Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
File: 7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa (raw, json)
Hash identifier: W2bWti50kUfnjzwJ6w/IrRAP1/6sP51lXr7+M4XbIGM=
Subject key identifier: 4B:53:C3:28:00:36:5A:36:73:04:61:16:17:22:A2:C6:CA:CE:C5:68
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F47A645A203C17F1EE9CD9309A45D8416809C6F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
Signing time: Wed 06 Aug 2025 00:50:43 +0000
ROA not before: Wed 06 Aug 2025 00:50:43 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:47:a6:45:a2:03:c1:7f:1e:e9:cd:93:09:a4:5d:84:16:80:9c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:43 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=421bbbe8f83a3ad9ed13bf5d67f61575fa4f8d1eb3421d8899c86bd7922c1092, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c1:2c:cc:06:64:5b:68:95:f3:d2:1a:d8:37:
d3:08:34:6c:6c:e7:42:b0:90:38:9d:d6:24:de:87:
55:0c:53:87:03:78:92:78:fd:13:06:5c:f5:0e:a3:
84:84:d1:4c:e2:b3:f4:8e:b5:dd:c0:ee:34:a2:5e:
ca:4d:27:e6:df:b0:2f:5f:20:3f:88:11:3e:fc:ae:
55:70:7a:e9:54:38:70:09:dd:90:0e:61:59:d1:a0:
2d:e3:bf:ba:be:4e:f2:c1:41:73:83:a1:ef:33:95:
f9:52:bc:72:bf:9a:30:9f:a6:09:a0:dd:e5:e4:ad:
50:12:01:ef:2e:5f:38:bc:8a:ca:7e:5d:30:a6:15:
af:0c:ba:0b:32:96:2b:aa:ff:14:a5:c6:b7:dc:2f:
bc:fe:69:96:da:ae:cd:63:76:08:54:e0:78:eb:b7:
ae:9c:fd:3b:d6:3a:62:cf:8e:4b:2f:8d:a1:34:56:
dd:cf:90:05:78:cf:fa:c4:12:61:fe:63:2e:c2:70:
f2:c1:1a:25:87:de:86:4e:a5:6a:12:46:05:76:07:
e0:e0:d7:93:88:71:59:89:62:d8:7c:d2:9d:7c:20:
f1:6d:a3:5c:8e:71:1d:09:19:b6:81:cd:59:29:17:
79:7d:24:b1:97:46:fa:4b:21:d0:92:de:3a:67:4f:
d4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:53:C3:28:00:36:5A:36:73:04:61:16:17:22:A2:C6:CA:CE:C5:68
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:e000::/40
Signature Algorithm: sha256WithRSAEncryption
73:d5:8c:a7:21:6a:aa:62:ce:69:3d:51:04:30:47:aa:18:52:
f0:2d:5d:36:35:19:79:3a:de:37:a5:c5:f2:6a:36:fb:a5:eb:
e1:60:38:58:06:cc:d8:41:56:d6:1a:21:de:53:20:11:16:9b:
bc:33:2a:fe:d3:02:62:99:ed:22:ea:0f:b9:91:9a:d8:68:b1:
54:ba:f2:b2:ad:cd:fc:5d:1b:c2:d1:47:25:80:8e:c4:88:5f:
22:39:51:55:f2:b1:2f:6d:bf:c2:8d:5c:cc:7c:9c:29:99:8e:
7a:cc:56:6f:ab:cf:d0:1d:40:9f:9e:62:20:fd:d1:c7:68:04:
bd:8b:02:68:99:a8:e6:1f:6f:51:55:dd:cd:2f:34:bf:15:e0:
f8:3f:4d:18:f5:e3:12:66:8f:33:4d:8e:a2:93:d5:ff:b6:9e:
8d:73:0c:38:76:cb:15:05:9b:94:6c:2c:50:b4:3d:d6:ca:27:
34:ec:43:65:f6:28:9e:a3:e6:ce:d5:74:49:9e:d8:4b:91:3c:
54:75:71:25:eb:a8:d6:fd:5c:bf:51:42:d2:2c:0c:62:0c:c0:
ee:50:2d:c4:85:a4:57:19:d1:d1:57:e1:6b:94:a5:1e:5e:09:
c0:67:b7:e9:8a:77:90:cd:a0:79:d9:6a:e7:92:85:18:59:00:
45:3c:e1:68
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf0emRaIDwX8e6c2TCaRdhBaAnG8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwNDNaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyMWJiYmU4ZjgzYTNhZDllZDEzYmY1ZDY3ZjYxNTc1ZmE0ZjhkMWViMzQy
MWQ4ODk5Yzg2YmQ3OTIyYzEwOTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXBLMwGZFtolfPSGtg30wg0bGznQrCQOJ3WJN6HVQxThwN4knj9EwZc9Q6j
hITRTOKz9I613cDuNKJeyk0n5t+wL18gP4gRPvyuVXB66VQ4cAndkA5hWdGgLeO/
ur5O8sFBc4Oh7zOV+VK8cr+aMJ+mCaDd5eStUBIB7y5fOLyKyn5dMKYVrwy6CzKW
K6r/FKXGt9wvvP5pltquzWN2CFTgeOu3rpz9O9Y6Ys+OSy+NoTRW3c+QBXjP+sQS
Yf5jLsJw8sEaJYfehk6lahJGBXYH4ODXk4hxWYli2HzSnXwg8W2jXI5xHQkZtoHN
WSkXeX0ksZdG+ksh0JLeOmdP1J8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRLU8Mo
ADZaNnMEYRYXIqLGys7FaDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2EyMjE1ZTctNWVlMi00MjBiLThmOTgtNWUwZmFlZjRjYmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Djg
MA0GCSqGSIb3DQEBCwUAA4IBAQBz1YynIWqqYs5pPVEEMEeqGFLwLV02NRl5Ot43
pcXyajb7pevhYDhYBszYQVbWGiHeUyARFpu8Myr+0wJime0i6g+5kZrYaLFUuvKy
rc38XRvC0UclgI7EiF8iOVFV8rEvbb/CjVzMfJwpmY56zFZvq8/QHUCfnmIg/dHH
aAS9iwJomajmH29RVd3NLzS/FeD4P00Y9eMSZo8zTY6ik9X/tp6Ncww4dssVBZuU
bCxQtD3Wyic07ENl9iieo+bO1XRJnthLkTxUdXEl66jW/Vy/UULSLAxiDMDuUC3E
haRXGdHRV+FrlKUeXgnAZ7fpineQzaB52WrnkoUYWQBFPOFo
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:09 2025 by rpki-client