Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
File: 72c1c04d-5c77-431c-825c-1633fac1964d.roa (raw, json)
Hash identifier: pstSN/qw+kVS0UIYySCOI7b+6A/Qi87KaJNe7w7DO1k=
Subject key identifier: E6:73:6C:11:E1:81:20:BB:CD:9E:3E:4E:A7:1E:5E:EA:1A:D0:DC:10
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4BD042F780BCE90FB84BC0134A479DEA286EC24F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
Signing time: Tue 05 Aug 2025 19:30:23 +0000
ROA not before: Tue 05 Aug 2025 19:30:23 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8030::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:d0:42:f7:80:bc:e9:0f:b8:4b:c0:13:4a:47:9d:ea:28:6e:c2:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:30:23 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=7a734043103b8f6a2451189a727161687a1ec2882b091a41bf16044a1e6a9a5d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8d:c7:0a:d0:6c:1c:00:e0:03:13:26:48:97:
6e:80:fd:e8:43:ee:c9:78:00:1f:79:2b:dd:a3:17:
12:a4:44:12:05:a5:a4:be:e3:17:5d:53:fa:70:b8:
ca:35:a3:30:65:7c:28:e9:e1:df:c6:4a:b2:fa:1e:
c0:9e:69:bf:9b:19:45:4f:38:ba:bf:64:72:11:74:
08:77:a2:a6:12:65:1d:63:1d:e3:cc:81:b6:1c:6b:
28:8c:59:4e:8e:f9:76:4a:4d:1c:11:a3:14:dd:c8:
63:6b:e7:80:6c:dc:cc:74:29:68:81:42:cb:8a:3b:
34:21:e0:7b:f5:8c:5b:3a:79:28:96:70:b5:6b:82:
62:31:26:fc:fc:53:57:cb:ce:70:af:2e:d8:2f:80:
9f:2d:50:9e:41:92:30:08:3f:3d:ce:9c:b0:8e:d0:
1d:d0:d5:ed:a2:5c:18:ca:03:ba:fc:74:a3:ed:ef:
cb:d8:6d:b7:fc:5f:68:6c:08:ed:4a:74:16:2f:b8:
b9:92:69:35:ac:e4:c1:57:8d:35:22:52:01:d1:2c:
4f:2f:30:d4:5d:77:39:c6:41:c8:7a:5f:a3:27:1f:
65:f0:53:d3:2b:31:44:98:f4:f7:e9:94:af:73:45:
1e:91:7c:03:17:99:88:a2:12:89:c7:59:57:2b:61:
00:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:73:6C:11:E1:81:20:BB:CD:9E:3E:4E:A7:1E:5E:EA:1A:D0:DC:10
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72c1c04d-5c77-431c-825c-1633fac1964d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8030::/48
Signature Algorithm: sha256WithRSAEncryption
7b:77:99:59:6d:e8:00:53:ce:77:34:c3:8e:02:1d:1a:5b:60:
ed:cc:4c:f5:21:90:16:21:e2:26:06:ab:0f:b5:df:42:05:1c:
e4:5a:89:c5:6b:e2:93:30:55:70:9e:87:a6:d4:18:41:08:ff:
6f:c1:54:7b:6d:1b:3d:6f:50:fe:e3:53:e2:22:9b:4d:ae:3c:
f8:28:97:b7:16:63:c1:5e:1f:f2:a9:02:73:c2:72:e9:95:17:
2a:9c:0b:b9:07:94:0c:68:15:e2:6d:13:cf:ce:4a:c0:f4:72:
51:09:a8:75:af:34:80:80:03:71:71:41:1d:82:e9:cb:7c:45:
35:14:d6:d7:7d:2a:ba:25:c1:f4:6a:5b:1f:77:7a:16:bc:76:
6f:76:7f:18:c7:d5:2e:79:f1:96:db:8e:f4:fb:dd:35:5e:d2:
b4:ae:49:ef:04:7b:9c:44:ef:0b:f4:5d:a3:f8:af:30:eb:fa:
fd:76:3a:5f:ab:ee:78:89:15:d3:22:fe:56:8a:52:f0:49:3b:
a9:ce:6e:db:9d:bc:da:27:a7:a4:c8:9c:26:fc:5b:88:7f:5c:
1b:c1:03:11:18:60:9b:f4:8d:b5:2d:4e:5e:c5:e6:5a:a0:82:
1e:9c:87:8a:ad:dc:f1:af:c9:f8:67:01:72:e2:52:5c:12:18:
ad:ad:ea:a1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUS9BC94C86Q+4S8ATSked6ihuwk8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMwMjNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhNzM0MDQzMTAzYjhmNmEyNDUxMTg5YTcyNzE2MTY4N2ExZWMyODgyYjA5
MWE0MWJmMTYwNDRhMWU2YTlhNWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWNxwrQbBwA4AMTJkiXboD96EPuyXgAH3kr3aMXEqREEgWlpL7jF11T+nC4
yjWjMGV8KOnh38ZKsvoewJ5pv5sZRU84ur9kchF0CHeiphJlHWMd48yBthxrKIxZ
To75dkpNHBGjFN3IY2vngGzczHQpaIFCy4o7NCHge/WMWzp5KJZwtWuCYjEm/PxT
V8vOcK8u2C+Any1QnkGSMAg/Pc6csI7QHdDV7aJcGMoDuvx0o+3vy9htt/xfaGwI
7Up0Fi+4uZJpNazkwVeNNSJSAdEsTy8w1F13OcZByHpfoycfZfBT0ysxRJj09+mU
r3NFHpF8AxeZiKISicdZVythAPECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTmc2wR
4YEgu82ePk6nHl7qGtDcEDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzJjMWMwNGQtNWM3Ny00MzFjLTgyNWMtMTYzM2ZhYzE5NjRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
MDANBgkqhkiG9w0BAQsFAAOCAQEAe3eZWW3oAFPOdzTDjgIdGltg7cxM9SGQFiHi
JgarD7XfQgUc5FqJxWvikzBVcJ6HptQYQQj/b8FUe20bPW9Q/uNT4iKbTa48+CiX
txZjwV4f8qkCc8Jy6ZUXKpwLuQeUDGgV4m0Tz85KwPRyUQmoda80gIADcXFBHYLp
y3xFNRTW130quiXB9GpbH3d6Frx2b3Z/GMfVLnnxltuO9PvdNV7StK5J7wR7nETv
C/Rdo/ivMOv6/XY6X6vueIkV0yL+VopS8Ek7qc5u25282ienpMicJvxbiH9cG8ED
ERhgm/SNtS1OXsXmWqCCHpyHiq3c8a/J+GcBcuJSXBIYra3qoQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:04 2025 by rpki-client