Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
File: 739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa (raw, json)
Hash identifier: XQW4zhU8g3eARoaNBCMEyIL6ronrbFeE4VumcUq1y8U=
Subject key identifier: 92:22:55:BA:64:C1:E6:CA:7A:39:B3:D8:D1:53:24:3C:08:BD:DE:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 31E603101A39F0D298BEF4E9116EDF2177DFD702
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
Signing time: Tue 05 Aug 2025 20:01:35 +0000
ROA not before: Tue 05 Aug 2025 20:01:35 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:e6:03:10:1a:39:f0:d2:98:be:f4:e9:11:6e:df:21:77:df:d7:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:01:35 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=4c5444e8fbce29eba6fa776320ca71136833d9755d102a978be9011ca90f096d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:44:10:2b:f3:36:54:25:c3:22:89:2b:45:01:
e1:3b:82:25:c3:fc:27:33:7d:94:2c:58:34:b6:a9:
f6:e1:90:e0:4c:d0:0e:d0:05:c5:8c:1e:81:93:7b:
d5:26:fd:64:7e:9f:3b:f1:46:ad:67:8f:82:9e:3e:
c2:e7:af:d1:82:9f:25:11:d3:69:cc:e1:1f:68:88:
6a:be:94:79:bd:53:65:83:37:4b:ab:c6:26:62:c2:
ba:03:11:b3:d6:ce:d7:6d:85:2c:0d:bb:37:f6:1e:
b0:1a:4e:25:ec:b0:5c:ff:33:11:8c:09:59:2f:ba:
4d:2e:ac:00:cc:a3:ac:f1:9a:61:01:e0:83:25:5a:
4c:99:c3:3b:6d:ce:27:23:e5:44:18:0f:8f:d9:44:
62:6d:b0:f9:ac:7b:10:8f:d5:14:a8:5c:1a:40:b8:
d1:c9:9f:9e:b8:a0:56:15:48:9d:72:a8:94:70:cb:
f3:29:53:6b:62:c8:79:6e:8b:bc:8d:d7:74:e0:6a:
a5:85:e0:55:a3:c5:10:0b:24:ea:00:8a:93:9e:ea:
f1:48:f0:07:5f:a3:9a:7b:82:8d:89:50:e9:56:53:
62:d6:20:62:8f:88:93:c9:3d:e1:4a:18:c6:5f:22:
28:75:f7:2a:92:a0:75:ea:a5:1f:51:bf:ab:74:ab:
89:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:22:55:BA:64:C1:E6:CA:7A:39:B3:D8:D1:53:24:3C:08:BD:DE:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:9000::/40
Signature Algorithm: sha256WithRSAEncryption
98:df:4c:28:1c:d9:fd:d4:4f:dc:54:d5:b9:77:7d:b8:f5:7d:
34:27:1b:36:9f:08:88:12:8b:24:a8:98:60:4d:84:2a:a5:39:
a6:78:6d:bf:1a:f8:76:90:7e:3d:4a:42:c2:37:87:14:8d:39:
25:11:80:94:38:d5:7a:68:b6:22:14:4c:66:a7:09:53:d8:90:
69:90:55:d2:f1:a5:ed:59:8d:37:67:5b:71:9c:90:9a:6c:f6:
11:e9:85:87:6a:26:d6:1a:46:62:ac:4c:15:7e:be:ed:b6:45:
ad:bb:07:0a:33:9a:8c:46:ed:9e:b3:a0:34:f2:8a:7f:09:67:
69:ef:56:41:09:1e:69:47:3d:f9:7f:63:bd:05:25:02:12:77:
cf:03:e7:cc:f4:be:cd:10:b6:e9:a0:c2:c9:23:84:e8:19:b5:
66:a1:6f:db:9f:31:78:8d:af:3d:76:0e:c3:17:df:86:64:b2:
8c:2b:0d:d9:bc:a4:85:d9:2b:00:59:3a:2d:4d:47:73:0f:b9:
fb:53:18:44:34:4f:8d:84:49:19:22:7c:0c:c5:a8:44:6e:d2:
3b:e2:d2:a4:38:e4:18:b1:9b:26:06:0e:4e:5c:bd:f3:cb:d2:
0f:19:da:02:7d:a2:f7:5f:b3:92:9d:97:e0:c8:68:50:7c:64:
ba:3c:cb:23
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMeYDEBo58NKYvvTpEW7fIXff1wIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAxMzVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjNTQ0NGU4ZmJjZTI5ZWJhNmZhNzc2MzIwY2E3MTEzNjgzM2Q5NzU1ZDEw
MmE5NzhiZTkwMTFjYTkwZjA5NmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBEECvzNlQlwyKJK0UB4TuCJcP8JzN9lCxYNLap9uGQ4EzQDtAFxYwegZN7
1Sb9ZH6fO/FGrWePgp4+wuev0YKfJRHTaczhH2iIar6Ueb1TZYM3S6vGJmLCugMR
s9bO122FLA27N/YesBpOJeywXP8zEYwJWS+6TS6sAMyjrPGaYQHggyVaTJnDO23O
JyPlRBgPj9lEYm2w+ax7EI/VFKhcGkC40cmfnrigVhVInXKolHDL8ylTa2LIeW6L
vI3XdOBqpYXgVaPFEAsk6gCKk57q8UjwB1+jmnuCjYlQ6VZTYtYgYo+Ik8k94UoY
xl8iKHX3KpKgdeqlH1G/q3Srib0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSSIlW6
ZMHmyno5s9jRUyQ8CL3ePzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM5ZDhiMDgtZjgyYi00YTJhLTg0MWMtMmZhZjdhMzMxZmZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCY30woHNn91E/cVNW5d3249X00Jxs2nwiIEosk
qJhgTYQqpTmmeG2/Gvh2kH49SkLCN4cUjTklEYCUONV6aLYiFExmpwlT2JBpkFXS
8aXtWY03Z1txnJCabPYR6YWHaibWGkZirEwVfr7ttkWtuwcKM5qMRu2es6A08op/
CWdp71ZBCR5pRz35f2O9BSUCEnfPA+fM9L7NELbpoMLJI4ToGbVmoW/bnzF4ja89
dg7DF9+GZLKMKw3ZvKSF2SsAWTotTUdzD7n7UxhENE+NhEkZInwMxahEbtI74tKk
OOQYsZsmBg5OXL3zy9IPGdoCfaL3X7OSnZfgyGhQfGS6PMsj
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:43 2025 by rpki-client