Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
File: b7d242ad-482b-4700-888a-b677a178a4bf.roa (raw, json)
Hash identifier: WTHNlUfMNutLNLV/yBWjSQshJcJxjRti/t5Ibb90k6k=
Subject key identifier: 84:22:42:D6:C0:9E:FF:73:EF:B9:A4:33:84:8F:FB:8D:E5:F7:69:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69C8122959D4959C38AD7C61036B3A754F0D5017
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
Signing time: Tue 05 Aug 2025 19:21:58 +0000
ROA not before: Tue 05 Aug 2025 19:21:58 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:c8:12:29:59:d4:95:9c:38:ad:7c:61:03:6b:3a:75:4f:0d:50:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:21:58 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=a32aa2b5162ac4e3b50754289cfdb9ea062a8d56e8ee0dae6603613215d73b95, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d4:89:ab:9c:e3:ff:d4:26:10:4a:d0:46:b2:
fc:2e:89:d0:00:cf:12:27:57:c6:7f:ca:6e:50:b1:
6d:fc:c3:56:32:45:1b:c8:67:6e:2f:02:b9:5e:7c:
56:ce:91:44:a8:6e:6e:2c:83:7e:6f:a1:a2:1c:37:
43:33:87:8d:28:59:4a:3f:61:92:23:8e:e0:e8:3f:
2e:19:df:5d:f4:27:8a:82:b6:da:46:d6:4c:3e:b3:
ee:7c:25:c0:df:f1:f0:f2:ca:b0:fa:64:7a:7d:c8:
87:86:db:c2:0f:d0:14:06:85:c4:02:aa:f4:b6:1d:
e2:e5:1f:a7:b0:d5:60:1e:64:52:df:4b:53:c2:2e:
1d:8c:9d:5b:08:a3:63:8d:8d:d9:8e:21:da:3c:23:
8e:bc:64:e6:f7:8a:07:52:c7:94:44:58:2c:65:34:
ef:90:4e:da:9f:96:86:2d:08:f8:1f:67:52:3c:cd:
f8:64:39:79:74:6c:5d:83:de:c1:25:d1:cc:81:2e:
66:b1:e2:8f:01:58:d7:eb:ef:b5:b2:b2:72:db:56:
b8:45:71:f1:1a:cd:99:17:88:0d:c8:9b:13:2c:6f:
9e:63:31:f4:c7:48:db:cb:77:b1:7d:0c:64:2e:a0:
32:e5:5c:e3:dd:89:28:0f:50:7e:7d:49:d2:7b:24:
78:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:22:42:D6:C0:9E:FF:73:EF:B9:A4:33:84:8F:FB:8D:E5:F7:69:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6080::/48
Signature Algorithm: sha256WithRSAEncryption
59:5f:e1:51:5e:a1:6e:e4:71:37:b6:1f:21:3b:6b:0d:cb:20:
fc:5f:a4:46:fd:38:42:c8:66:09:56:2d:a2:ab:86:df:50:0d:
e4:7a:7d:46:e3:ab:1c:41:bf:69:af:70:66:59:85:2d:86:30:
09:1b:ed:80:7c:36:60:6d:3f:3b:6b:df:a6:69:b4:09:93:12:
45:0c:57:0d:5f:df:7f:03:7e:5e:87:76:80:10:a8:52:eb:81:
25:c0:10:5c:6f:84:56:a0:b0:3f:86:68:77:ef:4f:9e:d5:34:
17:4f:9b:54:a9:19:1d:05:9f:7e:6c:a7:24:79:7b:9b:cd:f2:
ac:e9:fa:1b:24:b7:a2:3e:c0:42:ef:5b:d9:99:36:29:5f:fa:
14:a9:40:ae:d9:65:6b:f8:b6:22:3a:cb:ba:44:91:e2:40:d8:
d1:21:fd:19:5d:0c:84:ec:47:0c:5e:a6:d7:9d:ba:42:98:11:
13:27:56:90:e2:39:45:e8:8d:d4:e5:dc:e5:60:58:40:18:7d:
28:07:ac:0e:25:b6:bc:04:c9:c1:c6:68:a0:a9:59:78:ac:d0:
c8:ee:ee:ff:06:fe:5d:c7:38:9a:69:0b:d9:83:d0:c9:c2:f5:
23:f2:5a:67:b9:a5:02:fa:9a:3f:55:e1:e3:5a:ec:9c:42:69:
24:dd:b2:e9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUacgSKVnUlZw4rXxhA2s6dU8NUBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIxNThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzMmFhMmI1MTYyYWM0ZTNiNTA3NTQyODljZmRiOWVhMDYyYThkNTZlOGVl
MGRhZTY2MDM2MTMyMTVkNzNiOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMXUiauc4//UJhBK0Eay/C6J0ADPEidXxn/KblCxbfzDVjJFG8hnbi8CuV58
Vs6RRKhubiyDfm+hohw3QzOHjShZSj9hkiOO4Og/LhnfXfQnioK22kbWTD6z7nwl
wN/x8PLKsPpken3Ih4bbwg/QFAaFxAKq9LYd4uUfp7DVYB5kUt9LU8IuHYydWwij
Y42N2Y4h2jwjjrxk5veKB1LHlERYLGU075BO2p+Whi0I+B9nUjzN+GQ5eXRsXYPe
wSXRzIEuZrHijwFY1+vvtbKycttWuEVx8RrNmReIDcibEyxvnmMx9MdI28t3sX0M
ZC6gMuVc492JKA9Qfn1J0nskePkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSEIkLW
wJ7/c++5pDOEj/uN5fdpgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjdkMjQyYWQtNDgyYi00NzAwLTg4OGEtYjY3N2ExNzhhNGJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJg
gDANBgkqhkiG9w0BAQsFAAOCAQEAWV/hUV6hbuRxN7YfITtrDcsg/F+kRv04Qshm
CVYtoquG31AN5Hp9RuOrHEG/aa9wZlmFLYYwCRvtgHw2YG0/O2vfpmm0CZMSRQxX
DV/ffwN+Xod2gBCoUuuBJcAQXG+EVqCwP4Zod+9PntU0F0+bVKkZHQWffmynJHl7
m83yrOn6GyS3oj7AQu9b2Zk2KV/6FKlArtlla/i2IjrLukSR4kDY0SH9GV0MhOxH
DF6m1526QpgREydWkOI5ReiN1OXc5WBYQBh9KAesDiW2vATJwcZooKlZeKzQyO7u
/wb+Xcc4mmkL2YPQycL1I/JaZ7mlAvqaP1Xh41rsnEJpJN2y6Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:25:55 2025 by rpki-client