Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/730c632c-0510-4eef-8649-b29c7a1d089b.roa
File: 730c632c-0510-4eef-8649-b29c7a1d089b.roa (raw, json)
Hash identifier: sGUIh3xDK1Q12YQ9LIsozlptaWtYXFF6hnETx4GUJmQ=
Subject key identifier: B2:9F:B7:A9:05:20:CF:78:D1:C0:D9:33:7F:E6:55:61:51:5B:33:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 431743C67C751D54C3F298A856D8A7E1B2468608
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/730c632c-0510-4eef-8649-b29c7a1d089b.roa
Signing time: Tue 05 Aug 2025 18:41:31 +0000
ROA not before: Tue 05 Aug 2025 18:41:31 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:17:43:c6:7c:75:1d:54:c3:f2:98:a8:56:d8:a7:e1:b2:46:86:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:41:31 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=58776875884b6b91754d0a3a9e5e7833e3a3eb7a30dbfe953dd03d304daa9284, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:bf:95:28:89:b3:e9:12:5a:41:49:5d:ca:d2:
94:0b:1e:64:69:96:34:96:0c:80:d8:4f:33:4e:83:
79:d0:aa:5a:d2:1f:b7:d8:20:03:fe:7d:70:56:d3:
99:46:13:af:fe:6c:8c:2e:79:00:4d:7e:0f:7c:65:
72:36:41:0e:08:56:ed:52:0d:ff:b3:7c:ee:7f:4c:
c8:a2:60:5f:7f:0c:2d:c6:59:d1:93:62:68:4d:e2:
30:01:eb:80:55:5a:5c:1c:aa:97:37:8c:5a:c4:70:
aa:ad:ae:ed:d6:98:cb:1e:b4:9c:e4:09:bb:3d:7b:
de:11:f4:b3:7f:e1:eb:18:55:07:76:2c:a4:48:6b:
a5:d4:e7:7a:ab:5c:fd:d0:79:c0:7b:62:9b:bf:66:
da:63:70:21:15:e2:e3:cd:3f:47:38:20:4a:33:d5:
d1:c2:94:f8:b9:ee:72:86:51:37:76:6b:f1:eb:de:
b6:bf:d6:e7:b2:d2:85:22:92:8e:66:d2:c2:a7:8d:
c8:c6:22:6e:4e:ef:5c:65:99:28:bb:29:fe:f4:eb:
c5:62:a0:68:f0:66:f7:e5:71:0d:99:a5:0e:4d:86:
f0:34:e0:90:b0:16:e3:10:48:71:79:4d:67:89:91:
4f:68:bc:ec:27:40:b7:ed:2a:6c:0f:2f:38:06:1d:
51:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:9F:B7:A9:05:20:CF:78:D1:C0:D9:33:7F:E6:55:61:51:5B:33:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/730c632c-0510-4eef-8649-b29c7a1d089b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:2040::/48
Signature Algorithm: sha256WithRSAEncryption
0b:99:9d:90:a6:5a:2c:91:eb:f8:23:83:8a:26:8d:e9:f0:6f:
f1:5c:ff:92:59:e7:69:2a:95:73:73:23:10:2b:40:ab:c5:b4:
fc:b7:14:46:89:54:0b:80:d0:be:79:aa:f0:4c:8d:e7:4c:1a:
45:7e:9f:67:80:85:a6:04:47:e6:ce:0f:eb:f0:c7:43:da:ce:
8e:cc:89:56:fa:66:21:77:00:91:f2:0c:cd:30:29:f7:6b:9f:
31:9d:c8:51:23:21:d4:3a:1a:13:04:35:63:38:1b:57:31:f7:
21:a6:76:f8:6c:4e:2d:14:d5:e3:f2:ea:4b:dc:0a:7c:f6:cc:
99:c8:45:e8:a0:90:63:86:81:25:d5:95:64:d7:d7:7a:6a:03:
47:03:44:72:1e:f2:c5:e5:1e:9d:eb:b3:75:51:5f:ff:8a:e2:
f4:ae:c2:ed:bf:37:a1:a3:37:a0:08:a5:7f:f9:73:5e:d8:d0:
c1:ce:8b:68:47:34:10:2d:5d:3b:68:36:97:16:e2:ff:0f:7b:
a8:92:73:bd:dc:62:c4:6b:eb:7b:a4:5d:a0:89:2e:64:6a:0d:
6a:da:11:5c:5d:07:2b:77:dc:07:f5:08:df:82:ff:64:0b:72:
84:1b:23:34:c1:18:c1:89:d6:86:41:7f:b5:7c:2d:06:54:16:
8a:b2:64:53
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQxdDxnx1HVTD8pioVtin4bJGhggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQxMzFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4Nzc2ODc1ODg0YjZiOTE3NTRkMGEzYTllNWU3ODMzZTNhM2ViN2EzMGRi
ZmU5NTNkZDAzZDMwNGRhYTkyODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO2/lSiJs+kSWkFJXcrSlAseZGmWNJYMgNhPM06DedCqWtIft9ggA/59cFbT
mUYTr/5sjC55AE1+D3xlcjZBDghW7VIN/7N87n9MyKJgX38MLcZZ0ZNiaE3iMAHr
gFVaXByqlzeMWsRwqq2u7daYyx60nOQJuz173hH0s3/h6xhVB3YspEhrpdTneqtc
/dB5wHtim79m2mNwIRXi480/RzggSjPV0cKU+LnucoZRN3Zr8evetr/W57LShSKS
jmbSwqeNyMYibk7vXGWZKLsp/vTrxWKgaPBm9+VxDZmlDk2G8DTgkLAW4xBIcXlN
Z4mRT2i87CdAt+0qbA8vOAYdUYUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSyn7ep
BSDPeNHA2TN/5lVhUVszuTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzMwYzYzMmMtMDUxMC00ZWVmLTg2NDktYjI5YzdhMWQwODliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEg
QDANBgkqhkiG9w0BAQsFAAOCAQEAC5mdkKZaLJHr+CODiiaN6fBv8Vz/klnnaSqV
c3MjECtAq8W0/LcURolUC4DQvnmq8EyN50waRX6fZ4CFpgRH5s4P6/DHQ9rOjsyJ
VvpmIXcAkfIMzTAp92ufMZ3IUSMh1DoaEwQ1YzgbVzH3IaZ2+GxOLRTV4/LqS9wK
fPbMmchF6KCQY4aBJdWVZNfXemoDRwNEch7yxeUeneuzdVFf/4ri9K7C7b83oaM3
oAilf/lzXtjQwc6LaEc0EC1dO2g2lxbi/w97qJJzvdxixGvre6RdoIkuZGoNatoR
XF0HK3fcB/UI34L/ZAtyhBsjNMEYwYnWhkF/tXwtBlQWirJkUw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:04 2025 by rpki-client