Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa
File: 7ce413ad-560d-4eb8-915b-8c6e01d97910.roa (raw, json)
Hash identifier: 7l/SfWSRhdEFbjNgv4tjuiNxMXKVsROk93fWb9Fc6fU=
Subject key identifier: C5:47:A5:5B:2F:A6:C2:52:E8:2F:95:43:C2:FE:AD:0A:E0:43:57:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D96ED728FA7B77624B49DC0169B99C3EB5CCDB2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa
Signing time: Tue 05 Aug 2025 19:21:01 +0000
ROA not before: Tue 05 Aug 2025 19:21:01 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:96:ed:72:8f:a7:b7:76:24:b4:9d:c0:16:9b:99:c3:eb:5c:cd:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:21:01 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=a5b86db2bc3d6c7152a928451f60255d8891396bcd662233110b00f3005c3961, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:21:7b:37:87:cb:5c:67:97:47:03:7b:84:22:
40:e0:58:37:16:79:1c:dc:f3:5c:4c:02:54:03:32:
97:45:05:26:15:ac:19:7c:49:b6:87:2a:00:12:b6:
c8:fe:ff:50:37:c7:ca:4a:93:5d:c7:75:8e:5a:d2:
40:5c:c7:79:5d:9e:fa:51:04:af:7d:3c:64:92:87:
8d:ca:a9:70:ee:9d:f2:a6:e7:8e:9e:b6:14:1d:3e:
45:5b:9c:9f:b5:04:93:2d:69:57:31:3a:a0:73:76:
12:80:91:eb:9d:de:cc:3e:85:8e:11:ff:7c:e1:25:
1e:69:fc:c3:64:93:87:6c:67:12:d8:df:58:f4:40:
1e:fb:10:f5:13:2f:c4:7e:f4:76:ea:5f:11:56:dc:
ef:4e:49:94:ae:4a:a6:c7:db:7f:c0:79:5e:25:1a:
37:39:d2:82:f4:62:84:79:56:67:e3:6b:97:ab:25:
d8:9b:6d:61:64:4d:ff:2c:00:c0:94:11:3b:bc:e2:
69:d4:e6:c5:17:fc:aa:1b:47:6d:53:55:8a:5b:44:
a0:58:f1:f1:5f:fd:f5:5b:11:83:4f:e3:f3:ee:df:
2f:24:21:d5:f7:96:30:8e:d5:86:47:05:1b:3c:70:
ba:eb:81:c7:d3:18:b5:b0:5d:31:72:39:9d:e6:99:
86:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:47:A5:5B:2F:A6:C2:52:E8:2F:95:43:C2:FE:AD:0A:E0:43:57:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:5000::/40
Signature Algorithm: sha256WithRSAEncryption
84:ed:13:58:4f:39:c4:94:a0:01:3b:8c:40:45:46:6a:11:10:
74:54:55:19:aa:a8:3b:da:58:7f:3e:7b:17:d5:7d:1b:3f:ff:
0d:ce:c4:9f:ed:09:ce:e9:6f:03:e3:6a:d1:e4:93:27:09:d8:
54:83:88:2e:79:a5:af:b3:4f:58:0c:4e:64:88:a0:7e:56:f7:
c5:34:40:39:62:19:4b:72:91:b3:10:d9:5c:9d:a3:80:20:35:
1a:fd:ff:d1:0a:53:68:37:f2:71:f9:bb:96:24:6c:3d:6f:ba:
76:36:c5:83:32:e7:8e:e6:4b:39:ee:3e:b5:20:83:b2:77:e1:
d6:a8:6a:28:8a:44:c9:d7:a2:0f:58:7e:44:9a:6e:a2:58:a5:
5e:97:3e:e3:1c:a0:f9:88:e2:07:e2:24:0a:87:f3:21:21:fa:
35:40:64:4e:a3:da:80:0d:e6:cc:75:77:a9:e2:93:b4:37:a7:
6d:84:45:35:da:95:90:c7:21:05:b3:e0:01:6f:e6:3f:ec:7d:
3a:ac:c3:e6:1a:25:36:6d:c8:05:ff:f3:aa:b9:31:29:4a:09:
80:b3:ea:40:d3:d0:b9:e4:68:75:75:17:15:ea:eb:76:de:23:
9d:26:a1:1b:fe:ff:15:c7:2a:3f:89:63:64:f2:54:e5:e3:a3:
28:99:ad:0a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTZbtco+nt3YktJ3AFpuZw+tczbIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIxMDFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1Yjg2ZGIyYmMzZDZjNzE1MmE5Mjg0NTFmNjAyNTVkODg5MTM5NmJjZDY2
MjIzMzExMGIwMGYzMDA1YzM5NjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0hezeHy1xnl0cDe4QiQOBYNxZ5HNzzXEwCVAMyl0UFJhWsGXxJtocqABK2
yP7/UDfHykqTXcd1jlrSQFzHeV2e+lEEr308ZJKHjcqpcO6d8qbnjp62FB0+RVuc
n7UEky1pVzE6oHN2EoCR653ezD6FjhH/fOElHmn8w2STh2xnEtjfWPRAHvsQ9RMv
xH70dupfEVbc705JlK5Kpsfbf8B5XiUaNznSgvRihHlWZ+Nrl6sl2JttYWRN/ywA
wJQRO7ziadTmxRf8qhtHbVNViltEoFjx8V/99VsRg0/j8+7fLyQh1feWMI7VhkcF
GzxwuuuBx9MYtbBdMXI5neaZhmsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTFR6Vb
L6bCUugvlUPC/q0K4ENXOjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2NlNDEzYWQtNTYwZC00ZWI4LTkxNWItOGM2ZTAxZDk3OTEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCE7RNYTznElKABO4xARUZqERB0VFUZqqg72lh/
PnsX1X0bP/8NzsSf7QnO6W8D42rR5JMnCdhUg4gueaWvs09YDE5kiKB+VvfFNEA5
YhlLcpGzENlcnaOAIDUa/f/RClNoN/Jx+buWJGw9b7p2NsWDMueO5ks57j61IIOy
d+HWqGooikTJ16IPWH5Emm6iWKVelz7jHKD5iOIH4iQKh/MhIfo1QGROo9qADebM
dXep4pO0N6dthEU12pWQxyEFs+ABb+Y/7H06rMPmGiU2bcgF//OquTEpSgmAs+pA
09C55Gh1dRcV6ut23iOdJqEb/v8Vxyo/iWNk8lTl46Moma0K
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:23 2025 by rpki-client