Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
File: 41abc6c7-a6fb-4666-b503-a8a0784797a1.roa (raw, json)
Hash identifier: w8nRRHa06+SExwJYwz8SoDDXMVUpc3MnB+Xbpr683ng=
Subject key identifier: 74:71:EC:EB:DB:71:4B:2D:C0:3D:8A:28:D5:66:C2:31:01:42:4C:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59F7F4B9294223478A77B9DEFEA4C5FDE37EF9C0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
Signing time: Tue 05 Aug 2025 19:21:15 +0000
ROA not before: Tue 05 Aug 2025 19:21:15 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:f7:f4:b9:29:42:23:47:8a:77:b9:de:fe:a4:c5:fd:e3:7e:f9:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:21:15 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=dd42cf8828f29b9559424bd743a6ea876e22a137c01cb06dd3d5b1e010f9114e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:62:49:d9:11:92:28:89:24:e4:0c:81:c9:42:
15:81:d6:dd:88:5a:dd:33:e1:df:02:f1:8c:ed:1e:
1f:19:03:4c:33:7c:93:68:e9:c0:d5:9d:19:2e:90:
df:c6:c8:3c:83:ef:8f:c1:ad:fb:14:ff:e5:80:6d:
9b:87:ed:43:cb:85:a2:8f:5e:9d:fa:e3:9a:26:eb:
a7:75:49:3a:85:a9:10:af:6a:d0:aa:52:17:97:43:
df:7c:00:87:8c:e9:09:9f:98:ff:39:d9:22:b7:bc:
4f:57:be:86:15:62:01:94:45:f0:21:9e:77:68:9d:
88:02:af:46:c9:f3:7c:c1:6f:a8:a7:00:b8:7a:fe:
d7:d8:84:d1:3d:a2:9a:41:e0:d2:64:87:69:e7:9a:
95:21:ff:ec:0f:4c:eb:31:ea:37:08:03:53:1f:03:
7a:d7:fb:42:81:b7:86:4c:25:e6:b6:ab:cf:62:c0:
81:c6:e0:a7:ac:3d:84:fb:23:ed:67:c1:15:5a:81:
7b:81:bf:23:63:ce:5d:97:d5:20:e8:d8:37:86:a5:
ed:80:90:fa:77:9b:42:c3:02:d3:a0:bd:8c:d6:e7:
83:16:1d:9b:20:3e:de:91:b8:3c:b9:db:75:47:fe:
49:16:9b:84:8c:33:c0:46:82:34:76:ea:9b:c2:87:
da:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:71:EC:EB:DB:71:4B:2D:C0:3D:8A:28:D5:66:C2:31:01:42:4C:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8000::/40
Signature Algorithm: sha256WithRSAEncryption
8c:d5:59:34:da:9d:b2:92:20:d1:fe:88:b8:ca:34:af:76:dc:
48:bd:7c:58:8f:47:67:27:6f:07:83:e3:ff:60:d9:3c:13:c2:
26:f0:9f:20:79:37:d7:0f:e3:07:c5:98:78:2e:2b:ed:55:26:
34:b8:50:fe:4e:6a:01:48:1e:9d:e3:9a:2f:87:e8:84:5f:0c:
da:2f:c6:73:ff:4a:bc:e6:f7:0e:b7:9e:f6:a7:82:fc:52:6a:
62:c3:e5:92:34:b2:91:34:d0:5d:16:18:2d:96:50:95:d5:9f:
92:6f:cd:bc:15:65:9e:50:2e:09:82:39:92:87:70:69:7e:16:
81:28:51:a5:58:a8:64:0c:3a:79:10:4b:c7:50:e1:7b:d9:0a:
77:5d:c2:87:50:8e:6e:da:9d:a5:39:7e:80:5d:22:1f:98:8c:
1d:4b:5e:ca:85:a2:87:6f:5d:ad:8b:b9:3c:9f:f5:ea:53:9d:
0c:fc:0a:39:75:aa:13:b4:12:00:c0:80:ce:ad:c3:06:99:e5:
f5:0e:d0:a6:66:e2:a2:d5:e4:63:44:00:9a:f2:b0:98:b4:37:
5c:2d:61:60:bc:89:15:b8:1d:bf:e5:ce:3e:dc:e1:f3:a7:25:
2f:49:4f:43:47:73:72:b2:cf:65:d0:41:0a:3e:16:be:54:79:
7d:fd:17:2a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWff0uSlCI0eKd7ne/qTF/eN++cAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIxMTVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkNDJjZjg4MjhmMjliOTU1OTQyNGJkNzQzYTZlYTg3NmUyMmExMzdjMDFj
YjA2ZGQzZDViMWUwMTBmOTExNGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOViSdkRkiiJJOQMgclCFYHW3Yha3TPh3wLxjO0eHxkDTDN8k2jpwNWdGS6Q
38bIPIPvj8Gt+xT/5YBtm4ftQ8uFoo9enfrjmibrp3VJOoWpEK9q0KpSF5dD33wA
h4zpCZ+Y/znZIre8T1e+hhViAZRF8CGed2idiAKvRsnzfMFvqKcAuHr+19iE0T2i
mkHg0mSHaeealSH/7A9M6zHqNwgDUx8Detf7QoG3hkwl5rarz2LAgcbgp6w9hPsj
7WfBFVqBe4G/I2POXZfVIOjYN4al7YCQ+nebQsMC06C9jNbngxYdmyA+3pG4PLnb
dUf+SRabhIwzwEaCNHbqm8KH2rMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR0cezr
23FLLcA9iijVZsIxAUJMwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDFhYmM2YzctYTZmYi00NjY2LWI1MDMtYThhMDc4NDc5N2ExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACA
MA0GCSqGSIb3DQEBCwUAA4IBAQCM1Vk02p2ykiDR/oi4yjSvdtxIvXxYj0dnJ28H
g+P/YNk8E8Im8J8geTfXD+MHxZh4LivtVSY0uFD+TmoBSB6d45ovh+iEXwzaL8Zz
/0q85vcOt572p4L8Umpiw+WSNLKRNNBdFhgtllCV1Z+Sb828FWWeUC4JgjmSh3Bp
fhaBKFGlWKhkDDp5EEvHUOF72Qp3XcKHUI5u2p2lOX6AXSIfmIwdS17KhaKHb12t
i7k8n/XqU50M/Ao5daoTtBIAwIDOrcMGmeX1DtCmZuKi1eRjRACa8rCYtDdcLWFg
vIkVuB2/5c4+3OHzpyUvSU9DR3Nyss9l0EEKPha+VHl9/Rcq
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:13 2025 by rpki-client