Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
File: 7e690adc-099c-4d58-ad1b-856f693d90b3.roa (raw, json)
Hash identifier: J+ZCBe2VYytn/SZv61oKo5pKAFtmXHc7XaGNvQREJVA=
Subject key identifier: E7:2A:C1:A0:8D:D9:33:E2:1D:BC:6A:B1:38:4A:46:9A:46:E9:B3:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 57FD99920DB278DA8BC0AD32BCF0EF5CEBF238B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
Signing time: Fri 22 Aug 2025 15:10:09 +0000
ROA not before: Fri 22 Aug 2025 15:10:09 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:fd:99:92:0d:b2:78:da:8b:c0:ad:32:bc:f0:ef:5c:eb:f2:38:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:09 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=58d8deb3d40669f93fb97b26a5f4d58b21b0aa11a1982f6e12e35e9a23a2962b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:26:2b:4b:01:7b:6c:52:7c:fe:32:bb:de:08:
ef:6e:f9:39:53:a0:a2:98:05:c5:ba:68:de:9c:d9:
99:70:1f:78:57:1f:b8:2f:cc:d9:7c:90:70:8d:6c:
d4:bf:ed:2b:d6:bd:e1:fc:d1:d7:d9:75:bd:3e:d7:
a0:29:ee:11:0b:ad:fe:1a:9e:48:6d:92:02:7e:5c:
c7:52:60:91:6d:c4:35:4e:e6:33:9e:a7:55:f3:5e:
9c:79:9d:38:b9:5f:cf:9d:24:49:48:77:71:38:ad:
3d:e2:25:49:e4:d2:8f:0d:03:97:db:5e:5e:dd:21:
49:52:b2:92:6a:2b:db:50:f2:18:a0:63:c3:9a:cd:
44:ff:ea:6c:ca:16:25:e6:4f:ea:94:d0:88:ef:0a:
fe:14:38:a4:87:d3:ec:b8:43:71:c8:64:f2:6f:cf:
70:c5:c7:5d:8d:6a:d1:74:30:55:79:12:75:5b:c0:
ad:90:bd:68:3e:42:d2:ac:2d:b9:7b:1b:21:b3:23:
72:29:c1:a7:c0:0e:9a:a3:63:f9:c4:f2:49:79:00:
86:d3:ca:00:e3:8a:58:fe:f2:e6:c2:b5:50:95:93:
7c:21:13:6f:91:51:40:0b:b8:32:ea:5d:26:0a:8a:
68:31:ee:10:ee:a2:a4:99:8c:df:83:09:d6:90:ce:
bb:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:2A:C1:A0:8D:D9:33:E2:1D:BC:6A:B1:38:4A:46:9A:46:E9:B3:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:c000::/40
Signature Algorithm: sha256WithRSAEncryption
34:1d:73:e3:c8:4d:f1:11:cc:ac:ea:69:ae:b2:24:8a:15:08:
b9:c0:b5:4c:1e:af:52:1a:a3:ab:a8:c9:da:c0:2d:33:10:4f:
8a:7f:85:cf:f1:bf:69:a9:93:bf:ac:81:39:a6:8b:1f:81:41:
88:82:d2:43:af:a8:07:1e:8c:43:e9:8f:07:a5:70:74:15:3b:
99:84:5c:54:b9:a2:e8:09:ae:ca:6d:e5:0a:02:0e:3d:de:0c:
1e:9d:0e:dd:45:e7:bf:92:9d:1e:df:3f:a2:b6:79:04:a7:6f:
b8:13:f4:24:5a:83:06:cc:1f:35:bf:cc:36:2d:b8:43:a8:a5:
a2:83:55:61:ca:e4:7a:2e:42:e7:bb:43:cd:f4:20:b8:8f:ea:
24:2c:0d:dc:25:95:a9:86:21:5d:18:5f:70:c3:b3:a9:6c:17:
ed:6f:c3:19:d2:79:f9:c3:96:c9:7b:30:fa:1a:6e:1c:c1:31:
7f:41:dc:7d:05:ac:17:61:ae:68:66:1a:b9:4c:f8:ce:32:7b:
b4:3f:6b:00:51:5e:ea:dc:7b:88:fe:52:ce:fc:b7:c1:82:94:
fc:4a:7f:3a:85:db:9e:e1:e5:c7:fa:d4:0c:e1:d1:e5:5e:fd:
ae:a8:98:2a:9f:79:5e:62:70:f4:41:d3:82:71:31:5e:9a:19:
d4:4a:23:97
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUV/2Zkg2yeNqLwK0yvPDvXOvyOLgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwMDlaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4ZDhkZWIzZDQwNjY5ZjkzZmI5N2IyNmE1ZjRkNThiMjFiMGFhMTFhMTk4
MmY2ZTEyZTM1ZTlhMjNhMjk2MmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOYmK0sBe2xSfP4yu94I7275OVOgopgFxbpo3pzZmXAfeFcfuC/M2XyQcI1s
1L/tK9a94fzR19l1vT7XoCnuEQut/hqeSG2SAn5cx1JgkW3ENU7mM56nVfNenHmd
OLlfz50kSUh3cTitPeIlSeTSjw0Dl9teXt0hSVKykmor21DyGKBjw5rNRP/qbMoW
JeZP6pTQiO8K/hQ4pIfT7LhDcchk8m/PcMXHXY1q0XQwVXkSdVvArZC9aD5C0qwt
uXsbIbMjcinBp8AOmqNj+cTySXkAhtPKAOOKWP7y5sK1UJWTfCETb5FRQAu4Mupd
JgqKaDHuEO6ipJmM34MJ1pDOu2cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTnKsGg
jdkz4h28arE4SkaaRumzgzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2U2OTBhZGMtMDk5Yy00ZDU4LWFkMWItODU2ZjY5M2Q5MGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDA
MA0GCSqGSIb3DQEBCwUAA4IBAQA0HXPjyE3xEcys6mmusiSKFQi5wLVMHq9SGqOr
qMnawC0zEE+Kf4XP8b9pqZO/rIE5posfgUGIgtJDr6gHHoxD6Y8HpXB0FTuZhFxU
uaLoCa7KbeUKAg493gwenQ7dRee/kp0e3z+itnkEp2+4E/QkWoMGzB81v8w2LbhD
qKWig1VhyuR6LkLnu0PN9CC4j+okLA3cJZWphiFdGF9ww7OpbBftb8MZ0nn5w5bJ
ezD6Gm4cwTF/Qdx9BawXYa5oZhq5TPjOMnu0P2sAUV7q3HuI/lLO/LfBgpT8Sn86
hdue4eXH+tQM4dHlXv2uqJgqn3leYnD0QdOCcTFemhnUSiOX
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:48:22 2025 by rpki-client