Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa
File: 87ec9982-c725-40e5-b829-ff0f06d939c8.roa (raw, json)
Hash identifier: gTED8/ufgbjP0i+tLAsXYdd9Kf/KYH3KlQiwBrfkiyc=
Subject key identifier: 8E:64:F3:7F:D7:CF:47:04:F1:E9:D0:62:D6:E6:A1:E5:28:05:12:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74ECA73B29528165085B896C2695B0A75F6B119A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa
Signing time: Tue 05 Aug 2025 19:30:52 +0000
ROA not before: Tue 05 Aug 2025 19:30:52 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:ec:a7:3b:29:52:81:65:08:5b:89:6c:26:95:b0:a7:5f:6b:11:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:30:52 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=30f70bbb49059838e2e3b0fb9afc0b796106b1177f29500dff948e6211d262d3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3c:c4:79:f2:45:8e:75:6f:c4:cb:18:5c:97:
71:bd:0b:a4:40:c2:d4:2f:09:f9:82:a6:0f:8d:30:
75:41:a2:74:82:8a:90:d7:5b:2e:d5:05:e2:c1:68:
14:f3:4e:4d:86:10:6b:1f:c1:89:b4:67:d2:5e:8c:
d1:1e:78:14:0b:ac:20:25:42:9f:f4:cb:49:e2:87:
9f:d2:0a:36:5e:a9:94:54:d8:28:2c:7e:38:60:b8:
49:ea:06:d3:c8:a0:2e:33:a7:19:b4:e3:fb:fd:b6:
74:32:39:b9:a9:0c:28:88:5a:29:7f:06:f2:a6:db:
08:2a:7f:6a:ee:31:4e:8b:8d:f6:05:08:ce:a5:cc:
92:d4:62:1f:50:e0:fa:73:8a:61:c1:f3:f2:9c:dc:
45:09:d5:29:94:f6:73:b7:13:4f:a6:7b:a1:c1:15:
dd:14:f2:17:2c:d9:2d:92:47:99:71:43:c4:34:ee:
58:0d:54:1c:49:17:1b:cf:c1:43:db:fa:94:27:6e:
34:c5:d0:74:5e:4a:81:4d:90:cc:62:f7:f3:77:3d:
7d:25:d5:73:85:10:86:ad:67:d2:28:f8:32:37:39:
b5:5d:07:b0:25:9c:b9:9b:3f:e5:63:ce:2f:dd:9e:
78:f4:23:5d:8e:5f:d7:cc:9f:34:2d:f6:bf:6b:af:
07:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:64:F3:7F:D7:CF:47:04:F1:E9:D0:62:D6:E6:A1:E5:28:05:12:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:9000::/40
Signature Algorithm: sha256WithRSAEncryption
0a:a1:51:43:c6:4d:50:cb:9a:e8:c4:53:07:32:01:33:77:08:
39:de:d0:3c:db:52:da:ff:01:43:f1:d2:df:f4:b6:0b:6b:1e:
e7:fc:6e:16:39:a6:94:f8:7b:ce:86:c3:9e:ec:74:b6:26:fe:
4f:d1:7b:3d:e6:c7:35:1c:51:57:68:10:d9:96:b0:45:3c:c2:
6b:6a:29:fa:b3:74:f8:e2:e1:17:87:2b:bc:dc:a6:2f:10:7e:
2e:a6:21:fe:0e:ba:47:64:50:63:58:4d:f1:54:fe:6f:10:a3:
08:ca:12:66:45:f1:13:c7:40:54:b4:59:46:80:b6:8d:bf:8c:
23:90:7f:5a:ec:07:7a:d7:f3:8e:71:79:1d:e3:b7:78:50:5e:
23:b3:0f:2f:29:ab:ce:e2:ee:36:fd:03:55:6b:6c:87:3c:6f:
99:b5:f2:a7:38:14:7d:86:ad:72:3f:3c:d6:ac:4f:18:79:72:
7e:fc:d3:e8:9a:39:15:7c:d7:20:22:d7:a9:54:44:29:03:60:
80:39:95:e2:f5:ca:09:90:56:9b:f9:7d:2a:07:4c:2f:77:37:
03:4b:d3:60:1d:29:e4:98:ad:3e:9c:40:8b:6f:59:59:88:86:
ab:5b:14:ac:bc:df:61:b2:b3:16:01:ab:f2:2d:0c:b1:6b:a3:
a0:47:b9:16
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdOynOylSgWUIW4lsJpWwp19rEZowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMwNTJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwZjcwYmJiNDkwNTk4MzhlMmUzYjBmYjlhZmMwYjc5NjEwNmIxMTc3ZjI5
NTAwZGZmOTQ4ZTYyMTFkMjYyZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ88xHnyRY51b8TLGFyXcb0LpEDC1C8J+YKmD40wdUGidIKKkNdbLtUF4sFo
FPNOTYYQax/BibRn0l6M0R54FAusICVCn/TLSeKHn9IKNl6plFTYKCx+OGC4SeoG
08igLjOnGbTj+/22dDI5uakMKIhaKX8G8qbbCCp/au4xTouN9gUIzqXMktRiH1Dg
+nOKYcHz8pzcRQnVKZT2c7cTT6Z7ocEV3RTyFyzZLZJHmXFDxDTuWA1UHEkXG8/B
Q9v6lCduNMXQdF5KgU2QzGL383c9fSXVc4UQhq1n0ij4Mjc5tV0HsCWcuZs/5WPO
L92eePQjXY5f18yfNC32v2uvB1kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSOZPN/
189HBPHp0GLW5qHlKAUSADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODdlYzk5ODItYzcyNS00MGU1LWI4MjktZmYwZjA2ZDkzOWM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FiQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAKoVFDxk1Qy5roxFMHMgEzdwg53tA821La/wFD
8dLf9LYLax7n/G4WOaaU+HvOhsOe7HS2Jv5P0Xs95sc1HFFXaBDZlrBFPMJrain6
s3T44uEXhyu83KYvEH4upiH+DrpHZFBjWE3xVP5vEKMIyhJmRfETx0BUtFlGgLaN
v4wjkH9a7Ad61/OOcXkd47d4UF4jsw8vKavO4u42/QNVa2yHPG+ZtfKnOBR9hq1y
PzzWrE8YeXJ+/NPomjkVfNcgItepVEQpA2CAOZXi9coJkFab+X0qB0wvdzcDS9Ng
HSnkmK0+nECLb1lZiIarWxSsvN9hsrMWAavyLQyxa6OgR7kW
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:33 2025 by rpki-client