Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75900e8f-9582-4f56-8b92-09a50d5110f8.roa
File: 75900e8f-9582-4f56-8b92-09a50d5110f8.roa (raw, json)
Hash identifier: 7Kas6QCon9hNYLOok3qUGgyG4PmdTpKCaLZDHVWsnuI=
Subject key identifier: 3A:03:54:DC:74:5C:AE:D7:18:7A:60:7F:60:89:E6:29:0B:B5:1C:45
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 62DFB52B4E24A5B438C53F5629C5CC47F122BA89
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75900e8f-9582-4f56-8b92-09a50d5110f8.roa
Signing time: Fri 15 Aug 2025 15:50:48 +0000
ROA not before: Fri 15 Aug 2025 15:50:48 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:df:b5:2b:4e:24:a5:b4:38:c5:3f:56:29:c5:cc:47:f1:22:ba:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:50:48 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=473f2c086d18d74ef60894b3303ca72a94023c2d4c80165f46fbc4842e93f1c1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:28:9e:13:69:35:69:6f:15:17:58:0a:5f:03:
27:23:56:94:8c:22:69:b6:1f:b8:01:82:75:f7:e8:
db:92:e6:30:0b:4d:98:b6:f4:72:4b:55:91:57:05:
8c:91:6c:4c:16:6f:12:a6:3d:f2:40:1e:52:78:65:
c8:3d:37:22:7e:88:55:ff:e7:21:7e:ca:93:8c:a4:
26:29:4e:04:36:62:37:68:f3:e3:0b:cb:3f:5d:9a:
62:88:92:95:8f:f9:0b:b4:f9:b9:89:4c:5e:ec:2f:
8e:0e:02:d7:4c:63:7b:0b:b9:3f:4f:a9:8d:3e:1d:
a8:aa:eb:a6:a8:d3:9c:a8:f2:23:07:b1:0f:3f:a9:
6a:be:66:b4:09:7b:13:42:ed:6f:23:7c:4e:bf:34:
f4:a2:57:34:18:d7:43:78:c9:49:a4:45:a5:5b:de:
92:c5:73:1c:62:f6:82:a3:eb:70:2e:ef:d5:94:93:
a8:46:30:b4:05:2a:96:39:53:8c:eb:c8:84:f8:64:
8f:52:90:8d:5e:7a:24:83:3e:c9:73:b5:a1:bc:79:
ae:71:68:8c:7e:7d:ba:4c:d7:4d:85:60:e8:55:c3:
37:f4:46:f6:c7:bc:2b:e7:2e:de:f9:97:74:61:25:
4b:9e:b3:1e:08:e0:55:d2:21:13:14:07:a6:3f:6e:
2a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:03:54:DC:74:5C:AE:D7:18:7A:60:7F:60:89:E6:29:0B:B5:1C:45
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75900e8f-9582-4f56-8b92-09a50d5110f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:a000::/40
Signature Algorithm: sha256WithRSAEncryption
7a:7c:f3:da:d9:c9:c2:de:60:ef:01:f6:4e:43:89:92:a9:c4:
2e:4f:6b:52:5b:9a:31:4b:d1:5d:3a:46:12:29:73:d6:89:27:
72:e4:ab:7b:09:8b:bc:6b:40:e7:17:32:e9:0f:b8:b2:b3:2f:
c5:3b:f1:4f:bb:3c:43:36:75:0c:ca:57:15:1a:26:01:ec:17:
4d:37:f8:56:d3:56:1d:fa:a6:4f:92:03:b0:57:4d:f5:b3:68:
eb:7b:cd:c2:1a:e9:a4:7f:d3:3c:ed:6e:0f:c1:a6:27:c9:ab:
85:4f:94:1f:30:70:fa:0e:94:be:74:08:4c:a6:97:bc:f0:49:
95:24:47:11:c1:c0:f2:fd:02:10:58:cf:67:f0:e2:2c:33:e2:
79:68:4b:ae:7e:ab:03:96:70:ae:9e:c8:bc:b9:81:54:a2:7b:
0b:6f:bc:31:11:60:00:e6:3e:5a:46:18:ad:bc:ee:77:50:be:
22:42:e8:58:b5:ab:6c:cc:2b:e5:cd:98:11:dd:95:ad:36:64:
60:6e:63:9b:16:13:68:2b:32:e7:f4:72:e0:17:b6:47:6c:c2:
5e:1a:c3:09:43:c2:dd:20:31:05:6e:b1:60:49:94:8a:e6:87:
c5:15:6b:4f:30:a4:7c:32:f2:64:3f:64:30:36:dc:3e:52:b9:
9a:ce:49:2f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYt+1K04kpbQ4xT9WKcXMR/EiuokwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTUwNDhaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3M2YyYzA4NmQxOGQ3NGVmNjA4OTRiMzMwM2NhNzJhOTQwMjNjMmQ0Yzgw
MTY1ZjQ2ZmJjNDg0MmU5M2YxYzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsonhNpNWlvFRdYCl8DJyNWlIwiabYfuAGCdffo25LmMAtNmLb0cktVkVcF
jJFsTBZvEqY98kAeUnhlyD03In6IVf/nIX7Kk4ykJilOBDZiN2jz4wvLP12aYoiS
lY/5C7T5uYlMXuwvjg4C10xjewu5P0+pjT4dqKrrpqjTnKjyIwexDz+par5mtAl7
E0LtbyN8Tr809KJXNBjXQ3jJSaRFpVveksVzHGL2gqPrcC7v1ZSTqEYwtAUqljlT
jOvIhPhkj1KQjV56JIM+yXO1obx5rnFojH59ukzXTYVg6FXDN/RG9se8K+cu3vmX
dGElS56zHgjgVdIhExQHpj9uKrcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ6A1Tc
dFyu1xh6YH9gieYpC7UcRTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzU5MDBlOGYtOTU4Mi00ZjU2LThiOTItMDlhNTBkNTExMGY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HOg
MA0GCSqGSIb3DQEBCwUAA4IBAQB6fPPa2cnC3mDvAfZOQ4mSqcQuT2tSW5oxS9Fd
OkYSKXPWiSdy5Kt7CYu8a0DnFzLpD7iysy/FO/FPuzxDNnUMylcVGiYB7BdNN/hW
01Yd+qZPkgOwV031s2jre83CGumkf9M87W4PwaYnyauFT5QfMHD6DpS+dAhMppe8
8EmVJEcRwcDy/QIQWM9n8OIsM+J5aEuufqsDlnCunsi8uYFUonsLb7wxEWAA5j5a
RhitvO53UL4iQuhYtatszCvlzZgR3ZWtNmRgbmObFhNoKzLn9HLgF7ZHbMJeGsMJ
Q8LdIDEFbrFgSZSK5ofFFWtPMKR8MvJkP2QwNtw+Urmazkkv
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:30 2025 by rpki-client