Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5bbe6e-da67-4af0-af12-c86f93a16721.roa
File: 7d5bbe6e-da67-4af0-af12-c86f93a16721.roa (raw, json)
Hash identifier: mgNZY4u5eKBlwVGezjY/MzFhNUxRWci2jZ6i0cmP86o=
Subject key identifier: 97:F4:23:7D:D8:4E:54:8B:29:93:C4:F1:C2:EA:8A:6F:93:8C:A8:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74D23179E6CE60013E3F9461391D10D74B6FBAEE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5bbe6e-da67-4af0-af12-c86f93a16721.roa
Signing time: Mon 01 Sep 2025 21:00:11 +0000
ROA not before: Mon 01 Sep 2025 21:00:11 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:d2:31:79:e6:ce:60:01:3e:3f:94:61:39:1d:10:d7:4b:6f:ba:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:00:11 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=43cbba27b805622e6a9e4e1d671c806ac0023f170be75ea87ed45f0aceed3b9f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7e:65:6c:00:dc:36:d0:6b:38:16:80:a3:6a:
03:f3:0d:bd:23:46:06:ce:7c:e9:6b:1d:f3:d9:03:
b1:00:52:1e:50:48:9f:c4:d2:9e:cc:df:ae:b8:47:
bc:ed:35:fb:7f:62:ac:4e:a0:70:58:93:62:ab:a6:
9f:73:e1:14:6e:bd:0c:27:dd:d7:dd:57:64:2b:21:
b6:5c:6f:fa:30:fc:1e:00:5c:97:8e:ea:43:77:8b:
8a:41:9e:34:b2:10:42:8d:ce:e5:bf:4e:e2:91:59:
32:e3:80:40:35:c0:63:88:da:54:3e:a7:8e:a2:9c:
9a:03:b6:8c:10:a5:ef:0e:64:e6:25:77:d4:0b:3d:
77:e5:55:33:7d:30:0b:1e:e0:f1:74:69:1b:db:09:
59:34:0b:25:4c:b8:97:02:f2:24:29:82:61:2d:df:
9e:34:2d:e8:bb:7d:25:ea:5b:8d:67:88:ed:45:0e:
f8:c6:74:9e:e1:ee:31:35:14:20:41:99:50:cb:43:
cf:29:a1:67:fc:2a:57:10:e0:eb:d6:e9:c6:bc:57:
fd:5a:ed:6a:bd:38:be:ca:d6:0e:f1:c0:81:b1:bf:
82:a2:18:27:ba:16:30:0e:c6:b6:b7:9f:a0:e8:b9:
ba:1c:1e:6e:58:f1:6c:85:40:31:fe:ad:e9:ec:2c:
03:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F4:23:7D:D8:4E:54:8B:29:93:C4:F1:C2:EA:8A:6F:93:8C:A8:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5bbe6e-da67-4af0-af12-c86f93a16721.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:6000::/40
Signature Algorithm: sha256WithRSAEncryption
bb:cb:5a:4e:05:d6:4e:4e:a0:39:1d:c6:f5:b0:f4:5d:32:46:
f8:f4:90:4b:c8:b0:9f:46:d3:d1:3f:f0:5a:0f:8d:38:89:dc:
f1:52:2d:23:26:ab:f1:c1:18:e8:c8:80:b5:6c:03:c5:83:ff:
7d:ce:fb:6e:c3:25:da:43:61:ec:4d:f3:b3:23:d8:12:d0:23:
46:22:4d:13:34:d6:77:05:dc:0d:0b:15:76:7e:15:91:5d:e3:
2e:62:8a:7b:36:41:83:a7:7c:21:b9:78:e2:b6:f2:fc:2a:c7:
98:68:f8:c5:cb:54:6c:91:3e:61:aa:43:f9:58:bf:44:be:1b:
72:2b:a2:bf:7c:69:30:be:b4:3b:5f:c6:4f:ee:db:f9:3c:1f:
9b:0f:cf:97:4a:fb:80:56:7f:be:af:85:1c:2d:8b:fc:61:58:
6c:94:01:69:0f:f6:b0:75:66:2f:d2:86:89:4e:fe:d8:69:3e:
b3:f1:31:07:ff:ed:81:9c:67:df:20:de:2d:d7:24:2e:d1:33:
a7:9d:a9:40:8d:8a:eb:78:20:a8:bc:d1:74:68:55:fb:59:04:
a4:c5:61:3c:78:62:63:ad:25:f4:0a:84:01:50:98:f9:19:43:
b5:65:f0:32:be:6e:df:c7:24:9e:28:7f:3e:60:0f:ff:6f:f3:
64:dd:e5:41
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdNIxeebOYAE+P5RhOR0Q10tvuu4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAwMTFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzY2JiYTI3YjgwNTYyMmU2YTllNGUxZDY3MWM4MDZhYzAwMjNmMTcwYmU3
NWVhODdlZDQ1ZjBhY2VlZDNiOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALd+ZWwA3DbQazgWgKNqA/MNvSNGBs586Wsd89kDsQBSHlBIn8TSnszfrrhH
vO01+39irE6gcFiTYqumn3PhFG69DCfd191XZCshtlxv+jD8HgBcl47qQ3eLikGe
NLIQQo3O5b9O4pFZMuOAQDXAY4jaVD6njqKcmgO2jBCl7w5k5iV31As9d+VVM30w
Cx7g8XRpG9sJWTQLJUy4lwLyJCmCYS3fnjQt6Lt9JepbjWeI7UUO+MZ0nuHuMTUU
IEGZUMtDzymhZ/wqVxDg69bpxrxX/Vrtar04vsrWDvHAgbG/gqIYJ7oWMA7Gtref
oOi5uhwebljxbIVAMf6t6ewsA20CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSX9CN9
2E5UiymTxPHC6opvk4yocTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2Q1YmJlNmUtZGE2Ny00YWYwLWFmMTItYzg2ZjkzYTE2NzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9g
MA0GCSqGSIb3DQEBCwUAA4IBAQC7y1pOBdZOTqA5Hcb1sPRdMkb49JBLyLCfRtPR
P/BaD404idzxUi0jJqvxwRjoyIC1bAPFg/99zvtuwyXaQ2HsTfOzI9gS0CNGIk0T
NNZ3BdwNCxV2fhWRXeMuYop7NkGDp3whuXjitvL8KseYaPjFy1RskT5hqkP5WL9E
vhtyK6K/fGkwvrQ7X8ZP7tv5PB+bD8+XSvuAVn++r4UcLYv8YVhslAFpD/awdWYv
0oaJTv7YaT6z8TEH/+2BnGffIN4t1yQu0TOnnalAjYrreCCovNF0aFX7WQSkxWE8
eGJjrSX0CoQBUJj5GUO1ZfAyvm7fxySeKH8+YA//b/Nk3eVB
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:08 2025 by rpki-client