Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa
File: 7af2d4a0-df22-4933-b605-1ecbbd66f982.roa (raw, json)
Hash identifier: BvEOUy5Slr0o67D4cTxDFizj2KmctbmAgrq+cOs4W4o=
Subject key identifier: FB:E4:AD:8B:B7:16:9C:B9:F5:FC:2A:E1:14:37:CB:EE:EB:C0:71:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61BD56AC13454B6300D656AD3ECF518BFC0746EF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa
Signing time: Tue 05 Aug 2025 20:00:14 +0000
ROA not before: Tue 05 Aug 2025 20:00:14 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:bd:56:ac:13:45:4b:63:00:d6:56:ad:3e:cf:51:8b:fc:07:46:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:00:14 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=aa788ae8fa0650aeb91fd7993d0f0464759af225e364ad286e7819b1b5ce198f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d1:88:cb:19:b9:9f:25:0b:13:3a:71:7f:a6:
f4:86:87:2c:42:b9:ee:2d:09:c0:8e:cb:f4:9c:5f:
7d:5b:4f:9a:80:be:82:b3:c4:26:a5:3a:58:94:e9:
96:34:ce:a8:e3:8c:40:17:a2:ad:9a:51:99:30:8d:
f0:c5:b8:a4:3b:a4:69:af:9a:df:ea:19:a5:83:6d:
38:dd:db:a5:fc:fd:dc:58:85:58:27:29:df:39:c3:
17:e0:fd:ac:d3:69:09:aa:a7:4c:fe:f2:49:fc:48:
cb:e5:82:92:8e:bb:f0:12:bc:ad:62:34:67:67:06:
81:6e:9a:99:66:ce:90:a5:ca:f9:3c:79:c6:ab:f8:
7d:30:f5:7f:64:2c:0a:61:8b:5f:36:61:d9:25:55:
d7:e7:56:f0:a0:28:f0:03:e2:5a:ed:3c:14:47:29:
f1:69:72:13:46:22:4c:f4:25:8c:5a:84:de:b9:da:
6f:c0:c2:09:f3:b4:de:8c:82:d5:da:8b:a1:e3:e6:
34:57:07:61:51:8d:63:52:38:5f:3b:ee:df:0d:bd:
73:7e:6a:e3:fd:b0:ed:2a:13:c9:f3:a0:7e:ac:ad:
cf:ae:60:63:03:b4:d5:de:4a:66:e2:04:8f:13:c8:
bc:76:d0:88:07:50:06:31:9b:54:63:51:a6:0a:29:
ba:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E4:AD:8B:B7:16:9C:B9:F5:FC:2A:E1:14:37:CB:EE:EB:C0:71:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015:c00::/38
Signature Algorithm: sha256WithRSAEncryption
84:fb:8c:f1:35:cb:38:5c:88:db:1a:3a:15:59:3f:dc:cb:c5:
80:ab:73:b3:16:bb:be:59:96:7d:4c:4a:7a:ac:7d:56:e1:8a:
04:ef:6f:3e:a1:9c:42:1e:5e:e0:63:39:53:cd:8e:f1:8b:25:
b9:c5:4d:e8:df:e2:de:25:7d:ef:cc:bb:84:94:8c:bf:9e:62:
8f:fc:b5:76:60:4d:f1:e0:5f:57:4c:a7:09:eb:c9:86:6a:88:
d7:dc:92:0f:84:dd:10:f0:a8:94:d8:ba:88:b5:a3:e4:22:92:
4f:ea:fc:90:9a:f2:cd:12:9b:4d:91:84:61:ad:cb:bf:a8:55:
b1:50:66:1f:a9:3b:41:fc:48:ba:0c:ca:cb:42:3e:1c:26:77:
64:11:f1:ae:d2:5f:5c:94:69:1b:d8:32:f5:c5:ca:b4:51:2c:
14:8a:96:08:b1:99:c0:3a:0e:54:84:42:d0:f4:fc:3a:e0:0a:
87:d8:21:04:2d:d1:2f:6a:66:f0:94:5a:91:d0:2a:c0:13:fc:
a3:b6:c4:33:d2:99:79:f4:f8:94:6b:99:e1:d0:fd:46:54:e2:
c5:f7:f3:7c:36:d2:d5:9f:7b:fa:f8:0c:81:a2:e8:1e:c7:b2:
f0:b5:42:a6:99:69:91:88:8d:1f:08:60:71:fa:41:78:d7:21:
28:a7:fb:42
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYb1WrBNFS2MA1latPs9Ri/wHRu8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAwMTRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhNzg4YWU4ZmEwNjUwYWViOTFmZDc5OTNkMGYwNDY0NzU5YWYyMjVlMzY0
YWQyODZlNzgxOWIxYjVjZTE5OGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXRiMsZuZ8lCxM6cX+m9IaHLEK57i0JwI7L9JxffVtPmoC+grPEJqU6WJTp
ljTOqOOMQBeirZpRmTCN8MW4pDukaa+a3+oZpYNtON3bpfz93FiFWCcp3znDF+D9
rNNpCaqnTP7ySfxIy+WCko678BK8rWI0Z2cGgW6amWbOkKXK+Tx5xqv4fTD1f2Qs
CmGLXzZh2SVV1+dW8KAo8APiWu08FEcp8WlyE0YiTPQljFqE3rnab8DCCfO03oyC
1dqLoePmNFcHYVGNY1I4Xzvu3w29c35q4/2w7SoTyfOgfqytz65gYwO01d5KZuIE
jxPIvHbQiAdQBjGbVGNRpgopuoMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT75K2L
txacufX8KuEUN8vu68BxkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2FmMmQ0YTAtZGYyMi00OTMzLWI2MDUtMWVjYmJkNjZmOTgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUM
MA0GCSqGSIb3DQEBCwUAA4IBAQCE+4zxNcs4XIjbGjoVWT/cy8WAq3OzFru+WZZ9
TEp6rH1W4YoE728+oZxCHl7gYzlTzY7xiyW5xU3o3+LeJX3vzLuElIy/nmKP/LV2
YE3x4F9XTKcJ68mGaojX3JIPhN0Q8KiU2LqItaPkIpJP6vyQmvLNEptNkYRhrcu/
qFWxUGYfqTtB/Ei6DMrLQj4cJndkEfGu0l9clGkb2DL1xcq0USwUipYIsZnAOg5U
hELQ9Pw64AqH2CEELdEvambwlFqR0CrAE/yjtsQz0pl59PiUa5nh0P1GVOLF9/N8
NtLVn3v6+AyBougex7LwtUKmmWmRiI0fCGBx+kF41yEop/tC
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:46 2025 by rpki-client