Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7b5f45a2-ab79-4ad3-a09e-87b355f76732.roa
File: 7b5f45a2-ab79-4ad3-a09e-87b355f76732.roa (raw, json)
Hash identifier: bKl6J+M12eOG6N89Y7TZnvkjuutiTpt1GgD2BlRdfWA=
Subject key identifier: B2:65:57:6D:79:56:E2:70:1E:DF:83:EE:68:75:71:73:68:0C:9D:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 19077667B8A9686D19B1C85CEED4065BF0EED170
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7b5f45a2-ab79-4ad3-a09e-87b355f76732.roa
Signing time: Tue 05 Aug 2025 18:41:02 +0000
ROA not before: Tue 05 Aug 2025 18:41:02 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:07:76:67:b8:a9:68:6d:19:b1:c8:5c:ee:d4:06:5b:f0:ee:d1:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:41:02 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=2e615a61df453e53e3effa6e7eb0b0ea1dd52302fc19c630251fb9574ca73dda, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c4:26:fb:38:82:de:b1:c0:f8:6e:5a:f3:64:
cf:e1:31:da:90:5a:6d:1f:95:04:8f:dc:98:76:80:
23:49:bc:89:27:63:3e:4f:ff:bf:87:c7:a3:ed:e3:
2d:48:6f:1c:9c:8c:1d:ef:43:0d:c3:c8:f5:b7:fa:
58:9f:3f:d7:b5:d1:69:d0:3d:10:fb:73:4b:3b:8e:
ec:8b:d6:93:2c:76:f6:63:d2:cb:ee:08:77:98:4b:
02:4c:f8:cb:7d:b3:cb:67:c2:1f:01:77:1c:9a:f4:
2f:83:52:58:40:0c:7d:54:91:a2:dd:09:ff:b0:16:
69:a0:0d:fd:73:04:a9:ba:12:29:3c:65:f6:c9:98:
62:83:24:22:7c:6e:de:92:e2:bf:7f:f4:8b:bd:2b:
85:a0:dc:74:d5:63:1b:06:ae:8f:0e:ad:63:47:4f:
ea:08:72:13:1a:ef:e2:e8:71:a4:79:50:1a:f6:70:
33:16:66:91:5a:b5:04:26:1a:76:ab:4d:1e:64:06:
73:e0:12:aa:82:cb:21:54:1e:23:3a:f3:f6:20:c0:
74:ff:b9:3d:81:3c:bd:64:b8:19:51:28:18:bf:f1:
f3:f8:bd:07:7b:57:87:71:a1:a7:22:d4:35:78:46:
e8:e9:4c:11:11:24:58:78:fc:03:48:b0:f9:fb:d1:
b5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:65:57:6D:79:56:E2:70:1E:DF:83:EE:68:75:71:73:68:0C:9D:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7b5f45a2-ab79-4ad3-a09e-87b355f76732.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e080::/48
Signature Algorithm: sha256WithRSAEncryption
61:65:39:b7:b5:61:ef:c5:9f:dd:da:a7:c6:fd:ec:26:25:0b:
c1:c2:bd:98:9a:2d:00:e7:5e:a5:c2:9a:2b:55:30:13:dc:63:
08:5e:cc:f1:e1:86:be:a4:db:7f:f7:73:02:b9:08:d4:5d:6d:
ff:b4:76:9f:a2:a6:ba:c3:fa:e3:45:68:b2:0a:25:23:b2:5f:
66:c8:0d:13:f8:df:2b:3c:58:50:ee:bc:31:5a:c9:98:ea:b2:
00:07:e3:e0:79:f6:b0:fa:68:ee:f0:63:78:80:bc:58:a6:76:
31:16:89:03:36:33:7f:5a:47:5c:85:90:63:a0:66:e0:1f:47:
44:0d:7a:03:f8:90:3d:65:52:d3:aa:be:31:31:da:9f:d0:10:
01:a7:67:e7:f7:61:e3:1e:0a:ab:05:ad:66:20:ae:7f:7a:55:
96:66:9e:01:a5:5e:86:f0:c4:af:da:e5:50:73:0b:d0:fb:6e:
38:53:37:63:c5:7b:50:02:c2:d2:34:cc:96:96:96:96:88:ec:
b7:ce:89:75:12:5a:8d:bf:90:ab:e3:e6:0c:17:06:e4:53:9b:
b6:34:29:34:06:c7:cc:3d:ae:88:8e:df:76:54:d5:4b:29:a2:
4e:d3:18:ad:96:29:09:e8:c0:80:53:81:cf:a6:0f:a0:86:7d:
a0:64:e6:a2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGQd2Z7ipaG0Zschc7tQGW/Du0XAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQxMDJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlNjE1YTYxZGY0NTNlNTNlM2VmZmE2ZTdlYjBiMGVhMWRkNTIzMDJmYzE5
YzYzMDI1MWZiOTU3NGNhNzNkZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJzEJvs4gt6xwPhuWvNkz+Ex2pBabR+VBI/cmHaAI0m8iSdjPk//v4fHo+3j
LUhvHJyMHe9DDcPI9bf6WJ8/17XRadA9EPtzSzuO7IvWkyx29mPSy+4Id5hLAkz4
y32zy2fCHwF3HJr0L4NSWEAMfVSRot0J/7AWaaAN/XMEqboSKTxl9smYYoMkInxu
3pLiv3/0i70rhaDcdNVjGwaujw6tY0dP6ghyExrv4uhxpHlQGvZwMxZmkVq1BCYa
dqtNHmQGc+ASqoLLIVQeIzrz9iDAdP+5PYE8vWS4GVEoGL/x8/i9B3tXh3GhpyLU
NXhG6OlMEREkWHj8A0iw+fvRtUECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSyZVdt
eVbicB7fg+5odXFzaAyd5zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2I1ZjQ1YTItYWI3OS00YWQzLWEwOWUtODdiMzU1Zjc2NzMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLg
gDANBgkqhkiG9w0BAQsFAAOCAQEAYWU5t7Vh78Wf3dqnxv3sJiULwcK9mJotAOde
pcKaK1UwE9xjCF7M8eGGvqTbf/dzArkI1F1t/7R2n6KmusP640VosgolI7JfZsgN
E/jfKzxYUO68MVrJmOqyAAfj4Hn2sPpo7vBjeIC8WKZ2MRaJAzYzf1pHXIWQY6Bm
4B9HRA16A/iQPWVS06q+MTHan9AQAadn5/dh4x4KqwWtZiCuf3pVlmaeAaVehvDE
r9rlUHML0PtuOFM3Y8V7UALC0jTMlpaWlojst86JdRJajb+Qq+PmDBcG5FObtjQp
NAbHzD2uiI7fdlTVSymiTtMYrZYpCejAgFOBz6YPoIZ9oGTmog==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:15 2025 by rpki-client