Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d7cce47-064e-4ba2-aec5-2acc2ca04a59.roa
File: 0d7cce47-064e-4ba2-aec5-2acc2ca04a59.roa (raw, json)
Hash identifier: PZ+5zXT/kYvGcOPDnY0UDyiGYJPymxAQhrtBpyc7418=
Subject key identifier: B2:81:0B:FE:B1:D1:9E:EC:96:60:B1:D1:B6:4A:48:D2:EB:2C:35:94
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C03D0D7FED30E1D254862311AE8B1B56C3850EC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d7cce47-064e-4ba2-aec5-2acc2ca04a59.roa
Signing time: Fri 01 Aug 2025 17:11:07 +0000
ROA not before: Fri 01 Aug 2025 17:11:07 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:03:d0:d7:fe:d3:0e:1d:25:48:62:31:1a:e8:b1:b5:6c:38:50:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:11:07 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=f878d084ba26bf01d2f80d54941313f3b55ca1dc99a35668e647374fae50c49c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2b:68:7e:6b:3c:6f:47:d1:55:96:4e:38:7a:
b3:54:7b:6b:4b:de:af:38:c7:ae:0d:fd:8f:dd:46:
06:65:9f:d7:cf:7f:c7:ce:65:ea:5b:70:c7:7b:86:
16:a1:25:c6:aa:60:71:36:55:d4:eb:ab:84:4c:61:
d9:76:a0:59:fd:d9:43:76:ce:e8:70:c4:78:4c:5d:
cf:9c:ec:74:39:9e:62:df:eb:cb:06:17:32:57:a4:
56:cd:5e:aa:e4:7c:c1:5b:a2:f7:73:15:0c:e3:fd:
10:95:72:f1:90:9c:9b:fe:bc:1c:a2:86:f6:2d:f4:
03:89:46:75:b9:26:e5:33:1e:24:29:10:fd:84:b3:
f1:5a:21:fe:41:7c:f2:e5:60:08:72:d6:57:2d:8c:
6b:99:1b:5c:2c:89:fa:6a:ee:fd:9b:c7:1d:ec:ce:
d6:65:82:d7:68:95:ab:fc:b6:4f:d4:da:b9:43:6a:
be:1f:bd:89:05:0a:2b:dd:ad:67:78:1c:2d:dd:b5:
89:bb:8c:dd:b1:0e:ef:b8:ff:28:35:b7:72:b9:23:
45:dc:8d:bd:71:8d:4b:6b:ec:ca:58:a9:56:4d:e4:
90:7e:d2:57:1d:b0:b3:5c:ff:d5:d8:46:e4:a7:ed:
e9:e8:d0:9d:66:f4:5f:6c:6f:af:d7:d7:0e:d5:e6:
a3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:81:0B:FE:B1:D1:9E:EC:96:60:B1:D1:B6:4A:48:D2:EB:2C:35:94
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d7cce47-064e-4ba2-aec5-2acc2ca04a59.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:800::/40
Signature Algorithm: sha256WithRSAEncryption
4d:05:0d:36:20:b4:76:6b:c4:58:b5:49:74:0a:ac:f5:15:f4:
33:80:69:d6:18:f7:d7:9f:18:76:04:7c:d0:c5:1d:14:0f:cd:
ff:1a:8a:a0:32:01:91:37:cc:eb:3f:d3:3b:17:ee:2b:00:65:
87:9a:00:25:04:a8:40:05:2e:ee:86:3b:85:ef:59:20:11:8c:
73:25:3d:82:ae:d1:21:0b:93:72:08:b0:e5:0b:d6:e4:e3:02:
92:5d:2a:cb:c7:19:5b:7a:8e:1a:04:e4:22:e1:9f:17:39:d0:
29:79:6e:f5:13:ad:c9:e1:9a:b3:57:a3:fa:88:20:22:7c:0e:
9c:d3:77:fc:48:f6:ca:ab:39:fc:7f:6d:83:dd:d3:13:b6:16:
5b:81:e8:3c:7b:04:d5:f9:29:05:1e:a5:0a:bb:63:60:d3:6c:
e1:41:6e:c9:8c:3d:b5:f4:a7:1c:5e:4d:88:56:65:b6:86:3f:
30:da:f9:3d:0c:6b:2f:db:00:9d:05:ce:1e:6c:a0:c0:9d:e2:
0a:22:78:85:13:e5:fb:ae:93:c2:6c:2e:83:3a:9a:1d:06:79:
61:dc:9c:76:b3:de:a4:d6:08:8f:d3:d7:be:88:6d:46:50:6c:
91:8a:15:b1:a4:f0:31:c5:f7:91:43:2a:9d:01:79:60:27:6d:
04:84:71:5d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfAPQ1/7TDh0lSGIxGuixtWw4UOwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzExMDdaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4NzhkMDg0YmEyNmJmMDFkMmY4MGQ1NDk0MTMxM2YzYjU1Y2ExZGM5OWEz
NTY2OGU2NDczNzRmYWU1MGM0OWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8raH5rPG9H0VWWTjh6s1R7a0verzjHrg39j91GBmWf189/x85l6ltwx3uG
FqElxqpgcTZV1OurhExh2XagWf3ZQ3bO6HDEeExdz5zsdDmeYt/rywYXMlekVs1e
quR8wVui93MVDOP9EJVy8ZCcm/68HKKG9i30A4lGdbkm5TMeJCkQ/YSz8Voh/kF8
8uVgCHLWVy2Ma5kbXCyJ+mru/ZvHHezO1mWC12iVq/y2T9TauUNqvh+9iQUKK92t
Z3gcLd21ibuM3bEO77j/KDW3crkjRdyNvXGNS2vsylipVk3kkH7SVx2ws1z/1dhG
5Kft6ejQnWb0X2xvr9fXDtXmo2MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSygQv+
sdGe7JZgsdG2SkjS6yw1lDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGQ3Y2NlNDctMDY0ZS00YmEyLWFlYzUtMmFjYzJjYTA0YTU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H4I
MA0GCSqGSIb3DQEBCwUAA4IBAQBNBQ02ILR2a8RYtUl0Cqz1FfQzgGnWGPfXnxh2
BHzQxR0UD83/GoqgMgGRN8zrP9M7F+4rAGWHmgAlBKhABS7uhjuF71kgEYxzJT2C
rtEhC5NyCLDlC9bk4wKSXSrLxxlbeo4aBOQi4Z8XOdApeW71E63J4ZqzV6P6iCAi
fA6c03f8SPbKqzn8f22D3dMTthZbgeg8ewTV+SkFHqUKu2Ng02zhQW7JjD219Kcc
Xk2IVmW2hj8w2vk9DGsv2wCdBc4ebKDAneIKIniFE+X7rpPCbC6DOpodBnlh3Jx2
s96k1giP09e+iG1GUGyRihWxpPAxxfeRQyqdAXlgJ20EhHFd
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:28 2025 by rpki-client