l4QLxvcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMxMDVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1Zjc1M2RlZDBjZjg0ZjE5NThjNzg2YTE0ZWFkMmQxNTVhN2RkMzMzZTg3
NzVhOGYwMGVlN2ZkNzY5MDdiNWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6eB/nc1XIak6wLZDTThR8c1DjOWi8RWx2S7qSPAvi9A2N8eRmXIrGimtCV
G3vVKI7Gg3HrU6mg2o6qRhae3IRs2DgSXuVll6OCNnVwFd8N2Q9cnBXnlaMNvCze
z1RTm/zpQYOl4BI4k2CJGZt9yT+KVmV/rs0cE/8zocgPOi7zNY2p5eGcPk1b4hFC
pL0/+kkV2vR076bGIWavyyqK/FhyIA0lXAak8YRgCtptVxoM0kwb22GabWEyMEPi
J8MeDmaiXoz5t7CEeMLkI/pTfYzvnWCELiBNDCJEztx3nuUa4uQ5cp1BjR8M+k2C
9/uqhSEZ8lfH2isAfH+hqSwqdyUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRMhxOv
qzMLC+uy2eeGo1dp+SfZqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTkwZTE2NDUtODE0Ni00ZDMyLWJlMGEtZmVlZDMyNGY4ZWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSg
MA0GCSqGSIb3DQEBCwUAA4IBAQBiwQjnW49CUro8EyetqisCrWpVsjApG8asA+yQ
wayRqrVcyMV0V1pOB78F2p3nOCpk7di8OdYtD5Ei68t7YT8YzdwCRow4NR9qs/NC
HcAsrA3xd+PsvHuTIrTQ+5Stf8pXzDAxaaTgb6YpJkBC7pvkgOd2uRnUrcrsfoUK
I8xckWgnp1QlKQQso3z3cp48UNtuP8NQCkpE544ZCxZz5xsAXGhj5CTFmSrUC1Dz
r6DuAPjRuA1Cgek3oRO7XV9hNzY8BllcSooU5ksrX7+YAzS2HbS35Id9Di7BeOLz
+qSOuXaWmDdcmr9hHQ4BxBL9JYQrFdvwQGIo2XzTe12w55QD
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:35 2025 by rpki-client