Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
File: 11758a9b-0e07-4929-92b2-ff867af4fa4f.roa (raw, json)
Hash identifier: GEtakylsVY4VHMNZpvcACrefwCz/aa8GTG3jn4/azZc=
Subject key identifier: 94:1F:0D:3F:5C:66:0D:1E:57:53:A9:A6:9B:C0:DC:75:26:BF:51:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4919F05FA7C4757DB82BA52B19CD939C59C6EAD7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
Signing time: Mon 28 Jul 2025 16:11:06 +0000
ROA not before: Mon 28 Jul 2025 16:11:06 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:19:f0:5f:a7:c4:75:7d:b8:2b:a5:2b:19:cd:93:9c:59:c6:ea:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:11:06 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=140e204f7a53e0f88963a26c4d51058f98ead0804332611d862cd29c23a6c84e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:73:0d:90:ad:9d:41:dc:8c:95:8c:f8:41:1d:
b7:7a:66:ec:ff:ee:b2:f9:24:45:41:2e:e3:3e:62:
d4:65:d3:f2:6f:43:73:93:45:aa:e5:26:60:78:1f:
95:ca:ed:ec:89:84:f9:38:e7:de:fc:7a:9b:7e:b5:
de:a6:c6:a0:75:52:a1:05:f0:9f:3c:7e:49:41:0b:
2d:dc:31:4a:e5:06:0e:a0:eb:69:b5:28:69:1a:8c:
88:d2:ca:7b:f5:b3:fc:fe:19:8d:83:3e:1c:72:1d:
0d:d5:17:3a:ae:00:9c:a2:40:94:82:13:df:42:ab:
a6:b7:91:5c:70:de:11:63:26:0e:c2:d9:9d:db:01:
a7:54:57:23:61:ef:4f:88:b4:c6:8e:a2:7b:15:35:
4d:32:0c:1f:65:2d:0a:3a:24:62:2d:e4:e0:8a:16:
00:a4:db:4e:41:e4:2a:bf:72:f1:0b:a5:e8:64:45:
40:be:d6:38:fc:11:79:6e:8f:e9:ee:eb:ff:bf:b6:
20:de:28:f7:26:b9:86:93:47:c7:0a:06:0c:3e:0d:
04:ef:1d:18:7a:61:9f:4c:1c:d8:8a:da:9c:4f:c5:
0e:a3:c9:4b:9e:a1:91:65:eb:6d:76:6d:57:e6:7f:
fd:89:24:77:47:95:bc:1b:dc:2a:b9:cc:6f:2b:ea:
b6:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:1F:0D:3F:5C:66:0D:1E:57:53:A9:A6:9B:C0:DC:75:26:BF:51:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:2000::/40
Signature Algorithm: sha256WithRSAEncryption
59:87:85:b7:35:db:2f:e9:34:d7:a1:e5:a4:5c:1c:6b:2a:bf:
df:31:b6:4d:6c:38:af:bb:1c:90:02:79:5f:c0:12:13:59:52:
65:21:1d:a0:95:6a:62:74:8f:31:ca:f0:ea:eb:a3:6e:de:2c:
15:0d:8d:b7:96:65:ca:25:fd:51:cf:ca:8a:2e:c6:c3:c0:48:
30:da:79:e9:1b:15:8e:78:68:12:47:95:e4:50:72:4b:b6:f9:
e0:cd:f3:61:cc:a3:d4:b4:65:44:9a:63:c8:54:ba:f9:f1:b9:
58:2c:9c:f9:fc:e6:a0:a2:d7:9b:cd:e8:5b:6f:0b:c9:23:69:
a7:48:dd:cb:d6:7c:c6:75:a4:22:c4:a4:a6:5a:5c:bf:60:19:
16:7d:73:93:a3:c1:f8:b1:12:89:1c:e1:d1:61:8e:83:ac:ac:
30:1c:50:73:d8:9f:09:ab:3a:96:4b:38:c8:0a:61:a7:3b:2c:
96:32:d8:7b:2b:eb:85:2c:6a:f9:33:83:6c:5e:73:b5:51:4f:
19:b8:4a:71:cc:41:ff:38:44:56:54:3a:f3:48:dd:4e:5e:f6:
f3:c3:37:89:8a:20:2e:a4:4a:bd:7e:9a:16:b3:2a:e4:82:67:
f8:28:93:d5:6c:b9:1e:f0:1d:43:51:37:78:eb:30:fe:c0:c8:
66:63:cc:80
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSRnwX6fEdX24K6UrGc2TnFnG6tcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjExMDZaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0MGUyMDRmN2E1M2UwZjg4OTYzYTI2YzRkNTEwNThmOThlYWQwODA0MzMy
NjExZDg2MmNkMjljMjNhNmM4NGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANpzDZCtnUHcjJWM+EEdt3pm7P/usvkkRUEu4z5i1GXT8m9Dc5NFquUmYHgf
lcrt7ImE+Tjn3vx6m3613qbGoHVSoQXwnzx+SUELLdwxSuUGDqDrabUoaRqMiNLK
e/Wz/P4ZjYM+HHIdDdUXOq4AnKJAlIIT30KrpreRXHDeEWMmDsLZndsBp1RXI2Hv
T4i0xo6iexU1TTIMH2UtCjokYi3k4IoWAKTbTkHkKr9y8Qul6GRFQL7WOPwReW6P
6e7r/7+2IN4o9ya5hpNHxwoGDD4NBO8dGHphn0wc2IranE/FDqPJS56hkWXrbXZt
V+Z//Ykkd0eVvBvcKrnMbyvqtvsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSUHw0/
XGYNHldTqaabwNx1Jr9RAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTE3NThhOWItMGUwNy00OTI5LTkyYjItZmY4NjdhZjRmYTRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQg
MA0GCSqGSIb3DQEBCwUAA4IBAQBZh4W3Ndsv6TTXoeWkXBxrKr/fMbZNbDivuxyQ
AnlfwBITWVJlIR2glWpidI8xyvDq66Nu3iwVDY23lmXKJf1Rz8qKLsbDwEgw2nnp
GxWOeGgSR5XkUHJLtvngzfNhzKPUtGVEmmPIVLr58blYLJz5/OagotebzehbbwvJ
I2mnSN3L1nzGdaQixKSmWly/YBkWfXOTo8H4sRKJHOHRYY6DrKwwHFBz2J8JqzqW
SzjICmGnOyyWMth7K+uFLGr5M4NsXnO1UU8ZuEpxzEH/OERWVDrzSN1OXvbzwzeJ
iiAupEq9fpoWsyrkgmf4KJPVbLke8B1DUTd46zD+wMhmY8yA
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:58:40 2025 by rpki-client