Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ff479c7-35c9-43ea-ab99-712ce7537beb.roa
File: 9ff479c7-35c9-43ea-ab99-712ce7537beb.roa (raw, json)
Hash identifier: keAqQtcJERiQw/a3jkppFexejWUhQVe3l0Rc53kZZDw=
Subject key identifier: 80:3F:9D:C2:D0:95:5A:46:58:28:54:8D:5A:36:A4:0A:5F:AC:C4:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B80EBE16867CE15689E44723F1236567498F71F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ff479c7-35c9-43ea-ab99-712ce7537beb.roa
Signing time: Fri 22 Aug 2025 15:11:20 +0000
ROA not before: Fri 22 Aug 2025 15:11:20 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:80:eb:e1:68:67:ce:15:68:9e:44:72:3f:12:36:56:74:98:f7:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:11:20 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=b7cc6ca37c4b3a066963a68bb65d60d0747411e9516a08e739747675a796a9c7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:53:d8:11:0d:c0:e6:53:f2:af:fc:8b:b9:ed:
92:d9:42:a2:ea:65:9c:fc:22:6b:0e:91:0f:fc:61:
d1:4f:7c:7f:3c:eb:0a:27:e2:ab:73:7a:b4:b9:e6:
ab:1d:66:02:74:ae:45:8d:77:84:ea:33:33:c9:bf:
1c:71:99:44:ce:6f:48:eb:d7:e5:e3:84:a9:6f:ba:
7d:48:cb:3c:cd:a0:13:b0:bd:46:ba:f2:42:b1:7f:
08:48:8d:38:53:30:73:e1:22:1f:0a:60:a0:82:48:
2f:09:1e:69:b6:a7:b9:e2:bc:3b:15:51:c7:a5:a2:
b7:68:a4:9c:2c:29:0b:70:e2:0e:3e:58:b3:b5:97:
1f:ba:61:5b:eb:00:c1:54:60:e5:df:ad:4f:48:94:
3f:e2:a1:47:bd:70:51:a5:6f:4b:b1:00:c1:47:b5:
b4:ad:3e:fd:98:f0:4d:c0:95:ef:ca:41:af:15:94:
cd:e2:1a:49:bb:b0:a4:4c:3c:84:7b:71:cb:fa:da:
5d:72:d2:a7:17:52:fe:cb:ca:79:bb:6f:f0:53:f1:
83:49:d6:f5:0d:a3:ff:27:23:b7:e2:a7:da:0f:dc:
2e:64:31:f1:cd:2a:46:ff:37:09:61:9b:a9:43:42:
ce:46:03:7d:42:55:46:7f:f4:b7:f4:09:a8:6c:a2:
46:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:3F:9D:C2:D0:95:5A:46:58:28:54:8D:5A:36:A4:0A:5F:AC:C4:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ff479c7-35c9-43ea-ab99-712ce7537beb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:2000::/40
Signature Algorithm: sha256WithRSAEncryption
97:b8:3f:fa:99:52:a0:a4:81:dc:78:10:f7:38:6b:25:f4:d8:
80:2b:18:a9:3d:1b:43:b3:46:93:ca:75:bb:de:b6:e2:93:36:
71:2a:1c:a4:41:6e:ca:a1:27:b6:59:3d:64:d4:5d:c2:23:e7:
61:d0:aa:c5:f2:e2:21:85:5e:35:ec:1b:80:70:db:d7:e5:95:
39:da:98:3e:ec:d2:66:f7:98:7c:7e:44:27:4d:a2:40:bb:28:
17:bc:67:3c:aa:b7:c1:ca:b0:a8:f0:d0:7b:91:43:84:fa:5f:
05:a8:bb:c0:32:72:10:e3:ba:08:a0:11:1b:85:68:9e:27:fb:
ae:d6:d6:72:d9:c3:42:5e:10:0f:de:d8:86:ab:d2:b9:c9:dc:
6e:b1:77:b3:72:91:7f:20:72:61:c5:dd:46:65:34:6e:89:94:
de:68:5d:b4:18:c2:68:e5:07:7f:cb:d7:70:12:3e:f7:8a:c6:
df:34:30:df:dc:49:a1:d3:65:71:02:a0:25:3c:75:4f:09:f6:
11:e5:b7:cf:20:b1:e0:7b:f2:d7:fd:1b:d9:7f:c5:2b:72:e1:
3c:aa:76:14:81:95:8d:66:87:51:db:82:96:65:b3:4f:2f:bd:
d0:d1:7e:68:5d:64:2d:63:89:5d:dc:aa:10:0e:bb:a7:fb:43:
6a:3f:dc:35
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe4Dr4WhnzhVonkRyPxI2VnSY9x8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTExMjBaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3Y2M2Y2EzN2M0YjNhMDY2OTYzYTY4YmI2NWQ2MGQwNzQ3NDExZTk1MTZh
MDhlNzM5NzQ3Njc1YTc5NmE5YzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJZT2BENwOZT8q/8i7ntktlCouplnPwiaw6RD/xh0U98fzzrCifiq3N6tLnm
qx1mAnSuRY13hOozM8m/HHGZRM5vSOvX5eOEqW+6fUjLPM2gE7C9RrryQrF/CEiN
OFMwc+EiHwpgoIJILwkeabanueK8OxVRx6Wit2iknCwpC3DiDj5Ys7WXH7phW+sA
wVRg5d+tT0iUP+KhR71wUaVvS7EAwUe1tK0+/ZjwTcCV78pBrxWUzeIaSbuwpEw8
hHtxy/raXXLSpxdS/svKebtv8FPxg0nW9Q2j/ycjt+Kn2g/cLmQx8c0qRv83CWGb
qUNCzkYDfUJVRn/0t/QJqGyiRkkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSAP53C
0JVaRlgoVI1aNqQKX6zETjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZmNDc5YzctMzVjOS00M2VhLWFiOTktNzEyY2U3NTM3YmViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAg
MA0GCSqGSIb3DQEBCwUAA4IBAQCXuD/6mVKgpIHceBD3OGsl9NiAKxipPRtDs0aT
ynW73rbikzZxKhykQW7KoSe2WT1k1F3CI+dh0KrF8uIhhV417BuAcNvX5ZU52pg+
7NJm95h8fkQnTaJAuygXvGc8qrfByrCo8NB7kUOE+l8FqLvAMnIQ47oIoBEbhWie
J/uu1tZy2cNCXhAP3tiGq9K5ydxusXezcpF/IHJhxd1GZTRuiZTeaF20GMJo5Qd/
y9dwEj73isbfNDDf3Emh02VxAqAlPHVPCfYR5bfPILHge/LX/RvZf8UrcuE8qnYU
gZWNZodR24KWZbNPL73Q0X5oXWQtY4ld3KoQDrun+0NqP9w1
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:24 2025 by rpki-client