Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
File: 68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa (raw, json)
Hash identifier: zEd8kAGg3c1PsbofeCOMH0Tt4abL5SUkXL00J/hjg0k=
Subject key identifier: 68:CF:E9:9E:4A:ED:0D:91:AF:0F:72:E6:F8:56:18:9B:53:7F:CB:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7356E9B3C406E700248CAE78A2880F11761678A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
Signing time: Tue 05 Aug 2025 19:40:08 +0000
ROA not before: Tue 05 Aug 2025 19:40:08 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:56:e9:b3:c4:06:e7:00:24:8c:ae:78:a2:88:0f:11:76:16:78:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:40:08 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=f1154613cc8c40a875eae4226e07484b8e93348299ac1651f4eb5197693cc667, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2b:66:d2:a2:ae:6c:c1:09:bc:69:2b:49:a0:
1c:3e:54:d0:dc:54:e1:81:49:57:4f:a1:aa:3f:67:
87:17:c6:64:ad:04:ec:ae:48:2e:9a:78:aa:a5:29:
24:21:2f:6a:5f:83:80:17:db:ed:a9:f9:32:1c:4a:
f7:b9:85:15:a4:56:d9:3e:43:e5:cf:98:0c:ec:1f:
19:e3:d4:c7:37:27:be:95:cb:34:d0:18:b6:11:95:
e7:75:83:41:66:6e:7d:b6:ca:7d:84:e9:72:e1:92:
c9:99:b9:38:95:ee:f3:62:d4:e7:b0:9b:32:49:65:
f8:61:5a:97:f9:58:d2:3e:6b:b9:e0:3a:77:fd:f4:
42:a7:5a:3f:bb:36:33:34:03:21:ae:13:83:2d:f5:
d4:81:c0:fc:d5:bd:bb:0f:47:25:78:64:9b:63:82:
15:82:f2:6d:c2:68:4c:9c:45:16:42:65:bd:ab:ca:
a5:ba:85:a5:7a:5e:51:d7:56:21:d1:6c:50:1f:d8:
68:8d:97:ec:3e:4b:e9:9f:c3:ae:21:df:15:41:1f:
e8:f8:3b:77:2c:99:e8:03:df:59:05:d5:e0:04:44:
da:b2:0f:e1:30:2c:68:ff:b1:3a:a5:ea:12:03:b9:
a1:c8:60:23:6e:69:01:d9:c2:81:6b:ab:56:1b:ac:
9f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:CF:E9:9E:4A:ED:0D:91:AF:0F:72:E6:F8:56:18:9B:53:7F:CB:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:a000::/40
Signature Algorithm: sha256WithRSAEncryption
03:bf:e9:20:19:49:ca:ef:18:e9:39:d4:9b:6c:aa:40:2d:bb:
c4:3d:17:7d:52:1d:d6:4d:93:d7:33:43:05:29:65:27:09:da:
71:35:59:a5:fd:7a:08:7b:47:3e:87:38:32:8a:db:5a:b5:2f:
a3:be:46:71:e6:da:f8:9c:f3:5c:48:ae:b1:71:16:8d:74:e5:
b0:91:99:01:80:5a:92:d9:25:1a:de:b9:e0:78:c9:b0:b0:d8:
01:4e:00:5b:88:28:00:ef:02:d4:9b:6a:98:26:7f:d7:24:0a:
8c:39:50:5d:45:ca:e8:c3:0a:38:03:8f:9c:12:9a:f9:d4:57:
d3:7b:d7:93:0d:54:cf:77:ee:fd:c6:d3:1d:fe:ca:78:f5:61:
62:c3:c6:15:ae:7f:90:b6:90:6b:61:df:da:e9:ea:e0:22:9b:
16:67:6d:16:1a:84:22:1a:95:42:cd:45:b4:2a:5e:cd:91:92:
aa:62:97:3a:80:fa:95:1d:50:9d:a3:6f:e3:29:70:7b:38:17:
44:bd:f0:3d:94:af:d3:79:b7:18:93:42:d4:8e:3b:42:d2:ff:
4f:88:36:cf:98:1c:f5:58:4a:60:56:18:26:a8:48:b8:72:b2:
84:8b:e4:47:26:3c:a5:01:6d:15:5a:6f:d8:7a:74:27:2b:03:
fb:42:70:2f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc1bps8QG5wAkjK54oogPEXYWeKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQwMDhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxMTU0NjEzY2M4YzQwYTg3NWVhZTQyMjZlMDc0ODRiOGU5MzM0ODI5OWFj
MTY1MWY0ZWI1MTk3NjkzY2M2NjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkrZtKirmzBCbxpK0mgHD5U0NxU4YFJV0+hqj9nhxfGZK0E7K5ILpp4qqUp
JCEval+DgBfb7an5MhxK97mFFaRW2T5D5c+YDOwfGePUxzcnvpXLNNAYthGV53WD
QWZufbbKfYTpcuGSyZm5OJXu82LU57CbMkll+GFal/lY0j5rueA6d/30QqdaP7s2
MzQDIa4Tgy311IHA/NW9uw9HJXhkm2OCFYLybcJoTJxFFkJlvavKpbqFpXpeUddW
IdFsUB/YaI2X7D5L6Z/DriHfFUEf6Pg7dyyZ6APfWQXV4ARE2rIP4TAsaP+xOqXq
EgO5ochgI25pAdnCgWurVhusn4sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRoz+me
Su0Nka8Pcub4VhibU3/LZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhkNWQ5MzQtZmVkNi00OWE1LWFlMDMtYTI4YTU4NmU5YzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fig
MA0GCSqGSIb3DQEBCwUAA4IBAQADv+kgGUnK7xjpOdSbbKpALbvEPRd9Uh3WTZPX
M0MFKWUnCdpxNVml/XoIe0c+hzgyittatS+jvkZx5tr4nPNcSK6xcRaNdOWwkZkB
gFqS2SUa3rngeMmwsNgBTgBbiCgA7wLUm2qYJn/XJAqMOVBdRcrowwo4A4+cEpr5
1FfTe9eTDVTPd+79xtMd/sp49WFiw8YVrn+QtpBrYd/a6ergIpsWZ20WGoQiGpVC
zUW0Kl7NkZKqYpc6gPqVHVCdo2/jKXB7OBdEvfA9lK/TebcYk0LUjjtC0v9PiDbP
mBz1WEpgVhgmqEi4crKEi+RHJjylAW0VWm/YenQnKwP7QnAv
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:43 2025 by rpki-client