Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
File: b4bc5ce4-db80-4527-b720-60a744036322.roa (raw, json)
Hash identifier: YZs7chLhcYvxhPVf2vLtTf+RUsY2/wjrOUZjm3vMjJw=
Subject key identifier: A2:1F:87:62:DD:CE:D6:79:A6:85:7E:FF:A6:7A:D4:0C:21:0C:04:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B57228EFA9827FEEB146FBE736DC2FFD0EE66B5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
Signing time: Tue 05 Aug 2025 19:41:15 +0000
ROA not before: Tue 05 Aug 2025 19:41:15 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:57:22:8e:fa:98:27:fe:eb:14:6f:be:73:6d:c2:ff:d0:ee:66:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:41:15 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=af34e4539d8e0be0afbff9d46390def19ef0fdf77f91ca19979cdf84297c8176, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:04:81:2d:ba:97:56:ca:45:72:f1:68:4e:8a:
17:32:a1:38:a8:c2:f5:07:68:4e:29:59:d7:42:0b:
ea:86:f9:99:a7:00:b3:31:63:55:be:ae:d7:09:55:
39:32:99:f0:08:82:a0:5d:26:14:7c:72:67:75:b4:
be:91:c7:3a:2f:0a:8f:89:1e:c7:d4:1f:a0:cb:0f:
b2:d3:30:e4:65:ef:2c:43:a0:24:90:2e:8a:e7:6a:
98:8b:fb:89:35:a1:5b:81:66:13:29:f7:0e:6f:40:
84:8b:9d:60:54:f8:f1:f6:88:44:ef:87:0c:f9:db:
66:ee:7c:01:49:7c:93:57:0d:ae:da:36:78:c5:5d:
c1:0a:40:b5:dd:41:90:d6:cc:f6:c7:b4:11:87:67:
1a:da:e1:3b:71:65:ae:10:08:de:08:1b:9a:44:7f:
36:a7:c0:c6:a9:27:7f:a3:60:81:32:3d:f1:b4:a6:
d1:62:fd:05:b9:7e:43:c7:e3:bc:4b:52:89:ac:13:
8b:4c:41:f4:15:dd:10:fb:7a:7f:e9:dc:ad:b5:77:
09:93:95:bc:24:42:52:c8:6e:d9:51:f9:b0:9b:aa:
a3:fd:81:1e:50:45:e3:3d:1c:2c:78:18:d8:c7:f3:
cb:1a:5d:03:1a:bc:ef:8e:f2:45:ed:13:97:f7:8f:
fb:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:1F:87:62:DD:CE:D6:79:A6:85:7E:FF:A6:7A:D4:0C:21:0C:04:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:b000::/40
Signature Algorithm: sha256WithRSAEncryption
b5:06:2d:61:86:1a:41:30:a0:b8:14:5c:f2:5e:c7:b7:92:02:
cc:bf:71:ce:d1:a3:99:55:36:62:5e:28:19:68:f2:00:6c:32:
a6:17:ff:a7:d3:ac:6e:76:3a:b3:c2:56:c3:eb:c8:74:23:10:
12:73:0e:91:12:8b:fb:60:95:bf:1e:2f:70:48:05:25:83:fe:
6f:66:b7:43:a2:4a:f7:b9:1d:8a:ca:1d:dd:f4:dd:0e:d2:10:
be:58:f8:21:c1:02:0b:06:5e:41:8c:41:75:2b:95:57:14:34:
dc:24:03:dc:65:bb:86:98:78:19:ae:4d:fa:8e:b3:03:d2:25:
a3:ef:e7:6e:d3:a6:6c:0b:e2:d5:84:b6:66:95:98:25:eb:aa:
35:2e:b9:97:99:1e:f0:e3:5e:dc:97:f9:df:5d:2c:40:62:bc:
60:9f:97:78:d0:77:e5:30:87:cb:eb:b2:97:4b:6f:db:0b:f5:
b7:65:ab:e2:09:9b:e5:6c:37:2e:2f:54:e4:fe:44:24:0c:8f:
31:d8:a5:16:b8:df:29:2f:d4:59:74:d3:55:26:25:63:72:48:
f2:8b:35:d5:52:6b:32:1a:95:d1:88:1c:e6:52:fa:d7:33:de:
92:75:1f:71:dc:93:2d:1d:60:8f:e0:f8:06:0a:52:b3:f7:e9:
64:48:ce:19
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUa1cijvqYJ/7rFG++c23C/9DuZrUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQxMTVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmMzRlNDUzOWQ4ZTBiZTBhZmJmZjlkNDYzOTBkZWYxOWVmMGZkZjc3Zjkx
Y2ExOTk3OWNkZjg0Mjk3YzgxNzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8EgS26l1bKRXLxaE6KFzKhOKjC9QdoTilZ10IL6ob5macAszFjVb6u1wlV
OTKZ8AiCoF0mFHxyZ3W0vpHHOi8Kj4kex9QfoMsPstMw5GXvLEOgJJAuiudqmIv7
iTWhW4FmEyn3Dm9AhIudYFT48faIRO+HDPnbZu58AUl8k1cNrto2eMVdwQpAtd1B
kNbM9se0EYdnGtrhO3FlrhAI3ggbmkR/NqfAxqknf6NggTI98bSm0WL9Bbl+Q8fj
vEtSiawTi0xB9BXdEPt6f+ncrbV3CZOVvCRCUshu2VH5sJuqo/2BHlBF4z0cLHgY
2MfzyxpdAxq8747yRe0Tl/eP++ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSiH4di
3c7WeaaFfv+metQMIQwEbzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjRiYzVjZTQtZGI4MC00NTI3LWI3MjAtNjBhNzQ0MDM2MzIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6w
MA0GCSqGSIb3DQEBCwUAA4IBAQC1Bi1hhhpBMKC4FFzyXse3kgLMv3HO0aOZVTZi
XigZaPIAbDKmF/+n06xudjqzwlbD68h0IxAScw6REov7YJW/Hi9wSAUlg/5vZrdD
okr3uR2Kyh3d9N0O0hC+WPghwQILBl5BjEF1K5VXFDTcJAPcZbuGmHgZrk36jrMD
0iWj7+du06ZsC+LVhLZmlZgl66o1LrmXmR7w417cl/nfXSxAYrxgn5d40HflMIfL
67KXS2/bC/W3ZaviCZvlbDcuL1Tk/kQkDI8x2KUWuN8pL9RZdNNVJiVjckjyizXV
UmsyGpXRiBzmUvrXM96SdR9x3JMtHWCP4PgGClKz9+lkSM4Z
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:07 2025 by rpki-client