Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/002c315b-3412-464e-b865-645f657f136d.roa
File: 002c315b-3412-464e-b865-645f657f136d.roa (raw, json)
Hash identifier: IndRr65fgWL1CpTIZmYr5SukXbvbvHCJYdf/i1RTYuw=
Subject key identifier: DF:8D:A9:1E:86:AF:AE:6A:C7:CB:53:53:3A:CF:DD:E0:36:22:74:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7AF46C7D84A661977CAF03CB27906BD87540D2E8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/002c315b-3412-464e-b865-645f657f136d.roa
Signing time: Mon 28 Jul 2025 16:10:16 +0000
ROA not before: Mon 28 Jul 2025 16:10:16 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:f4:6c:7d:84:a6:61:97:7c:af:03:cb:27:90:6b:d8:75:40:d2:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:16 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=ac39ed52f6335a7a785e81dc767e0698355d0fe62094191eb05f47bc653e330d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:32:12:65:ba:02:f9:b3:2c:cf:f1:94:e2:3a:
90:ef:49:a2:01:ce:f9:f1:12:06:6e:d1:67:a9:ad:
27:79:15:35:62:c3:e2:38:49:23:72:52:70:52:0c:
90:0d:77:95:ed:76:d4:dc:7f:d9:70:40:2b:fb:04:
1b:7e:4b:9e:77:4e:3f:9d:a4:e1:69:c8:15:62:ba:
e0:2c:83:35:23:1b:6c:62:77:16:aa:7e:f4:73:bf:
15:df:87:ae:88:31:2c:8a:44:2a:36:08:0e:10:30:
31:55:8d:c3:5d:1d:3f:a4:91:fa:25:da:c4:2e:d7:
e6:ac:7c:7f:9e:34:1c:2c:ba:0c:59:c4:22:b5:e1:
be:f8:e2:0a:c7:fe:30:a3:fd:af:5f:4e:6d:07:b0:
73:5d:03:c8:0e:3d:7c:a4:08:74:a0:f5:d2:f9:66:
0b:80:ce:2a:ef:31:b1:f6:fc:bc:cc:ea:28:05:f1:
a0:09:25:59:d9:f1:ee:e6:fa:4e:ab:93:9d:a9:7b:
4d:e3:c1:48:6e:32:f3:8b:40:f8:53:66:1a:75:0f:
13:01:51:43:47:30:6a:bb:ac:2f:84:7b:21:dc:9a:
fc:6e:c7:45:dd:59:67:4e:05:88:08:8f:11:e1:6a:
67:b9:07:d8:6c:48:7a:93:32:02:30:18:04:fc:05:
87:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:8D:A9:1E:86:AF:AE:6A:C7:CB:53:53:3A:CF:DD:E0:36:22:74:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/002c315b-3412-464e-b865-645f657f136d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079::/32
Signature Algorithm: sha256WithRSAEncryption
53:2d:34:02:51:dd:ca:00:c0:7c:8d:2f:c2:15:19:f5:39:66:
07:40:81:cc:ef:ce:07:7f:96:e2:90:17:72:6e:53:a3:73:89:
e8:f1:a8:f7:7b:0b:58:86:5f:3c:b2:c4:ad:7e:e7:19:1d:b5:
9f:0b:e9:33:eb:a7:2a:d9:08:bb:64:b4:5d:fc:6c:4e:97:c3:
ee:69:56:03:60:58:5d:51:10:96:d4:d9:31:cf:3e:90:ad:1c:
e0:15:ca:bb:86:ff:fa:14:c5:49:4d:0e:03:bf:71:35:c4:8d:
01:5e:60:34:cf:77:53:60:77:4c:33:89:72:08:c2:74:84:72:
2c:23:b0:4c:a1:4a:e0:44:54:b7:5c:cf:a2:6c:d3:00:0d:c2:
94:ed:b2:3b:62:98:27:23:ac:08:a9:06:9b:50:d1:c6:b8:61:
ea:07:52:c2:fa:8e:1f:2e:76:ac:2b:b7:a7:ab:8b:1f:90:a4:
25:85:53:38:e6:0b:0d:2b:52:fb:6a:2f:0f:81:d7:1f:43:90:
b5:ee:11:ce:48:b1:2c:89:cb:64:52:72:19:74:01:08:9f:e0:
07:83:7a:52:c7:73:24:d4:8d:2e:5e:c1:12:e3:42:b6:1c:5a:
d2:40:f8:5a:c9:77:9a:78:64:ab:89:33:be:86:2d:7b:65:9a:
e0:ca:62:02
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUevRsfYSmYZd8rwPLJ5Br2HVA0ugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMTZaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjMzllZDUyZjYzMzVhN2E3ODVlODFkYzc2N2UwNjk4MzU1ZDBmZTYyMDk0
MTkxZWIwNWY0N2JjNjUzZTMzMGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANoyEmW6AvmzLM/xlOI6kO9JogHO+fESBm7RZ6mtJ3kVNWLD4jhJI3JScFIM
kA13le121Nx/2XBAK/sEG35LnndOP52k4WnIFWK64CyDNSMbbGJ3Fqp+9HO/Fd+H
rogxLIpEKjYIDhAwMVWNw10dP6SR+iXaxC7X5qx8f540HCy6DFnEIrXhvvjiCsf+
MKP9r19ObQewc10DyA49fKQIdKD10vlmC4DOKu8xsfb8vMzqKAXxoAklWdnx7ub6
TquTnal7TePBSG4y84tA+FNmGnUPEwFRQ0cwarusL4R7Idya/G7HRd1ZZ04FiAiP
EeFqZ7kH2GxIepMyAjAYBPwFh/kCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTfjake
hq+uasfLU1M6z93gNiJ0uzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDAyYzMxNWItMzQxMi00NjRlLWI4NjUtNjQ1ZjY1N2YxMzZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hkw
DQYJKoZIhvcNAQELBQADggEBAFMtNAJR3coAwHyNL8IVGfU5ZgdAgczvzgd/luKQ
F3JuU6NziejxqPd7C1iGXzyyxK1+5xkdtZ8L6TPrpyrZCLtktF38bE6Xw+5pVgNg
WF1REJbU2THPPpCtHOAVyruG//oUxUlNDgO/cTXEjQFeYDTPd1Ngd0wziXIIwnSE
ciwjsEyhSuBEVLdcz6Js0wANwpTtsjtimCcjrAipBptQ0ca4YeoHUsL6jh8udqwr
t6erix+QpCWFUzjmCw0rUvtqLw+B1x9DkLXuEc5IsSyJy2RSchl0AQif4AeDelLH
cyTUjS5ewRLjQrYcWtJA+FrJd5p4ZKuJM76GLXtlmuDKYgI=
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:00:05 2025 by rpki-client