Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa
File: 7175e6ba-4879-48cc-b428-9cd0d88a156a.roa (raw, json)
Hash identifier: UAw4MeLMQa0y/ehMfiIJ+oRiYm1C5okV0eckECDGSis=
Subject key identifier: 17:90:0A:42:F8:AD:29:AA:3B:81:93:3D:68:EC:2B:FA:99:67:79:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5BEDB0DF7B1E2F514BBA0F3AE6656DE75F6794A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa
Signing time: Tue 26 Aug 2025 17:10:50 +0000
ROA not before: Tue 26 Aug 2025 17:10:50 +0000
ROA not after: Tue 30 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:ed:b0:df:7b:1e:2f:51:4b:ba:0f:3a:e6:65:6d:e7:5f:67:94:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 26 17:10:50 2025 GMT
Not After : Sep 30 23:59:59 2025 GMT
Subject: serialNumber=e6d0cebe1baef426ecbd9aaf94793a59a55e6cfcbef04c05d71e212964acbfb2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:4f:f0:6e:b3:65:92:04:9a:e8:e6:65:7e:ce:
c4:6f:6c:f6:14:f2:60:e8:fa:b3:d6:9a:82:c2:de:
0d:0c:80:7e:89:06:9f:2c:4f:e3:12:97:c1:45:cf:
b0:68:8a:98:25:df:2d:21:a7:be:4c:41:a5:25:b5:
13:00:a1:5c:99:f7:3f:8a:8b:e2:cc:04:67:19:98:
30:2d:11:e4:ce:3b:06:6b:ee:f5:96:55:1c:52:6d:
a4:84:51:c7:92:34:44:90:05:69:d5:2a:41:0e:bd:
5c:e4:83:9f:c5:59:cf:5c:cc:47:ea:64:5c:4f:da:
30:8f:67:11:e0:78:04:20:8a:63:12:96:87:a9:13:
29:04:7a:27:a9:f3:11:6b:89:87:b8:5e:b4:96:a7:
d2:55:1f:62:16:f9:df:61:70:81:53:a0:08:f4:5e:
50:38:e4:1c:b6:e8:bd:a8:b1:25:43:21:1c:56:34:
93:b2:c6:89:79:e1:ef:3a:e8:ab:5c:aa:0d:8b:2e:
79:db:c4:70:bf:8e:d1:be:97:46:89:27:f2:e5:ad:
58:90:52:46:bc:55:4e:08:65:df:6c:59:01:1b:b8:
85:45:8e:fe:39:e7:4c:85:15:11:b2:7e:79:c9:ff:
dd:d8:eb:0e:86:a3:b9:fd:11:37:8f:93:91:95:d0:
da:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:90:0A:42:F8:AD:29:AA:3B:81:93:3D:68:EC:2B:FA:99:67:79:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
7c:a5:57:e9:d4:99:ba:cd:ad:9e:4b:da:fb:1c:4c:2b:c2:99:
52:be:62:4e:c4:6c:0b:6a:c8:ae:22:27:e7:17:c6:ca:40:20:
f9:ad:8a:eb:38:2f:e1:d9:33:36:c6:fb:b6:a0:67:5a:63:a7:
d8:76:79:81:09:cf:1e:3b:e6:9d:61:67:f0:b0:9b:75:3f:67:
87:38:75:0c:2a:0d:a6:5e:48:b3:05:21:8a:a0:f4:16:77:03:
97:76:96:cb:0e:0b:a7:c0:42:5b:13:69:02:2d:04:db:91:49:
ac:1e:98:56:01:2c:97:a7:76:ad:6b:e9:7a:68:06:9e:8d:b0:
c5:a0:5c:cd:c0:d1:b6:2e:27:64:18:45:ce:1e:f6:55:bd:8f:
37:ec:c0:05:02:e6:c3:be:45:11:a7:3f:73:20:2a:bf:84:77:
22:16:37:25:84:dc:ff:53:6e:8d:00:43:1b:53:11:1c:0d:8c:
23:1c:1e:88:67:d5:1a:d9:85:b3:03:49:8a:d9:ca:4a:36:2c:
37:39:07:f6:89:64:35:18:b2:f5:ff:af:12:ae:3f:5c:a2:34:
a9:d8:55:28:45:20:b7:18:5e:be:2b:03:49:40:1e:ce:7e:7f:
e1:bb:35:ae:e7:43:19:7b:2c:7c:f2:e6:02:e6:1a:95:a0:a0:
74:90:bf:43
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUW+2w33seL1FLug865mVt519nlKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjYxNzEwNTBaFw0yNTA5MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2ZDBjZWJlMWJhZWY0MjZlY2JkOWFhZjk0NzkzYTU5YTU1ZTZjZmNiZWYw
NGMwNWQ3MWUyMTI5NjRhY2JmYjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANRP8G6zZZIEmujmZX7OxG9s9hTyYOj6s9aagsLeDQyAfokGnyxP4xKXwUXP
sGiKmCXfLSGnvkxBpSW1EwChXJn3P4qL4swEZxmYMC0R5M47Bmvu9ZZVHFJtpIRR
x5I0RJAFadUqQQ69XOSDn8VZz1zMR+pkXE/aMI9nEeB4BCCKYxKWh6kTKQR6J6nz
EWuJh7hetJan0lUfYhb532FwgVOgCPReUDjkHLbovaixJUMhHFY0k7LGiXnh7zro
q1yqDYsuedvEcL+O0b6XRokn8uWtWJBSRrxVTghl32xZARu4hUWO/jnnTIUVEbJ+
ecn/3djrDoajuf0RN4+TkZXQ2t8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQXkApC
+K0pqjuBkz1o7Cv6mWd54DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzE3NWU2YmEtNDg3OS00OGNjLWI0MjgtOWNkMGQ4OGExNTZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEI
wDANBgkqhkiG9w0BAQsFAAOCAQEAfKVX6dSZus2tnkva+xxMK8KZUr5iTsRsC2rI
riIn5xfGykAg+a2K6zgv4dkzNsb7tqBnWmOn2HZ5gQnPHjvmnWFn8LCbdT9nhzh1
DCoNpl5IswUhiqD0FncDl3aWyw4Lp8BCWxNpAi0E25FJrB6YVgEsl6d2rWvpemgG
no2wxaBczcDRti4nZBhFzh72Vb2PN+zABQLmw75FEac/cyAqv4R3IhY3JYTc/1Nu
jQBDG1MRHA2MIxweiGfVGtmFswNJitnKSjYsNzkH9olkNRiy9f+vEq4/XKI0qdhV
KEUgtxhevisDSUAezn5/4bs1rudDGXssfPLmAuYalaCgdJC/Qw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:25 2025 by rpki-client