Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
File: c02bd597-170b-4eec-b8d1-18d678b065fa.roa (raw, json)
Hash identifier: 804px/8vQoS+oQkVFxwT+YTi1uaKPxrKl+pY+PuEn4M=
Subject key identifier: F8:AB:D7:F9:39:72:37:C1:7D:87:3F:DE:BA:F7:C5:7A:88:61:D7:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71B5882517E20C6949BA40104D50ED05F5B0C5D8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
Signing time: Tue 05 Aug 2025 19:01:45 +0000
ROA not before: Tue 05 Aug 2025 19:01:45 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:b5:88:25:17:e2:0c:69:49:ba:40:10:4d:50:ed:05:f5:b0:c5:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:01:45 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=d5cff3c609b3d541bab9abd918868989f2360dfda13b410b12660b72361761bd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0a:7f:b1:cd:4c:f2:ac:77:ec:9c:39:9c:b1:
3d:d9:44:f7:68:0a:89:0c:e1:06:07:3a:7c:72:33:
b3:27:95:48:15:98:9a:c4:36:5f:5e:fe:13:dd:b9:
ef:74:62:8a:62:4d:9d:e2:fe:2e:73:2b:c7:81:1a:
56:d8:c3:8d:ba:ad:fe:07:e9:52:2d:c2:e5:07:70:
04:eb:37:96:73:0a:f2:f0:e1:be:de:ad:95:19:8e:
75:ab:e7:e6:01:89:64:e5:ac:0f:ac:83:92:8b:14:
2b:b0:4f:f5:36:fb:79:e8:a4:52:b0:11:b3:5f:f2:
a1:7b:40:f4:e9:44:5f:f4:56:a3:33:1d:68:71:1c:
6c:25:93:e3:4e:c8:54:6f:76:51:d1:15:08:02:07:
69:cd:39:8d:b9:8b:f9:eb:a2:93:8d:e6:a8:f3:f1:
90:a0:2e:f1:64:22:81:b2:45:c3:1a:bd:88:95:24:
7a:71:f0:52:c7:bc:c5:65:1b:c9:54:61:99:8d:46:
d8:4f:71:58:e5:38:61:29:68:5f:82:83:2e:0e:31:
5b:a3:9e:f0:92:57:7d:5d:1a:01:08:dd:5f:a7:dc:
36:10:a0:e6:5e:ca:4e:dc:34:0d:19:26:31:53:05:
99:63:44:83:80:da:19:c1:77:30:85:5b:a9:a4:20:
4e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:AB:D7:F9:39:72:37:C1:7D:87:3F:DE:BA:F7:C5:7A:88:61:D7:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8010::/48
Signature Algorithm: sha256WithRSAEncryption
46:32:a4:5e:30:31:4b:04:35:d8:0c:2f:af:84:14:7e:93:53:
8a:ae:5d:a1:90:b4:a1:73:98:b7:1b:03:67:cd:8f:f9:5c:00:
c3:30:5f:4b:05:cf:34:ed:97:0f:c2:75:3b:84:a5:43:d6:99:
b6:b5:05:4e:d7:f5:eb:c2:ec:17:f2:2e:ba:49:29:8c:f6:5f:
56:b6:40:f3:c8:e8:7f:a9:ae:31:85:b5:7a:71:2e:10:b1:b7:
f3:3d:ff:e3:03:d1:31:47:af:c5:d2:37:77:83:f7:76:d3:c9:
d4:7e:bb:35:6d:57:b0:a4:11:8d:a3:4a:a5:fb:7b:d7:e9:36:
da:2d:a4:de:17:41:1a:b6:7e:23:13:2c:da:b0:75:31:3c:ff:
c7:c0:51:99:95:5d:fa:1d:79:89:db:69:6a:18:86:6c:8b:df:
4c:e6:b8:37:b9:81:0d:3a:db:0f:0b:b4:e4:eb:be:ae:0c:74:
5d:23:63:37:3b:f2:c8:44:28:61:f5:e4:49:70:d7:d3:6b:e6:
31:4a:04:d2:b1:8f:f5:34:33:a9:55:28:ba:6d:a6:da:b6:47:
c3:42:a1:dc:32:84:f4:9a:9d:3a:a8:63:af:cf:dc:89:14:22:
bf:0d:84:1b:ec:49:2f:a8:4f:8e:e5:60:05:f9:7b:ab:ef:3b:
a6:68:c6:9d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcbWIJRfiDGlJukAQTVDtBfWwxdgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAxNDVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1Y2ZmM2M2MDliM2Q1NDFiYWI5YWJkOTE4ODY4OTg5ZjIzNjBkZmRhMTNi
NDEwYjEyNjYwYjcyMzYxNzYxYmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKEKf7HNTPKsd+ycOZyxPdlE92gKiQzhBgc6fHIzsyeVSBWYmsQ2X17+E925
73RiimJNneL+LnMrx4EaVtjDjbqt/gfpUi3C5QdwBOs3lnMK8vDhvt6tlRmOdavn
5gGJZOWsD6yDkosUK7BP9Tb7eeikUrARs1/yoXtA9OlEX/RWozMdaHEcbCWT407I
VG92UdEVCAIHac05jbmL+euik43mqPPxkKAu8WQigbJFwxq9iJUkenHwUse8xWUb
yVRhmY1G2E9xWOU4YSloX4KDLg4xW6Oe8JJXfV0aAQjdX6fcNhCg5l7KTtw0DRkm
MVMFmWNEg4DaGcF3MIVbqaQgTh0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT4q9f5
OXI3wX2HP96698V6iGHXQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzAyYmQ1OTctMTcwYi00ZWVjLWI4ZDEtMThkNjc4YjA2NWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
EDANBgkqhkiG9w0BAQsFAAOCAQEARjKkXjAxSwQ12Awvr4QUfpNTiq5doZC0oXOY
txsDZ82P+VwAwzBfSwXPNO2XD8J1O4SlQ9aZtrUFTtf168LsF/IuukkpjPZfVrZA
88jof6muMYW1enEuELG38z3/4wPRMUevxdI3d4P3dtPJ1H67NW1XsKQRjaNKpft7
1+k22i2k3hdBGrZ+IxMs2rB1MTz/x8BRmZVd+h15idtpahiGbIvfTOa4N7mBDTrb
Dwu05Ou+rgx0XSNjNzvyyEQoYfXkSXDX02vmMUoE0rGP9TQzqVUoum2m2rZHw0Kh
3DKE9JqdOqhjr8/ciRQivw2EG+xJL6hPjuVgBfl7q+87pmjGnQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:00:04 2025 by rpki-client