Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02637666-ed34-43aa-b7a8-bb29f34fad13.roa
File: 02637666-ed34-43aa-b7a8-bb29f34fad13.roa (raw, json)
Hash identifier: ZazV92dAjrzlxCWVo0TAh8oSNVRRSZIIgaTgCVQ6BOA=
Subject key identifier: 37:C8:AC:C8:3E:C1:08:FD:3A:2A:A6:CE:0B:BD:32:36:44:D3:D6:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 19DC7D1734A42F3E54A253E2BC32DAC54E27F97E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02637666-ed34-43aa-b7a8-bb29f34fad13.roa
Signing time: Wed 30 Jul 2025 20:08:53 +0000
ROA not before: Wed 30 Jul 2025 20:08:53 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:dc:7d:17:34:a4:2f:3e:54:a2:53:e2:bc:32:da:c5:4e:27:f9:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:08:53 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=40017fb5fcf48253819d1c95859e2f57c6ac2e3ba9bb5f6b9408df087866be1e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:05:28:74:18:27:39:4a:6d:1b:eb:10:25:6f:
a0:74:e8:0f:0f:4d:3a:04:95:38:a1:30:41:5c:b1:
f3:4e:0d:66:13:b8:83:a9:92:df:6e:fb:fb:c9:52:
53:36:76:63:fd:e1:01:82:67:46:eb:12:53:8f:86:
fc:ec:1e:ac:57:59:3e:fa:ae:f3:44:69:ff:d9:29:
ad:62:7c:8f:6f:f2:bf:e3:60:fc:72:d7:a9:79:7e:
d9:93:c9:5e:7f:34:16:78:a2:0f:b4:a4:fe:36:a9:
4e:d2:f9:9d:56:4d:4c:17:8b:2d:d1:c1:72:8f:ac:
c0:e5:24:4e:0d:1b:4c:97:fc:62:6c:46:81:63:b4:
74:b3:89:d4:75:1c:e0:e9:b3:2f:b0:a9:39:9e:4d:
e9:47:9d:51:57:c1:2b:c8:76:99:71:ef:88:1d:6a:
14:99:a6:13:7c:44:3b:39:72:19:4b:71:bd:9c:e0:
66:2b:02:ec:5e:0e:a9:12:83:41:c9:5e:c4:73:1d:
5a:84:2a:80:fa:3d:d6:86:3b:4f:8d:27:69:04:52:
4c:6d:17:73:29:be:7c:b6:29:2a:5f:65:a7:75:78:
a3:5d:54:7f:22:ae:a6:b2:ef:2c:4d:e2:9e:33:f7:
4f:bc:ad:b0:ae:67:ab:ef:80:05:f9:56:40:29:41:
18:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:C8:AC:C8:3E:C1:08:FD:3A:2A:A6:CE:0B:BD:32:36:44:D3:D6:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02637666-ed34-43aa-b7a8-bb29f34fad13.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:b000::/40
Signature Algorithm: sha256WithRSAEncryption
20:dc:cb:c9:e9:6c:f4:18:8c:f6:95:e1:60:97:2c:23:3e:14:
6e:8f:65:63:34:f6:31:aa:59:86:c3:c1:49:b7:a7:98:77:9b:
3c:c6:5c:2b:22:eb:0b:d4:17:53:8e:c3:95:e7:e4:bc:3e:79:
23:90:20:57:dc:1c:8b:ab:47:02:a8:75:e1:45:c1:f9:b9:d5:
87:fd:08:a1:52:93:6b:e0:84:1f:c6:8c:fa:85:2f:ab:24:af:
6c:75:cb:a9:45:99:b3:47:46:02:1d:b0:1a:5d:9f:bc:9c:b5:
a5:af:3a:e3:b6:39:2a:56:aa:28:06:e2:90:13:a2:16:17:4d:
d0:94:8a:84:c8:76:a4:43:79:90:d7:8f:ca:2a:b9:07:f9:14:
b4:a7:73:4f:60:cd:74:f0:fb:50:5f:04:93:a6:80:3a:37:1d:
0d:f1:cf:db:a1:d1:d8:f1:82:c4:78:99:10:6c:54:9f:56:45:
2a:55:3b:a6:d4:03:1a:31:5d:86:b6:3b:f5:dd:b4:13:b6:4e:
79:e9:ce:76:20:e9:74:c3:a6:a3:31:00:a6:22:cc:ee:c9:1c:
ee:1c:34:a7:99:5f:ba:42:80:80:10:90:c9:47:0f:cd:94:84:
6b:f8:24:85:50:59:1d:37:ef:58:86:a4:52:73:18:4f:a9:ff:
5c:34:25:26
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGdx9FzSkLz5UolPivDLaxU4n+X4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MzAyMDA4NTNaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwMDE3ZmI1ZmNmNDgyNTM4MTlkMWM5NTg1OWUyZjU3YzZhYzJlM2JhOWJi
NWY2Yjk0MDhkZjA4Nzg2NmJlMWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMFKHQYJzlKbRvrECVvoHToDw9NOgSVOKEwQVyx804NZhO4g6mS3277+8lS
UzZ2Y/3hAYJnRusSU4+G/OwerFdZPvqu80Rp/9kprWJ8j2/yv+Ng/HLXqXl+2ZPJ
Xn80FniiD7Sk/japTtL5nVZNTBeLLdHBco+swOUkTg0bTJf8YmxGgWO0dLOJ1HUc
4OmzL7CpOZ5N6UedUVfBK8h2mXHviB1qFJmmE3xEOzlyGUtxvZzgZisC7F4OqRKD
QclexHMdWoQqgPo91oY7T40naQRSTG0Xcym+fLYpKl9lp3V4o11UfyKuprLvLE3i
njP3T7ytsK5nq++ABflWQClBGNECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3yKzI
PsEI/Toqps4LvTI2RNPWGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDI2Mzc2NjYtZWQzNC00M2FhLWI3YTgtYmIyOWYzNGZhZDEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Huw
MA0GCSqGSIb3DQEBCwUAA4IBAQAg3MvJ6Wz0GIz2leFglywjPhRuj2VjNPYxqlmG
w8FJt6eYd5s8xlwrIusL1BdTjsOV5+S8PnkjkCBX3ByLq0cCqHXhRcH5udWH/Qih
UpNr4IQfxoz6hS+rJK9sdcupRZmzR0YCHbAaXZ+8nLWlrzrjtjkqVqooBuKQE6IW
F03QlIqEyHakQ3mQ14/KKrkH+RS0p3NPYM108PtQXwSTpoA6Nx0N8c/bodHY8YLE
eJkQbFSfVkUqVTum1AMaMV2Gtjv13bQTtk556c52IOl0w6ajMQCmIszuyRzuHDSn
mV+6QoCAEJDJRw/NlIRr+CSFUFkdN+9YhqRScxhPqf9cNCUm
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:21:45 2025 by rpki-client