Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
File: d7bcc124-bcd8-42ec-911f-1b551dceda68.roa (raw, json)
Hash identifier: 47j7VDTmdvszHzIsrBmbORt9zDK7tRqmEHZnzD3wqkI=
Subject key identifier: A9:15:05:29:84:E9:DC:29:B6:D8:19:D4:6A:79:8C:EE:39:71:FA:EB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1FD5168FDCC5C46C812581D22A77F71E5E97732A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
Signing time: Tue 05 Aug 2025 19:41:20 +0000
ROA not before: Tue 05 Aug 2025 19:41:20 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:d5:16:8f:dc:c5:c4:6c:81:25:81:d2:2a:77:f7:1e:5e:97:73:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:41:20 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=598779609d49519bc79cf25476f5bbd800b6e165229ae1c885d17e06483e70d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8f:bf:19:9c:0b:9a:1b:2b:ca:68:1c:44:2b:
e3:01:36:51:6f:98:66:d0:17:d1:d3:38:f4:d6:41:
d6:f1:73:03:af:54:d6:f2:19:d7:60:41:c2:7d:44:
25:e0:69:36:6a:19:32:a8:95:f0:f5:a4:ef:03:38:
ba:68:fa:a6:5b:51:c0:5c:e6:e6:0c:0c:eb:8f:5b:
98:8e:4a:b8:1a:5b:2f:e8:90:8f:b3:69:76:39:13:
54:c9:de:46:77:28:2e:2e:03:eb:fb:52:47:c7:64:
e1:18:63:dd:b5:3b:89:cc:4f:8e:07:c9:0f:5d:07:
ce:ec:59:46:c3:9d:5d:87:89:15:97:75:ec:06:87:
bd:c0:79:79:49:7a:c8:38:37:ac:cf:cf:b1:c2:54:
69:25:f9:41:c0:db:7c:5d:64:43:b5:d0:54:ea:65:
2f:a3:85:d1:5a:71:e6:f8:5c:ea:4b:bb:e7:73:68:
90:5e:c1:97:28:68:16:75:4c:c1:c3:07:24:79:f6:
a3:45:7b:9c:d9:50:2e:a1:b7:17:17:8d:bc:43:1e:
73:82:ce:ca:97:ac:55:3c:73:69:c5:a8:3e:46:ae:
f9:76:6f:cd:49:f3:5a:f6:52:2f:98:4d:46:bd:eb:
b1:e2:41:9f:53:a5:41:e5:2f:bc:df:32:65:d5:31:
73:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:15:05:29:84:E9:DC:29:B6:D8:19:D4:6A:79:8C:EE:39:71:FA:EB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:e000::/40
Signature Algorithm: sha256WithRSAEncryption
7e:88:b0:9c:54:55:93:66:ae:7f:69:08:d2:b6:82:28:80:28:
9d:4a:c8:b4:9b:82:4a:ce:14:a5:25:8f:f4:22:29:66:c4:ac:
ab:c0:7b:0c:b9:30:2b:ae:72:43:1b:80:0f:a8:0e:de:5b:ae:
4f:64:15:65:21:c3:d7:8b:99:b0:10:29:61:f0:8e:f1:d4:11:
66:fc:3f:06:6c:0b:7b:d5:d1:a0:ef:12:9e:4c:a2:53:4b:53:
ce:25:38:84:f8:d4:1c:64:fb:63:3b:ff:c3:6d:4d:88:ea:f0:
70:16:ee:4c:66:77:83:57:99:86:83:09:dd:36:72:a5:5d:41:
0c:f1:e0:ca:16:66:ec:fa:85:01:4c:7a:89:4e:f8:76:e5:fc:
47:24:c6:1f:57:61:ff:2a:4d:7f:5e:92:72:5d:2a:66:67:a0:
8a:9a:1f:2e:97:eb:72:c1:b5:c2:51:2f:ca:c9:5e:06:84:eb:
28:22:72:e1:e3:8e:e7:e1:9b:b7:b4:17:b9:85:7a:5e:be:38:
d9:c2:8b:55:07:15:58:3b:c9:0a:98:a8:80:29:1e:70:c4:a4:
6e:57:43:27:0f:66:08:d8:67:85:3f:ec:09:cc:0f:68:0a:54:
04:72:aa:60:18:fe:43:7f:01:f2:b1:1e:4b:17:72:ef:32:d7:
7c:4e:69:96
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH9UWj9zFxGyBJYHSKnf3Hl6XcyowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQxMjBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5ODc3OTYwOWQ0OTUxOWJjNzljZjI1NDc2ZjViYmQ4MDBiNmUxNjUyMjlh
ZTFjODg1ZDE3ZTA2NDgzZTcwZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKPvxmcC5obK8poHEQr4wE2UW+YZtAX0dM49NZB1vFzA69U1vIZ12BBwn1E
JeBpNmoZMqiV8PWk7wM4umj6pltRwFzm5gwM649bmI5KuBpbL+iQj7NpdjkTVMne
RncoLi4D6/tSR8dk4Rhj3bU7icxPjgfJD10HzuxZRsOdXYeJFZd17AaHvcB5eUl6
yDg3rM/PscJUaSX5QcDbfF1kQ7XQVOplL6OF0Vpx5vhc6ku753NokF7BlyhoFnVM
wcMHJHn2o0V7nNlQLqG3FxeNvEMec4LOypesVTxzacWoPkau+XZvzUnzWvZSL5hN
Rr3rseJBn1OlQeUvvN8yZdUxc8sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSpFQUp
hOncKbbYGdRqeYzuOXH66zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdiY2MxMjQtYmNkOC00MmVjLTkxMWYtMWI1NTFkY2VkYTY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H7g
MA0GCSqGSIb3DQEBCwUAA4IBAQB+iLCcVFWTZq5/aQjStoIogCidSsi0m4JKzhSl
JY/0IilmxKyrwHsMuTArrnJDG4APqA7eW65PZBVlIcPXi5mwEClh8I7x1BFm/D8G
bAt71dGg7xKeTKJTS1POJTiE+NQcZPtjO//DbU2I6vBwFu5MZneDV5mGgwndNnKl
XUEM8eDKFmbs+oUBTHqJTvh25fxHJMYfV2H/Kk1/XpJyXSpmZ6CKmh8ul+tywbXC
US/KyV4GhOsoInLh447n4Zu3tBe5hXpevjjZwotVBxVYO8kKmKiAKR5wxKRuV0Mn
D2YI2GeFP+wJzA9oClQEcqpgGP5DfwHysR5LF3LvMtd8TmmW
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:04 2025 by rpki-client