Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
File: 758ab83f-3a25-48db-a214-04c27915b62e.roa (raw, json)
Hash identifier: BPBSYszfA5Z3z7oyKja4CJoFJ6n28kg0QHiMp9YFTF0=
Subject key identifier: 8B:35:68:9C:95:2A:37:7D:11:D9:F4:AA:6E:0A:B5:83:62:CE:7C:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4DD39E9BE75E2956AE699346EE16F0B742190DCD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
Signing time: Tue 05 Aug 2025 19:51:25 +0000
ROA not before: Tue 05 Aug 2025 19:51:25 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:d3:9e:9b:e7:5e:29:56:ae:69:93:46:ee:16:f0:b7:42:19:0d:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:51:25 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=399af79119b470ee7dcb9b6d8bf109fad7f2fbee43dc3133a2ead696e68f9fb5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:96:01:c1:72:81:c6:96:cc:16:2c:a3:d5:c8:
84:7d:06:00:51:97:21:73:9d:52:16:9c:9d:be:1c:
99:5b:a7:79:0b:87:f2:d4:f7:31:7c:d9:1e:7f:71:
6b:5e:7b:1b:d0:54:30:40:cd:04:98:7c:aa:f5:5e:
db:61:4c:19:d0:9b:10:54:57:78:be:4d:5d:2e:1f:
7b:c2:c0:d7:4e:31:fa:ad:4d:d2:7d:42:bb:1a:e6:
f8:56:07:df:61:fe:e9:34:ad:34:43:5b:12:30:9b:
4b:ea:aa:20:fb:c9:78:61:b6:c6:e3:74:31:2b:39:
87:9d:e0:95:1e:61:59:58:37:5d:3f:d1:c8:56:ba:
88:9d:1a:5d:b7:b7:fe:95:25:13:c5:85:91:e1:be:
cf:6c:75:d7:a7:9c:85:cf:96:50:03:f6:4f:bb:cb:
65:16:a6:6c:7f:3c:04:32:0a:bf:e0:42:cd:f8:ac:
93:86:de:a5:2e:8a:3c:77:b4:9f:7d:3a:66:4a:00:
cc:1c:00:38:67:ac:91:ad:bb:f1:4d:56:5f:04:03:
e3:e7:bb:28:3c:dc:7a:3c:0b:63:be:9e:77:03:14:
37:2c:92:74:fe:49:39:67:0a:9c:5c:8f:40:b5:1b:
61:23:fb:52:e5:81:00:7f:92:b4:fe:e1:82:82:3f:
ef:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:35:68:9C:95:2A:37:7D:11:D9:F4:AA:6E:0A:B5:83:62:CE:7C:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:a000::/40
Signature Algorithm: sha256WithRSAEncryption
4d:a4:33:31:a4:b3:bb:d3:b4:b9:88:ce:de:1b:69:69:f4:45:
7f:a4:c1:32:e8:69:fa:0b:4a:3a:07:64:cf:0a:a6:d6:cb:ad:
c6:14:79:7c:d7:e3:3d:33:2f:ce:e9:68:9a:b0:51:a7:19:54:
28:a0:bf:e0:c4:cf:21:4b:a6:5f:de:e6:c9:94:fd:3e:b8:94:
5c:40:35:d3:3e:2a:24:1f:9d:8b:f1:a6:43:35:fc:72:e6:54:
3d:6f:c5:c1:82:48:f5:ec:fc:ed:2a:89:25:49:7d:b2:dd:b4:
1a:56:d2:59:ec:1e:eb:a0:a6:fe:90:7a:5e:c1:ae:2d:20:59:
e1:ed:41:7b:30:11:e4:f0:5d:a6:ed:d5:d1:4c:75:aa:8a:03:
c7:80:0c:1d:e6:ee:d7:53:25:cd:5d:74:ef:c3:e1:e5:cf:a2:
6a:c4:d6:37:df:f4:56:22:d0:a8:15:0f:43:32:bf:5e:52:0c:
01:24:b7:e4:54:5b:c6:c8:b9:95:d1:28:94:e4:c3:99:fb:48:
a2:fa:8a:f5:3e:a0:ed:4a:3d:d6:3c:cb:7f:ea:24:12:d9:0d:
3e:d4:d4:50:df:a4:1a:25:1b:a1:8f:ce:bf:22:02:13:c8:59:
df:8f:53:ec:39:aa:1e:f5:af:f4:0f:c8:ec:bd:d7:0f:15:96:
4b:c9:88:f4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTdOem+deKVauaZNG7hbwt0IZDc0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUxMjVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5OWFmNzkxMTliNDcwZWU3ZGNiOWI2ZDhiZjEwOWZhZDdmMmZiZWU0M2Rj
MzEzM2EyZWFkNjk2ZTY4ZjlmYjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ2WAcFygcaWzBYso9XIhH0GAFGXIXOdUhacnb4cmVuneQuH8tT3MXzZHn9x
a157G9BUMEDNBJh8qvVe22FMGdCbEFRXeL5NXS4fe8LA104x+q1N0n1Cuxrm+FYH
32H+6TStNENbEjCbS+qqIPvJeGG2xuN0MSs5h53glR5hWVg3XT/RyFa6iJ0aXbe3
/pUlE8WFkeG+z2x116echc+WUAP2T7vLZRambH88BDIKv+BCzfisk4bepS6KPHe0
n306ZkoAzBwAOGeska278U1WXwQD4+e7KDzcejwLY76edwMUNyySdP5JOWcKnFyP
QLUbYSP7UuWBAH+StP7hgoI/76UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSLNWic
lSo3fRHZ9KpuCrWDYs58BjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzU4YWI4M2YtM2EyNS00OGRiLWEyMTQtMDRjMjc5MTViNjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2g
MA0GCSqGSIb3DQEBCwUAA4IBAQBNpDMxpLO707S5iM7eG2lp9EV/pMEy6Gn6C0o6
B2TPCqbWy63GFHl81+M9My/O6WiasFGnGVQooL/gxM8hS6Zf3ubJlP0+uJRcQDXT
PiokH52L8aZDNfxy5lQ9b8XBgkj17PztKoklSX2y3bQaVtJZ7B7roKb+kHpewa4t
IFnh7UF7MBHk8F2m7dXRTHWqigPHgAwd5u7XUyXNXXTvw+Hlz6JqxNY33/RWItCo
FQ9DMr9eUgwBJLfkVFvGyLmV0SiU5MOZ+0ii+or1PqDtSj3WPMt/6iQS2Q0+1NRQ
36QaJRuhj86/IgITyFnfj1PsOaoe9a/0D8jsvdcPFZZLyYj0
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:50:03 2025 by rpki-client