Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
File: 03f51c56-79aa-48ca-895c-790a431bbd73.roa (raw, json)
Hash identifier: BxbWUPXnqmV5nSovRbfDaoJOaK6GgCTLXZWcvdu055s=
Subject key identifier: E9:F0:0C:44:B9:3B:59:DC:12:70:34:B8:BF:21:D4:59:DA:DD:87:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3415C94C345A12306D72E5179A82086431036E5F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
Signing time: Fri 01 Aug 2025 17:11:09 +0000
ROA not before: Fri 01 Aug 2025 17:11:09 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:15:c9:4c:34:5a:12:30:6d:72:e5:17:9a:82:08:64:31:03:6e:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:11:09 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=b774d7f37d544db1c6f96fd8cdac9de2d42d8672962313747c58c47ebaee37f1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d4:94:7f:55:92:ae:0b:30:44:dd:14:c8:8e:
0c:0c:b8:c0:46:6f:13:f2:da:08:05:1a:49:b5:08:
a6:ca:3e:b5:e4:d9:e3:bb:a1:98:27:f6:d2:b0:a7:
81:2f:27:70:6f:44:a2:6a:9e:a0:09:63:83:29:0b:
90:1f:25:fd:84:ad:e1:11:b7:f7:ac:f0:c6:79:d0:
d7:b4:9f:54:14:26:1e:ea:f8:33:45:7e:43:34:0c:
39:e8:e4:61:c6:95:ec:e6:b9:67:e0:85:b3:1c:55:
91:46:51:9d:e2:43:38:53:3b:9c:61:7e:9e:ec:19:
63:95:33:50:8d:dd:e6:c7:4e:ed:f7:e5:68:01:6d:
a6:d6:2a:48:9b:ec:80:b3:74:42:9d:fe:da:4f:ec:
96:a3:80:4f:1c:d0:87:63:8d:31:99:db:7e:53:c5:
c9:eb:3d:8c:20:08:9c:62:da:27:fc:1a:91:1c:34:
05:22:15:90:3c:ff:53:79:cc:5d:fc:58:17:71:5f:
ba:b7:f6:8b:34:0a:6e:f8:e0:e8:f8:9a:1e:1c:eb:
ef:3f:76:c6:ad:90:e3:e4:e4:ae:fc:36:72:03:8d:
d7:c0:29:e7:3d:20:bb:27:71:1c:03:89:8b:ac:17:
83:4a:ae:a3:d4:d1:44:16:1a:d0:8f:fb:58:61:57:
e4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F0:0C:44:B9:3B:59:DC:12:70:34:B8:BF:21:D4:59:DA:DD:87:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:800::/40
Signature Algorithm: sha256WithRSAEncryption
c9:00:d9:27:bb:04:2c:64:3e:74:7e:ec:c0:fb:34:c1:2b:7e:
af:46:aa:ef:b7:ea:cf:c9:17:aa:35:2b:4b:43:e4:a9:a5:61:
93:ae:2f:cd:fa:41:7e:26:61:2e:b2:ec:bd:5b:e1:04:9f:2e:
b4:42:d3:15:4b:39:77:07:3e:a9:4b:c7:bc:f8:f4:b3:69:00:
cc:43:21:68:ea:23:0d:1b:86:57:3a:4e:d8:c4:5c:64:da:77:
44:56:3b:10:73:11:62:71:d3:a1:f0:40:27:39:4e:f9:22:c6:
70:80:4c:34:8c:e4:cd:1b:ea:af:3f:23:fc:78:cc:37:ac:9d:
36:07:32:0f:e9:27:4b:3d:a1:64:0a:38:44:7f:08:e2:d2:56:
a9:4d:df:75:c2:58:89:d3:81:cb:42:47:53:cf:ab:5b:7e:66:
8c:0d:8e:47:36:66:ee:19:20:c6:9f:b4:90:8f:e4:d0:61:3b:
4b:1b:f6:23:9b:76:13:bf:2d:79:1e:47:c6:a6:d8:61:12:25:
f3:bb:21:08:9f:0f:2d:a5:d5:6e:6d:0d:54:54:9e:e4:9b:cb:
07:35:6e:c2:ee:67:58:a7:5f:a2:23:b7:2b:96:bb:d1:b5:c6:
68:bc:94:54:b2:4a:88:6e:b7:7d:57:60:40:d3:ab:83:01:5a:
34:cc:35:c5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNBXJTDRaEjBtcuUXmoIIZDEDbl8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzExMDlaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3NzRkN2YzN2Q1NDRkYjFjNmY5NmZkOGNkYWM5ZGUyZDQyZDg2NzI5NjIz
MTM3NDdjNThjNDdlYmFlZTM3ZjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKLUlH9Vkq4LMETdFMiODAy4wEZvE/LaCAUaSbUIpso+teTZ47uhmCf20rCn
gS8ncG9EomqeoAljgykLkB8l/YSt4RG396zwxnnQ17SfVBQmHur4M0V+QzQMOejk
YcaV7Oa5Z+CFsxxVkUZRneJDOFM7nGF+nuwZY5UzUI3d5sdO7fflaAFtptYqSJvs
gLN0Qp3+2k/slqOATxzQh2ONMZnbflPFyes9jCAInGLaJ/wakRw0BSIVkDz/U3nM
XfxYF3Ffurf2izQKbvjg6PiaHhzr7z92xq2Q4+Tkrvw2cgON18Ap5z0guydxHAOJ
i6wXg0quo9TRRBYa0I/7WGFX5NsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTp8AxE
uTtZ3BJwNLi/IdRZ2t2HvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDNmNTFjNTYtNzlhYS00OGNhLTg5NWMtNzkwYTQzMWJiZDczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUI
MA0GCSqGSIb3DQEBCwUAA4IBAQDJANknuwQsZD50fuzA+zTBK36vRqrvt+rPyReq
NStLQ+SppWGTri/N+kF+JmEusuy9W+EEny60QtMVSzl3Bz6pS8e8+PSzaQDMQyFo
6iMNG4ZXOk7YxFxk2ndEVjsQcxFicdOh8EAnOU75IsZwgEw0jOTNG+qvPyP8eMw3
rJ02BzIP6SdLPaFkCjhEfwji0lapTd91wliJ04HLQkdTz6tbfmaMDY5HNmbuGSDG
n7SQj+TQYTtLG/Yjm3YTvy15HkfGpthhEiXzuyEInw8tpdVubQ1UVJ7km8sHNW7C
7mdYp1+iI7crlrvRtcZovJRUskqIbrd9V2BA06uDAVo0zDXF
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:04:41 2025 by rpki-client