Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
File: 74c7eb62-ad02-4aa2-9be5-024692c6239f.roa (raw, json)
Hash identifier: uXSpqxeUnZYhdffFNQ0O+hIfIGy11FHbWl29OC6v9CU=
Subject key identifier: A3:42:E1:B7:38:9B:49:85:64:E7:CE:C4:F9:FE:28:BD:62:A7:42:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C9DDA34974D6F96129D340C5C6FCDD15C62194A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
Signing time: Tue 05 Aug 2025 19:01:30 +0000
ROA not before: Tue 05 Aug 2025 19:01:30 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:9d:da:34:97:4d:6f:96:12:9d:34:0c:5c:6f:cd:d1:5c:62:19:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:01:30 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=c86bb569ac216a5c7255f6400805e76e856c8bb0d64634241ea74e3f696766cb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b8:d9:ee:c4:c8:8c:7e:94:2b:1d:02:0c:98:
88:8c:d7:d6:ec:2d:8d:82:5f:6a:ff:f5:ed:6c:35:
a0:0f:d8:0a:8e:3f:b2:8a:7b:e2:8a:44:68:3f:06:
93:27:21:dc:a5:0b:60:aa:9e:91:49:a8:40:67:3c:
b0:87:2c:b3:8b:ac:9c:38:5a:ca:70:c5:a3:79:31:
0b:2c:1f:24:3d:42:af:a0:5e:e4:40:2c:ce:33:78:
cc:ab:e1:01:d2:33:6e:ee:25:73:c9:4f:c0:a9:b8:
c4:a3:b5:3d:3b:a8:8a:ef:f4:46:da:ee:a1:ce:47:
a5:3c:bf:a0:92:d2:51:5e:08:f1:fb:20:32:e5:a3:
6e:b5:fd:6b:37:e4:e3:74:52:f4:c1:f9:23:56:6c:
ea:66:9c:ec:a3:57:07:b3:ee:b7:78:d7:3e:1d:80:
5d:81:52:d5:14:d4:00:1e:70:38:3d:18:a0:36:dd:
ac:c8:0a:56:0f:a6:02:93:a0:d4:07:d1:da:3a:67:
a9:e2:9a:dc:92:e2:68:5b:78:44:51:8e:30:8b:e0:
f9:5f:b4:fd:8b:87:20:db:ce:a6:5c:36:ca:c2:cd:
55:42:92:01:b0:3c:28:a9:7a:5b:c1:2e:96:96:43:
94:22:32:b4:7c:21:f4:3e:bd:8d:9a:51:df:45:1e:
8a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:42:E1:B7:38:9B:49:85:64:E7:CE:C4:F9:FE:28:BD:62:A7:42:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2000::/40
Signature Algorithm: sha256WithRSAEncryption
64:e6:71:bc:a4:56:85:8d:1c:a3:53:f4:f9:08:2e:0d:06:41:
68:5b:b6:31:de:aa:82:b9:32:3f:90:dd:4b:f4:65:4f:6a:16:
97:e9:d1:db:aa:59:4b:5f:3d:46:47:1e:1a:2e:9e:13:ef:6a:
cd:f9:f8:1a:54:f1:e7:ad:de:6d:36:e7:a4:91:ce:59:ff:76:
6d:84:50:a4:cb:0b:83:f1:16:c8:ed:49:cb:6e:5a:2c:3c:05:
c9:2b:98:26:d8:5a:2e:65:ec:7f:eb:c0:96:f3:24:82:33:b3:
c7:c3:8b:7c:81:19:eb:d4:a7:38:6d:a6:e4:8c:93:3c:e7:d8:
36:b6:2c:69:51:35:a4:bc:97:64:d0:e4:a9:30:42:38:d5:2c:
cc:c8:a1:fb:2d:4a:6c:e8:f3:94:4e:3a:d4:6b:a2:83:0b:29:
22:4d:6b:88:5c:bc:ae:d4:a7:19:c4:db:e1:0b:3a:22:dd:a9:
55:ef:e0:6c:ea:76:63:d3:dd:f8:d1:f3:2e:06:6d:b3:a0:6d:
c0:c3:c5:34:08:3e:e5:0c:f1:f7:57:c3:ab:0e:58:58:91:a7:
77:7e:d1:10:75:c5:42:78:71:cd:d4:e3:47:f0:16:cb:66:e0:
37:33:64:44:95:8b:78:94:5e:f4:cd:c9:c2:96:39:2a:5e:b5:
83:11:44:92
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXJ3aNJdNb5YSnTQMXG/N0VxiGUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAxMzBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4NmJiNTY5YWMyMTZhNWM3MjU1ZjY0MDA4MDVlNzZlODU2YzhiYjBkNjQ2
MzQyNDFlYTc0ZTNmNjk2NzY2Y2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANu42e7EyIx+lCsdAgyYiIzX1uwtjYJfav/17Ww1oA/YCo4/sop74opEaD8G
kych3KULYKqekUmoQGc8sIcss4usnDhaynDFo3kxCywfJD1Cr6Be5EAszjN4zKvh
AdIzbu4lc8lPwKm4xKO1PTuoiu/0Rtruoc5HpTy/oJLSUV4I8fsgMuWjbrX9azfk
43RS9MH5I1Zs6mac7KNXB7Put3jXPh2AXYFS1RTUAB5wOD0YoDbdrMgKVg+mApOg
1AfR2jpnqeKa3JLiaFt4RFGOMIvg+V+0/YuHINvOplw2ysLNVUKSAbA8KKl6W8Eu
lpZDlCIytHwh9D69jZpR30UeijECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSjQuG3
OJtJhWTnzsT5/ii9YqdCyjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzRjN2ViNjItYWQwMi00YWEyLTliZTUtMDI0NjkyYzYyMzlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAg
MA0GCSqGSIb3DQEBCwUAA4IBAQBk5nG8pFaFjRyjU/T5CC4NBkFoW7Yx3qqCuTI/
kN1L9GVPahaX6dHbqllLXz1GRx4aLp4T72rN+fgaVPHnrd5tNuekkc5Z/3ZthFCk
ywuD8RbI7UnLblosPAXJK5gm2FouZex/68CW8ySCM7PHw4t8gRnr1Kc4babkjJM8
59g2tixpUTWkvJdk0OSpMEI41SzMyKH7LUps6POUTjrUa6KDCykiTWuIXLyu1KcZ
xNvhCzoi3alV7+Bs6nZj09340fMuBm2zoG3Aw8U0CD7lDPH3V8OrDlhYkad3ftEQ
dcVCeHHN1ONH8BbLZuA3M2RElYt4lF70zcnCljkqXrWDEUSS
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:05 2025 by rpki-client