Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
File: f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa (raw, json)
Hash identifier: Y23rGAUwEdYzjsmOVSZ6Ghji9pxjIiSmTIzNUsI5AX0=
Subject key identifier: C3:D2:0B:04:5A:B3:D1:C7:02:57:67:AC:B3:9F:C5:A4:12:9A:2B:F0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7DE6C2498F4194AE4A812354BA5E4E2493B170FF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
Signing time: Fri 22 Aug 2025 15:10:13 +0000
ROA not before: Fri 22 Aug 2025 15:10:13 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:e6:c2:49:8f:41:94:ae:4a:81:23:54:ba:5e:4e:24:93:b1:70:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:13 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=b6337e1e9700c12f2e12712478610a05ac7159341b08d1dc7d3780b59ad3f585, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:86:c5:53:60:1c:74:c4:4b:46:77:2d:6c:c3:
88:1b:c1:90:36:df:7e:95:c8:a8:6d:d0:50:9f:58:
aa:74:9b:3a:97:ec:a3:30:6c:56:4e:d5:28:b3:09:
85:ea:cc:1c:8b:68:1c:14:7a:54:1a:36:a5:24:fd:
3f:b8:5f:18:f4:96:91:8c:02:db:36:d1:05:31:76:
6b:da:44:31:6a:55:e6:8d:fb:b4:94:bc:3a:a3:81:
c0:0d:a1:b9:ba:aa:65:97:1c:ce:11:1a:dc:2a:e8:
d6:79:26:c4:38:b7:a2:57:30:7f:ec:f6:39:f4:d5:
45:6d:99:40:c4:ba:01:98:a2:60:83:6b:5e:a9:aa:
ee:d9:58:71:12:9e:92:62:d7:34:f2:e8:a3:67:f4:
2e:93:cc:cd:c0:48:fc:5f:f4:1f:bf:f1:d4:a8:c1:
3e:bd:e7:78:1c:6f:24:c3:02:d4:e6:16:6f:e5:6a:
07:d0:d6:d6:75:02:5f:61:30:10:94:f2:ef:3a:84:
35:44:e3:6c:96:4c:ea:5e:7e:e0:0f:40:d8:9d:75:
a8:09:b8:4c:16:7c:7d:21:40:44:3d:15:2d:1e:1b:
ca:c1:29:66:c3:6b:02:e8:5b:da:1c:dc:92:81:f7:
1e:8a:c7:52:1b:29:13:15:93:51:eb:d4:46:2a:c0:
eb:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:D2:0B:04:5A:B3:D1:C7:02:57:67:AC:B3:9F:C5:A4:12:9A:2B:F0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:e000::/40
Signature Algorithm: sha256WithRSAEncryption
b9:8f:00:47:b8:bc:e3:65:d2:03:40:cb:02:39:dd:9e:92:cd:
79:31:c6:68:56:59:71:c2:9b:91:35:48:5f:a7:3e:7b:2e:0e:
10:f3:43:e0:2c:11:2e:38:a3:ca:05:13:b0:ce:d4:0c:79:29:
b5:49:20:ec:51:bc:3b:85:69:70:c3:ae:c0:9a:d5:e9:05:d5:
10:4f:db:2f:c3:63:31:44:b3:98:d7:55:fd:84:0d:26:2a:ef:
99:52:b6:42:80:e8:f2:32:aa:88:a2:28:7e:3f:be:3a:4f:97:
08:f6:40:09:89:c7:bd:d0:8e:88:a4:c4:d1:cc:ac:8d:1d:63:
42:ad:2f:c8:7f:b7:b1:64:af:bc:e2:65:55:3b:c6:a6:10:ba:
7f:14:28:7a:a2:0c:fe:c2:52:f1:e0:0d:9f:96:bb:ad:06:c0:
ce:0e:93:93:f7:69:a2:dc:6e:85:2e:bd:33:cc:00:46:43:79:
05:db:0f:01:7c:76:69:a8:24:a4:5d:ea:7c:e7:19:74:35:d4:
c1:eb:e5:ff:3a:45:a2:27:fe:ed:62:78:06:7f:73:5b:10:5e:
15:cb:f0:42:eb:d2:f5:05:4b:4a:aa:03:37:26:f0:19:8e:ab:
6d:58:cc:13:c8:cd:fb:68:f7:3a:b2:c6:a3:64:ce:35:1c:d9:
b2:1f:d3:9f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfebCSY9BlK5KgSNUul5OJJOxcP8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwMTNaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2MzM3ZTFlOTcwMGMxMmYyZTEyNzEyNDc4NjEwYTA1YWM3MTU5MzQxYjA4
ZDFkYzdkMzc4MGI1OWFkM2Y1ODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuGxVNgHHTES0Z3LWzDiBvBkDbffpXIqG3QUJ9YqnSbOpfsozBsVk7VKLMJ
herMHItoHBR6VBo2pST9P7hfGPSWkYwC2zbRBTF2a9pEMWpV5o37tJS8OqOBwA2h
ubqqZZcczhEa3Cro1nkmxDi3olcwf+z2OfTVRW2ZQMS6AZiiYINrXqmq7tlYcRKe
kmLXNPLoo2f0LpPMzcBI/F/0H7/x1KjBPr3neBxvJMMC1OYWb+VqB9DW1nUCX2Ew
EJTy7zqENUTjbJZM6l5+4A9A2J11qAm4TBZ8fSFARD0VLR4bysEpZsNrAuhb2hzc
koH3HorHUhspExWTUevURirA6wkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTD0gsE
WrPRxwJXZ6yzn8WkEpor8DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdjMTRjYjMtMjRkNS00ODkwLTg4ODktY2I3YzI2MzM4YTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDg
MA0GCSqGSIb3DQEBCwUAA4IBAQC5jwBHuLzjZdIDQMsCOd2eks15McZoVllxwpuR
NUhfpz57Lg4Q80PgLBEuOKPKBROwztQMeSm1SSDsUbw7hWlww67AmtXpBdUQT9sv
w2MxRLOY11X9hA0mKu+ZUrZCgOjyMqqIoih+P746T5cI9kAJice90I6IpMTRzKyN
HWNCrS/If7exZK+84mVVO8amELp/FCh6ogz+wlLx4A2flrutBsDODpOT92mi3G6F
Lr0zzABGQ3kF2w8BfHZpqCSkXep85xl0NdTB6+X/OkWiJ/7tYngGf3NbEF4Vy/BC
69L1BUtKqgM3JvAZjqttWMwTyM37aPc6ssajZM41HNmyH9Of
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:50:52 2025 by rpki-client