Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a64076-9adb-4301-817c-2be1c1e1d57e.roa
File: 04a64076-9adb-4301-817c-2be1c1e1d57e.roa (raw, json)
Hash identifier: bLPyE/JAnBCq7Bhwsp1H69OyNIS83I+F9UBnMoOLTb4=
Subject key identifier: E0:97:1E:99:41:1C:11:2A:E2:B5:80:BE:9B:E7:B3:6B:D6:91:48:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6884BA35688C443929EB9BAB3850EE576CF36FD8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a64076-9adb-4301-817c-2be1c1e1d57e.roa
Signing time: Fri 01 Aug 2025 17:11:13 +0000
ROA not before: Fri 01 Aug 2025 17:11:13 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:84:ba:35:68:8c:44:39:29:eb:9b:ab:38:50:ee:57:6c:f3:6f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:11:13 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=3c1130e60bd37ca7364fbacb0c2132c3cdac2b6bd4dd32829036c24e294b3e75, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:86:7d:c5:1b:2e:21:2c:6f:9d:bf:6a:86:fc:
08:ec:9a:f4:46:4d:fb:d3:3d:9b:8c:35:8f:25:53:
54:21:71:9c:18:87:2c:7a:55:30:08:75:42:d4:83:
c0:fc:6f:e3:8a:50:a6:76:8f:11:98:8b:68:d6:31:
1b:5a:8e:0a:c3:bd:9c:af:6c:e9:f9:37:8b:d0:6a:
bb:f9:b4:65:5d:a1:43:8e:16:c4:5d:31:20:ad:ee:
1c:47:3f:f1:7e:c9:af:ac:2a:b3:b2:ad:0e:75:4d:
32:c1:78:29:8a:e3:e8:6c:a9:48:7d:af:95:ed:79:
7f:e3:9b:28:80:86:1c:69:eb:38:23:6e:9b:f0:57:
6e:fa:12:80:7b:73:41:fa:b3:c8:78:fb:3a:d0:9d:
3e:c6:c9:8e:66:31:56:34:4d:55:30:28:b9:b7:d2:
de:10:cc:4c:d7:b2:8a:a7:48:47:18:34:f3:41:e5:
86:06:b7:2f:68:ed:5e:d0:48:9c:bc:8d:ef:7a:eb:
a6:b9:f5:6f:14:39:db:75:2e:b2:d2:ad:bd:1b:b5:
ee:23:40:71:43:0e:63:b7:df:df:28:f4:85:da:d3:
ca:6a:9b:81:49:ec:34:54:4d:9e:73:cd:da:94:56:
1e:2d:f7:bd:0f:90:7c:2c:e6:99:c2:4b:35:79:4d:
55:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:97:1E:99:41:1C:11:2A:E2:B5:80:BE:9B:E7:B3:6B:D6:91:48:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a64076-9adb-4301-817c-2be1c1e1d57e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:800::/40
Signature Algorithm: sha256WithRSAEncryption
0b:78:1b:a6:b1:96:02:e7:79:14:13:14:5d:b5:a7:af:a5:34:
1f:78:df:a2:73:66:7f:22:89:7b:35:d1:e5:aa:32:8e:47:92:
6d:37:52:7d:ef:52:ff:34:4b:b4:7d:34:55:e3:64:05:19:c4:
0e:51:9f:a0:61:43:16:88:8b:4a:7c:17:c4:8c:bb:61:24:b8:
d4:b2:6b:b1:0f:f6:42:24:b1:ca:ad:e1:e6:fa:ad:9c:32:4f:
81:3c:49:ee:f0:01:35:55:29:ea:5b:39:fa:46:42:12:ff:73:
cc:e7:e9:18:93:15:6f:79:61:4b:99:a4:13:21:96:b3:77:39:
5d:c4:dc:8a:27:b0:e4:9a:53:73:07:ba:ba:fa:99:d3:96:a0:
2b:f9:f0:6a:2f:ab:7a:7d:c5:cf:13:d3:f5:bc:be:1f:c7:5d:
a9:97:65:fa:1b:2d:0a:9f:44:6e:ff:22:c4:9d:ce:eb:eb:b2:
c4:49:9a:3b:90:65:91:2f:f7:02:26:5b:be:66:5c:b7:34:6c:
02:ed:3b:18:62:ab:5e:79:cd:01:40:d8:75:4f:6c:dc:3d:e1:
94:a6:28:8a:e6:05:e3:cf:38:24:fa:a1:e4:14:b3:0d:1a:95:
68:aa:d4:da:56:95:12:56:bc:85:b8:0c:24:a7:d9:b8:63:01:
d1:2a:a3:c4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaIS6NWiMRDkp65urOFDuV2zzb9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzExMTNaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjMTEzMGU2MGJkMzdjYTczNjRmYmFjYjBjMjEzMmMzY2RhYzJiNmJkNGRk
MzI4MjkwMzZjMjRlMjk0YjNlNzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANuGfcUbLiEsb52/aob8COya9EZN+9M9m4w1jyVTVCFxnBiHLHpVMAh1QtSD
wPxv44pQpnaPEZiLaNYxG1qOCsO9nK9s6fk3i9Bqu/m0ZV2hQ44WxF0xIK3uHEc/
8X7Jr6wqs7KtDnVNMsF4KYrj6GypSH2vle15f+ObKICGHGnrOCNum/BXbvoSgHtz
QfqzyHj7OtCdPsbJjmYxVjRNVTAoubfS3hDMTNeyiqdIRxg080Hlhga3L2jtXtBI
nLyN73rrprn1bxQ523UustKtvRu17iNAcUMOY7ff3yj0hdrTymqbgUnsNFRNnnPN
2pRWHi33vQ+QfCzmmcJLNXlNVesCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTglx6Z
QRwRKuK1gL6b57Nr1pFIeDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRhNjQwNzYtOWFkYi00MzAxLTgxN2MtMmJlMWMxZTFkNTdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HEI
MA0GCSqGSIb3DQEBCwUAA4IBAQALeBumsZYC53kUExRdtaevpTQfeN+ic2Z/Iol7
NdHlqjKOR5JtN1J971L/NEu0fTRV42QFGcQOUZ+gYUMWiItKfBfEjLthJLjUsmux
D/ZCJLHKreHm+q2cMk+BPEnu8AE1VSnqWzn6RkIS/3PM5+kYkxVveWFLmaQTIZaz
dzldxNyKJ7DkmlNzB7q6+pnTlqAr+fBqL6t6fcXPE9P1vL4fx12pl2X6Gy0Kn0Ru
/yLEnc7r67LESZo7kGWRL/cCJlu+Zly3NGwC7TsYYqteec0BQNh1T2zcPeGUpiiK
5gXjzzgk+qHkFLMNGpVoqtTaVpUSVryFuAwkp9m4YwHRKqPE
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:58 2025 by rpki-client