Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df59e31f-1e32-4e7a-a595-74adb3f93176.roa
File: df59e31f-1e32-4e7a-a595-74adb3f93176.roa (raw, json)
Hash identifier: 7uxH3bKBRxAga/ye6PPZbjKw8DFlTH7WojZUtGsDhG0=
Subject key identifier: F4:FC:AD:FB:4D:1D:55:C6:B4:76:0C:95:07:E3:D4:F7:31:6B:B5:51
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B7C3E80A3AC683C20F97A04C4D6C2364871C8DB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df59e31f-1e32-4e7a-a595-74adb3f93176.roa
Signing time: Tue 05 Aug 2025 19:22:02 +0000
ROA not before: Tue 05 Aug 2025 19:22:02 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:7c:3e:80:a3:ac:68:3c:20:f9:7a:04:c4:d6:c2:36:48:71:c8:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:22:02 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=b071d44b8d906085139398a88cb6d68d8d4017095b1e1d0c6c2d065c88bd3f3c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:24:27:aa:ea:ad:77:fd:6c:4c:36:1a:52:8d:
e5:78:36:b4:32:4b:ed:c9:6a:77:f6:7b:72:2a:b2:
05:bf:ea:26:6c:65:07:6f:bd:8f:f1:75:c4:0d:e5:
40:33:8c:39:34:ce:75:95:0d:f2:51:19:71:bb:0e:
0c:2c:04:36:ec:c6:dd:ca:4b:28:4f:74:25:c6:0d:
1f:ff:fb:79:70:50:08:c8:44:32:13:b2:36:00:f8:
d2:5b:5f:4f:a4:9f:3b:46:8e:7f:71:76:42:2e:c7:
fd:dd:36:3a:67:72:c0:0e:93:57:99:0d:54:1a:71:
22:ef:97:60:e5:62:55:f3:8b:42:bb:80:c6:ec:40:
46:f9:42:63:67:56:bc:9e:4d:de:30:8e:b9:e3:cb:
e8:2a:10:4c:b5:41:f0:d4:54:80:4e:dd:95:8b:66:
17:90:a3:ff:d5:a1:29:3c:bc:d1:d9:67:fd:6b:8d:
e1:55:e0:69:01:c8:21:13:ef:17:f1:40:40:07:e7:
ad:8d:08:6a:d0:37:1f:18:9a:fc:f4:99:c4:a3:95:
3d:42:6b:56:9b:a5:fd:9b:53:bc:71:4c:28:33:43:
22:90:27:11:fe:6e:31:53:e2:ae:e1:f8:78:ce:90:
ad:f2:3e:cc:25:54:17:4e:cf:b2:9c:98:23:38:be:
55:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:FC:AD:FB:4D:1D:55:C6:B4:76:0C:95:07:E3:D4:F7:31:6B:B5:51
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df59e31f-1e32-4e7a-a595-74adb3f93176.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e000::/40
Signature Algorithm: sha256WithRSAEncryption
c7:1e:b1:38:4c:7f:58:49:46:90:bc:54:81:30:53:75:4a:11:
fb:fb:e6:86:ab:c4:d1:f2:89:9a:73:e2:b0:51:1c:76:bc:a5:
7a:87:f4:7b:d0:9b:1b:22:d0:44:4b:4a:fb:f9:e7:68:7b:4c:
5e:1d:f6:d0:1e:05:85:16:ff:f3:b3:4d:1b:82:d4:eb:e1:88:
22:b0:cf:0c:f2:9f:96:03:5a:69:95:12:6d:4d:49:ca:e5:ba:
d8:66:ab:02:00:0c:85:ac:e4:75:65:ac:be:07:03:f2:d2:5c:
f3:63:69:3b:4f:d5:06:75:07:54:a1:8f:e8:9f:ed:5e:4e:97:
56:4a:f4:e4:d2:ff:c2:60:e0:8e:42:8c:aa:ef:86:17:91:5d:
ae:67:3c:0a:13:7c:1b:29:87:35:7f:8c:f1:93:62:69:30:af:
8b:ec:82:8c:2d:ad:72:3e:e1:3c:a9:eb:0f:b7:c1:d2:31:ab:
c4:da:cd:c7:ee:68:f4:e0:d7:1f:41:10:3e:7b:6a:73:61:af:
21:a2:ed:98:50:7b:55:78:c2:bf:c5:30:1a:ea:f3:07:a0:b6:
d6:05:ab:45:71:9f:18:39:00:fd:b5:91:91:0f:4c:c9:5c:a0:
46:f3:c2:92:dc:6c:48:38:40:e5:dd:e7:19:fb:c6:f1:d0:77:
df:4f:fb:99
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC3w+gKOsaDwg+XoExNbCNkhxyNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIyMDJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwNzFkNDRiOGQ5MDYwODUxMzkzOThhODhjYjZkNjhkOGQ0MDE3MDk1YjFl
MWQwYzZjMmQwNjVjODhiZDNmM2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAkJ6rqrXf9bEw2GlKN5Xg2tDJL7clqd/Z7ciqyBb/qJmxlB2+9j/F1xA3l
QDOMOTTOdZUN8lEZcbsODCwENuzG3cpLKE90JcYNH//7eXBQCMhEMhOyNgD40ltf
T6SfO0aOf3F2Qi7H/d02OmdywA6TV5kNVBpxIu+XYOViVfOLQruAxuxARvlCY2dW
vJ5N3jCOuePL6CoQTLVB8NRUgE7dlYtmF5Cj/9WhKTy80dln/WuN4VXgaQHIIRPv
F/FAQAfnrY0IatA3Hxia/PSZxKOVPUJrVpul/ZtTvHFMKDNDIpAnEf5uMVPiruH4
eM6QrfI+zCVUF07PspyYIzi+VQsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT0/K37
TR1VxrR2DJUH49T3MWu1UTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGY1OWUzMWYtMWUzMi00ZTdhLWE1OTUtNzRhZGIzZjkzMTc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DHg
MA0GCSqGSIb3DQEBCwUAA4IBAQDHHrE4TH9YSUaQvFSBMFN1ShH7++aGq8TR8oma
c+KwURx2vKV6h/R70JsbItBES0r7+edoe0xeHfbQHgWFFv/zs00bgtTr4YgisM8M
8p+WA1pplRJtTUnK5brYZqsCAAyFrOR1Zay+BwPy0lzzY2k7T9UGdQdUoY/on+1e
TpdWSvTk0v/CYOCOQoyq74YXkV2uZzwKE3wbKYc1f4zxk2JpMK+L7IKMLa1yPuE8
qesPt8HSMavE2s3H7mj04NcfQRA+e2pzYa8hou2YUHtVeMK/xTAa6vMHoLbWBatF
cZ8YOQD9tZGRD0zJXKBG88KS3GxIOEDl3ecZ+8bx0HffT/uZ
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:57 2025 by rpki-client