Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
File: 575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa (raw, json)
Hash identifier: PsIxs47cDbmKf9EXUVtouCTk+ZDFvaXB2q8EZxXEpLI=
Subject key identifier: 3E:93:2E:2B:E9:54:E0:CE:2D:A0:AC:06:36:9B:DD:68:4D:03:63:D9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7EB198986211D4F9863FFB04F1621DEB736E1018
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
Signing time: Tue 05 Aug 2025 19:40:19 +0000
ROA not before: Tue 05 Aug 2025 19:40:19 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:b1:98:98:62:11:d4:f9:86:3f:fb:04:f1:62:1d:eb:73:6e:10:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:40:19 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=679929cae48bb69f8e7dc3524fb39d237d435a4faeb3d347256b98ac8d3bd65d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e5:e0:15:86:8e:04:7c:76:a5:29:16:6d:5e:
0c:37:9d:2f:37:73:29:82:2f:f2:e2:b9:95:f7:2a:
bc:91:1b:47:10:ee:39:74:6a:46:ff:3a:a5:a0:19:
95:17:1a:cb:01:c3:8a:95:e5:2c:dd:c8:4a:7a:f7:
e2:dd:f5:5c:1c:10:dd:69:ae:b6:ab:01:38:33:86:
23:49:33:a5:ae:6b:a9:31:ba:57:fc:02:c5:e7:ae:
20:73:2e:d9:b4:18:56:14:40:bd:b0:06:1f:5d:43:
ea:33:1b:0f:dc:c9:55:7c:75:02:c4:64:71:51:43:
7d:15:d6:81:f9:1c:12:d6:5e:7f:6a:b2:c1:98:d7:
18:8b:7a:67:b5:4c:ae:75:2d:c1:2a:91:57:d6:7f:
1a:bb:7e:13:74:fd:78:a3:1d:58:50:6b:b4:bd:a0:
5d:c8:88:22:e3:f2:7d:3a:a5:72:7c:4a:89:ac:00:
56:79:f9:3b:c6:61:48:56:f1:76:df:96:c7:b0:f1:
88:5d:b5:66:35:7d:f2:fe:7b:b2:26:bf:6d:41:64:
ca:bd:a4:1f:00:e3:22:04:db:47:cc:43:44:14:82:
38:fb:87:62:e1:86:54:65:1e:a3:15:96:7b:82:0a:
35:20:eb:22:16:5e:59:2e:5a:4a:1f:4e:c0:71:86:
fa:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:93:2E:2B:E9:54:E0:CE:2D:A0:AC:06:36:9B:DD:68:4D:03:63:D9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:4000::/40
Signature Algorithm: sha256WithRSAEncryption
20:91:85:b0:f4:f1:80:00:fe:9c:03:61:a9:7b:d1:26:71:66:
f6:b9:4c:6e:b6:6a:68:cf:7a:62:66:c8:cb:7f:45:44:69:ad:
fc:b3:55:68:b8:52:a2:1f:24:b2:e2:90:01:c1:ad:f7:2b:40:
9a:6f:91:ee:ec:79:03:60:29:31:14:c1:61:98:c8:04:2e:59:
d9:3b:de:4a:55:ef:f4:b0:02:a0:4a:5c:26:f7:de:85:ee:af:
67:43:41:ae:05:91:29:9d:74:b0:d4:6c:12:29:3b:86:9d:e8:
20:c4:cf:02:e5:47:d5:18:10:cb:80:df:1b:50:13:5d:3f:01:
17:70:3b:fd:a8:b3:9e:93:7e:84:5d:87:5b:e7:73:7c:52:a3:
b3:b1:5d:87:1f:5c:17:bf:7f:9f:27:ab:f1:33:da:4d:c1:96:
e8:7b:1b:74:4c:24:b1:e2:39:b2:66:67:ed:65:39:40:e7:eb:
d6:46:44:c7:19:01:6c:e1:36:38:41:b8:2d:be:37:04:d5:0d:
5b:d5:f2:51:55:2a:7f:31:63:3f:84:0f:38:ac:1e:7a:25:57:
f1:91:b1:be:e8:fe:61:b7:15:1a:ca:4f:fa:9f:94:97:a6:66:
56:4d:24:ac:c8:20:ae:25:c2:1f:d3:d8:4d:cc:90:65:0b:00:
56:a5:77:6f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfrGYmGIR1PmGP/sE8WId63NuEBgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQwMTlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3OTkyOWNhZTQ4YmI2OWY4ZTdkYzM1MjRmYjM5ZDIzN2Q0MzVhNGZhZWIz
ZDM0NzI1NmI5OGFjOGQzYmQ2NWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJPl4BWGjgR8dqUpFm1eDDedLzdzKYIv8uK5lfcqvJEbRxDuOXRqRv86paAZ
lRcaywHDipXlLN3ISnr34t31XBwQ3WmutqsBODOGI0kzpa5rqTG6V/wCxeeuIHMu
2bQYVhRAvbAGH11D6jMbD9zJVXx1AsRkcVFDfRXWgfkcEtZef2qywZjXGIt6Z7VM
rnUtwSqRV9Z/Grt+E3T9eKMdWFBrtL2gXciIIuPyfTqlcnxKiawAVnn5O8ZhSFbx
dt+Wx7DxiF21ZjV98v57sia/bUFkyr2kHwDjIgTbR8xDRBSCOPuHYuGGVGUeoxWW
e4IKNSDrIhZeWS5aSh9OwHGG+g8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ+ky4r
6VTgzi2grAY2m91oTQNj2TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTc1ZTMwYzgtMmVhNS00ZTk3LTg3MmItNmFmMGIzZTgzMThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZA
MA0GCSqGSIb3DQEBCwUAA4IBAQAgkYWw9PGAAP6cA2Gpe9EmcWb2uUxutmpoz3pi
ZsjLf0VEaa38s1VouFKiHySy4pABwa33K0Cab5Hu7HkDYCkxFMFhmMgELlnZO95K
Ve/0sAKgSlwm996F7q9nQ0GuBZEpnXSw1GwSKTuGneggxM8C5UfVGBDLgN8bUBNd
PwEXcDv9qLOek36EXYdb53N8UqOzsV2HH1wXv3+fJ6vxM9pNwZboext0TCSx4jmy
ZmftZTlA5+vWRkTHGQFs4TY4QbgtvjcE1Q1b1fJRVSp/MWM/hA84rB56JVfxkbG+
6P5htxUayk/6n5SXpmZWTSSsyCCuJcIf09hNzJBlCwBWpXdv
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:35:23 2025 by rpki-client