Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
File: 7802179a-c80f-42f1-a50b-a0af1df078c2.roa (raw, json)
Hash identifier: C6n5qPG2yVVDNYfupnnoQWFrweTHYyKyJsoM3cW89zE=
Subject key identifier: 82:D6:33:15:99:2D:8A:83:D8:CC:E1:C0:0B:78:75:C2:A6:F3:AB:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0DB80CE7AFD211E09B5E037AAFF730629F5CD18E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
Signing time: Wed 06 Aug 2025 00:50:51 +0000
ROA not before: Wed 06 Aug 2025 00:50:51 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:b8:0c:e7:af:d2:11:e0:9b:5e:03:7a:af:f7:30:62:9f:5c:d1:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:51 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=34277f4c62e2d5aa957d7a608895b1afcfd48eb104825cf90bf5d736ac1913e2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:81:87:a6:b1:c2:e5:d9:cd:7c:66:92:0a:4d:
5b:9b:1e:24:e9:27:84:e3:c1:fe:1f:83:75:ea:58:
1d:0d:d0:51:72:3e:f3:0a:33:6b:f5:54:0f:08:93:
da:3b:52:48:da:ce:5e:63:4a:91:90:ef:1d:1c:87:
97:63:eb:d2:8a:f9:35:22:36:5a:cf:dc:ef:b2:aa:
66:b0:d1:62:4c:66:b3:b0:1f:ac:61:cc:16:58:59:
82:af:f1:83:6d:11:89:aa:83:10:8e:aa:4d:ac:5d:
a5:bc:cd:f5:f0:e9:b4:d3:7e:2a:60:6c:32:cd:d7:
95:d0:8b:0d:2e:78:10:d9:89:dd:b6:0b:bf:72:a4:
97:93:6b:92:42:ec:ed:48:32:12:34:a5:15:10:32:
dc:51:15:38:65:18:f4:09:f5:30:1d:b3:91:f4:15:
b9:34:c9:4f:89:cb:87:aa:d2:44:79:84:3c:d5:f2:
de:4f:d1:29:1c:06:05:5a:45:26:7f:f3:fb:8f:05:
76:d1:36:be:a4:f9:82:c2:ab:60:5f:5d:90:69:2a:
d1:4a:af:b6:f4:42:92:ba:ed:f1:2e:fa:18:d4:33:
ed:63:44:74:dd:a8:da:a3:7b:a4:e6:c5:9c:c0:71:
6b:15:4c:7f:5d:82:ca:1a:af:48:f4:fb:78:fe:b3:
0c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:D6:33:15:99:2D:8A:83:D8:CC:E1:C0:0B:78:75:C2:A6:F3:AB:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:4000::/40
Signature Algorithm: sha256WithRSAEncryption
23:39:cd:e4:65:43:bb:5a:d7:80:5d:d5:b9:60:1e:1e:cc:ad:
0c:3e:21:10:ba:b5:6b:a7:e4:93:31:bb:b9:ee:c3:76:18:72:
4f:d8:17:03:72:df:2b:53:6d:75:2d:0a:0d:02:9b:d9:80:1a:
8b:fe:05:12:e3:84:e0:46:59:83:4c:d3:52:55:c2:33:76:ea:
6b:bd:20:f4:ef:32:50:51:4a:65:7a:ed:df:d3:94:a7:ca:c3:
71:9a:db:cc:32:26:61:6e:c3:19:da:ff:13:3f:72:69:cf:e5:
fd:aa:2e:dd:eb:95:bc:d2:0e:0a:90:7c:7c:53:d7:57:5d:0f:
ca:55:aa:78:54:1d:15:4d:2d:36:d6:86:fb:04:60:46:12:66:
69:d3:68:3b:6a:80:78:15:ee:37:a8:46:aa:ea:9c:23:05:83:
52:8b:66:dd:ad:03:ec:e1:1f:87:90:dc:13:c2:10:57:80:b0:
76:49:0e:11:4b:ef:89:b2:04:cf:c9:b2:d7:17:7b:b8:fb:63:
12:9b:fd:93:df:c2:df:56:fe:10:17:d4:8c:cd:67:f4:bc:c3:
51:b9:9e:20:bd:56:e1:ca:1e:0f:5f:d6:e6:d2:fd:49:4f:45:
ad:b1:8b:c3:33:b4:79:61:14:fd:17:90:e4:75:5a:f3:61:ef:
9b:17:29:ee
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDbgM56/SEeCbXgN6r/cwYp9c0Y4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwNTFaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0Mjc3ZjRjNjJlMmQ1YWE5NTdkN2E2MDg4OTViMWFmY2ZkNDhlYjEwNDgy
NWNmOTBiZjVkNzM2YWMxOTEzZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqBh6axwuXZzXxmkgpNW5seJOknhOPB/h+DdepYHQ3QUXI+8woza/VUDwiT
2jtSSNrOXmNKkZDvHRyHl2Pr0or5NSI2Ws/c77KqZrDRYkxms7AfrGHMFlhZgq/x
g20RiaqDEI6qTaxdpbzN9fDptNN+KmBsMs3XldCLDS54ENmJ3bYLv3Kkl5NrkkLs
7UgyEjSlFRAy3FEVOGUY9An1MB2zkfQVuTTJT4nLh6rSRHmEPNXy3k/RKRwGBVpF
Jn/z+48FdtE2vqT5gsKrYF9dkGkq0UqvtvRCkrrt8S76GNQz7WNEdN2o2qN7pObF
nMBxaxVMf12CyhqvSPT7eP6zDKcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSC1jMV
mS2Kg9jM4cALeHXCpvOr1DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzgwMjE3OWEtYzgwZi00MmYxLWE1MGItYTBhZjFkZjA3OGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FlA
MA0GCSqGSIb3DQEBCwUAA4IBAQAjOc3kZUO7WteAXdW5YB4ezK0MPiEQurVrp+ST
Mbu57sN2GHJP2BcDct8rU211LQoNApvZgBqL/gUS44TgRlmDTNNSVcIzduprvSD0
7zJQUUpleu3f05SnysNxmtvMMiZhbsMZ2v8TP3Jpz+X9qi7d65W80g4KkHx8U9dX
XQ/KVap4VB0VTS021ob7BGBGEmZp02g7aoB4Fe43qEaq6pwjBYNSi2bdrQPs4R+H
kNwTwhBXgLB2SQ4RS++JsgTPybLXF3u4+2MSm/2T38LfVv4QF9SMzWf0vMNRuZ4g
vVbhyh4PX9bm0v1JT0WtsYvDM7R5YRT9F5DkdVrzYe+bFynu
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:11 2025 by rpki-client