Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/207860c2-8f39-42e7-9631-e06b6a545c7d.roa
File: 207860c2-8f39-42e7-9631-e06b6a545c7d.roa (raw, json)
Hash identifier: Hcpmtlaj6xyI3pauI8P7EWBIXTtmhuSk7uN+OHTmOHg=
Subject key identifier: 75:EB:7B:61:4B:F6:0B:2A:36:EE:28:7B:16:DA:E1:74:95:E5:F2:10
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14E34753CC4F2057A4EC472BAA57EF23DF857DC6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/207860c2-8f39-42e7-9631-e06b6a545c7d.roa
Signing time: Tue 05 Aug 2025 19:00:16 +0000
ROA not before: Tue 05 Aug 2025 19:00:16 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:e3:47:53:cc:4f:20:57:a4:ec:47:2b:aa:57:ef:23:df:85:7d:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:00:16 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=36a9d70a647c8b720959938badcb6a493cd2ec83366f39f86b60649b2f5962f3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f8:b3:91:d8:11:53:dd:82:db:49:73:2a:88:
e9:a6:da:3d:06:f3:7a:9a:92:63:80:bb:c4:8d:db:
e4:74:89:91:d0:90:94:e0:9e:f5:39:11:69:78:50:
86:3c:6c:2b:b2:ae:65:74:b3:78:be:40:52:8c:42:
d7:51:d9:07:2d:05:35:82:46:3a:2b:53:dc:d8:f5:
24:90:25:eb:a6:55:a9:e3:38:6f:50:db:b8:44:ac:
af:e6:6c:2d:40:97:53:ae:8f:90:bb:ec:b6:c6:a7:
75:b7:fe:87:72:65:16:c1:75:66:55:05:a5:11:06:
fc:5b:05:11:f7:c2:05:d5:f1:94:5c:b0:b2:b4:b2:
cc:89:61:a4:61:37:23:d8:60:a8:bc:20:58:67:1d:
f2:04:04:6d:c4:ef:22:2a:2f:e9:48:65:af:5f:c3:
ca:f0:44:dc:eb:81:3c:b1:5f:6d:84:74:fd:ec:39:
11:c3:46:e9:74:b6:8e:ba:3a:00:43:b5:df:78:a1:
36:c0:4b:a9:89:cd:30:bb:7c:d1:44:93:a0:59:e3:
3e:85:24:16:00:70:a8:0d:6a:ea:9f:86:e6:e7:30:
e3:a4:7f:26:81:46:67:a6:3c:80:0e:09:1f:8e:3f:
ff:90:4e:be:71:de:f6:e3:4b:a0:38:fc:35:a9:84:
1f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:EB:7B:61:4B:F6:0B:2A:36:EE:28:7B:16:DA:E1:74:95:E5:F2:10
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/207860c2-8f39-42e7-9631-e06b6a545c7d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
81:53:7c:b4:bd:dd:34:86:53:8a:51:3d:0a:de:27:5a:5d:8b:
4f:e7:5e:37:f8:14:a7:5f:d8:d3:34:7a:4f:86:34:85:70:b1:
68:75:b3:7f:92:f8:e7:ed:42:ab:8e:c1:4b:f7:b3:2a:52:e7:
91:29:af:ba:4c:ef:c4:21:22:79:85:77:a8:f3:87:80:b8:c3:
4d:67:61:e4:8d:df:b5:38:78:7c:6f:7c:ed:53:2e:0c:ec:19:
3c:c5:3e:9f:49:5b:4f:fe:9f:70:7a:b5:de:06:54:fa:69:af:
e9:2f:c6:4f:83:c9:8a:66:d5:18:9a:2b:6f:cd:71:02:5e:bc:
2b:9d:6f:85:18:17:a6:ce:fd:65:e2:13:27:f3:dd:c1:6e:86:
a1:2d:35:63:7c:fe:9d:fb:31:9e:b2:ed:ce:00:a5:4c:5d:63:
7e:52:1b:04:13:f3:68:15:d1:62:2f:44:a4:8c:f7:3e:ac:fa:
05:f2:f9:b2:eb:af:80:b0:fd:bf:d4:68:72:92:47:4f:0b:e4:
4e:a0:6a:34:9a:bd:80:11:b0:0c:96:88:05:41:47:03:aa:39:
8a:e8:fb:aa:bd:08:82:7d:59:25:67:da:84:16:f5:6e:53:1f:
8d:d2:d2:11:34:3c:83:37:08:1c:72:00:6f:8c:60:9d:3d:22:
36:86:e6:cf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFONHU8xPIFek7EcrqlfvI9+FfcYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAwMTZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2YTlkNzBhNjQ3YzhiNzIwOTU5OTM4YmFkY2I2YTQ5M2NkMmVjODMzNjZm
MzlmODZiNjA2NDliMmY1OTYyZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN34s5HYEVPdgttJcyqI6abaPQbzepqSY4C7xI3b5HSJkdCQlOCe9TkRaXhQ
hjxsK7KuZXSzeL5AUoxC11HZBy0FNYJGOitT3Nj1JJAl66ZVqeM4b1DbuESsr+Zs
LUCXU66PkLvstsandbf+h3JlFsF1ZlUFpREG/FsFEffCBdXxlFywsrSyzIlhpGE3
I9hgqLwgWGcd8gQEbcTvIiov6Uhlr1/DyvBE3OuBPLFfbYR0/ew5EcNG6XS2jro6
AEO133ihNsBLqYnNMLt80USToFnjPoUkFgBwqA1q6p+G5ucw46R/JoFGZ6Y8gA4J
H44//5BOvnHe9uNLoDj8NamEH4UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR163th
S/YLKjbuKHsW2uF0leXyEDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjA3ODYwYzItOGYzOS00MmU3LTk2MzEtZTA2YjZhNTQ1YzdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFg
wDANBgkqhkiG9w0BAQsFAAOCAQEAgVN8tL3dNIZTilE9Ct4nWl2LT+deN/gUp1/Y
0zR6T4Y0hXCxaHWzf5L45+1Cq47BS/ezKlLnkSmvukzvxCEieYV3qPOHgLjDTWdh
5I3ftTh4fG987VMuDOwZPMU+n0lbT/6fcHq13gZU+mmv6S/GT4PJimbVGJorb81x
Al68K51vhRgXps79ZeITJ/PdwW6GoS01Y3z+nfsxnrLtzgClTF1jflIbBBPzaBXR
Yi9EpIz3Pqz6BfL5suuvgLD9v9RocpJHTwvkTqBqNJq9gBGwDJaIBUFHA6o5iuj7
qr0Ign1ZJWfahBb1blMfjdLSETQ8gzcIHHIAb4xgnT0iNobmzw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:48:21 2025 by rpki-client