Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7037317e-bcf9-40f3-b066-0973d33451f2.roa
File: 7037317e-bcf9-40f3-b066-0973d33451f2.roa (raw, json)
Hash identifier: Kg+GtycZV3j9GPJTSrH0AMdpOnJSfupYp29QOxNbV68=
Subject key identifier: 1A:48:CE:FB:01:83:14:44:21:86:43:4D:42:72:48:46:22:92:66:BA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5140D34EFAA61D1D2B93B75699FEE68AC803AC67
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7037317e-bcf9-40f3-b066-0973d33451f2.roa
Signing time: Tue 05 Aug 2025 19:50:18 +0000
ROA not before: Tue 05 Aug 2025 19:50:18 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:40:d3:4e:fa:a6:1d:1d:2b:93:b7:56:99:fe:e6:8a:c8:03:ac:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:50:18 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=884e6bb6a49475e2f02cdfc84477e2693acb82e57904cf25e663e0f54937dc46, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:95:74:37:bf:c5:28:09:2d:b0:8d:8d:6f:2c:
7d:7c:3d:fa:16:b5:b5:81:7b:0e:59:4a:91:bb:b4:
4d:f6:78:09:9e:79:35:d4:83:49:72:db:94:a7:a4:
75:0e:35:15:d6:12:b2:dc:74:a5:ff:1d:83:4a:be:
07:4b:16:28:1b:dd:dd:cb:31:b9:0f:d6:d7:b4:4a:
55:63:0e:d9:7c:b6:41:f7:69:b9:21:7f:07:34:ee:
90:37:db:ab:a7:c4:3d:2f:6f:34:57:45:2b:55:1f:
64:23:a8:3e:be:55:61:13:b6:35:0a:c5:31:2b:fa:
7e:9a:a0:43:48:52:ef:e5:5c:2e:b8:97:9e:29:ee:
23:76:86:22:e0:88:43:b7:01:4e:31:de:57:e4:17:
64:2b:b7:27:a5:58:64:d6:e0:d0:ee:41:78:23:80:
81:be:8b:6e:75:95:4d:4a:20:57:f0:d5:c7:e7:f6:
da:21:a2:6e:e3:c1:e2:52:b3:8e:65:aa:e8:a4:f0:
a4:1d:ca:35:6d:dd:d9:27:b3:e0:b8:69:7c:45:fd:
86:a5:01:66:9a:2e:a8:bf:ce:5c:dc:6f:d7:2a:b2:
ed:24:9b:a7:de:a0:24:24:6d:f6:c0:c0:a4:48:6a:
83:47:a4:a6:e4:2f:1b:ca:1a:d6:db:13:33:35:17:
6f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:48:CE:FB:01:83:14:44:21:86:43:4D:42:72:48:46:22:92:66:BA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7037317e-bcf9-40f3-b066-0973d33451f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:9000::/40
Signature Algorithm: sha256WithRSAEncryption
88:1a:25:8d:be:c4:91:c7:cd:ac:c8:c6:d5:ba:2d:88:e8:4d:
55:a0:88:0f:6a:6f:b2:4c:3d:a3:03:9d:f2:1f:15:1a:44:c0:
19:5c:c2:9b:f1:f5:57:bd:67:3e:bf:1c:8f:9b:7d:f8:e9:13:
39:ba:23:7a:0c:f8:6a:48:69:84:2b:cd:92:ec:d7:7b:43:11:
c4:fa:6c:cf:4b:0d:d6:52:38:85:f4:08:92:02:7c:65:c3:fd:
ec:b5:f5:7e:af:1f:4b:51:db:89:b0:32:07:20:08:59:e3:14:
4e:f3:c0:fd:84:43:f6:db:62:a8:a2:22:90:7b:89:1c:ff:ae:
19:32:c2:73:4b:9c:93:55:df:92:57:f6:10:e0:4b:b0:18:7b:
0c:f1:f3:6b:ed:f9:14:c6:70:e0:fe:89:37:59:ad:e5:8a:67:
a7:6e:48:f5:a1:d5:77:20:82:df:3a:65:12:9b:34:b5:5f:61:
88:e5:f0:65:ef:28:b9:20:06:a4:f3:85:21:8f:14:37:21:e8:
55:a3:f8:33:97:ae:95:24:04:55:0b:24:03:73:c2:25:9a:88:
7d:a4:06:6e:f9:75:c7:2f:21:f4:e2:af:39:36:3d:db:3e:dc:
14:46:3b:73:c4:94:da:91:ae:f0:c7:aa:67:08:3e:cc:d7:23:
64:9c:5e:2e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUUDTTvqmHR0rk7dWmf7misgDrGcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUwMThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4NGU2YmI2YTQ5NDc1ZTJmMDJjZGZjODQ0NzdlMjY5M2FjYjgyZTU3OTA0
Y2YyNWU2NjNlMGY1NDkzN2RjNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOyVdDe/xSgJLbCNjW8sfXw9+ha1tYF7DllKkbu0TfZ4CZ55NdSDSXLblKek
dQ41FdYSstx0pf8dg0q+B0sWKBvd3csxuQ/W17RKVWMO2Xy2QfdpuSF/BzTukDfb
q6fEPS9vNFdFK1UfZCOoPr5VYRO2NQrFMSv6fpqgQ0hS7+VcLriXninuI3aGIuCI
Q7cBTjHeV+QXZCu3J6VYZNbg0O5BeCOAgb6LbnWVTUogV/DVx+f22iGibuPB4lKz
jmWq6KTwpB3KNW3d2Sez4LhpfEX9hqUBZpouqL/OXNxv1yqy7SSbp96gJCRt9sDA
pEhqg0ekpuQvG8oa1tsTMzUXb1kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQaSM77
AYMURCGGQ01CckhGIpJmujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzAzNzMxN2UtYmNmOS00MGYzLWIwNjYtMDk3M2QzMzQ1MWYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HiQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCIGiWNvsSRx82syMbVui2I6E1VoIgPam+yTD2j
A53yHxUaRMAZXMKb8fVXvWc+vxyPm3346RM5uiN6DPhqSGmEK82S7Nd7QxHE+mzP
Sw3WUjiF9AiSAnxlw/3stfV+rx9LUduJsDIHIAhZ4xRO88D9hEP222KooiKQe4kc
/64ZMsJzS5yTVd+SV/YQ4EuwGHsM8fNr7fkUxnDg/ok3Wa3limenbkj1odV3IILf
OmUSmzS1X2GI5fBl7yi5IAak84UhjxQ3IehVo/gzl66VJARVCyQDc8Ilmoh9pAZu
+XXHLyH04q85Nj3bPtwURjtzxJTaka7wx6pnCD7M1yNknF4u
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:31 2025 by rpki-client