Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1277c797-1181-445f-b798-ef72bbfc284c.roa
File: 1277c797-1181-445f-b798-ef72bbfc284c.roa (raw, json)
Hash identifier: cYUCGbQdcTnXq1L32inutSzjftEtQakvaFBDpBlRApE=
Subject key identifier: 7B:11:99:03:D0:18:C8:4A:45:6C:53:1C:42:8A:E9:2E:5D:D0:42:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1482FB700F4D35E500EB3D09E23BC289D05102A9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1277c797-1181-445f-b798-ef72bbfc284c.roa
Signing time: Fri 25 Jul 2025 16:50:07 +0000
ROA not before: Fri 25 Jul 2025 16:50:07 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:82:fb:70:0f:4d:35:e5:00:eb:3d:09:e2:3b:c2:89:d0:51:02:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:50:07 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=fd0290a8e9644b2af43e2d3e2179c81acc3481caa2bfde41e476465f6e1c1260, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b4:61:b9:1b:bf:56:25:dd:f8:f2:05:83:26:
03:77:3f:a7:ba:3c:9e:7c:42:6d:24:c3:71:09:2a:
3d:21:cb:8a:49:4c:03:58:03:64:59:8b:94:39:e7:
44:69:3e:f4:c2:e6:49:61:1a:19:4e:44:bb:47:1f:
5f:5f:c5:94:2a:8d:69:b6:96:aa:49:26:a2:eb:31:
b1:5d:b5:7d:ee:51:13:fe:e7:3c:d8:7d:4c:c0:59:
10:ec:a6:ff:bd:09:9f:aa:9b:4c:7e:a5:60:9f:14:
6b:bf:2b:92:e1:0b:ed:44:f6:c6:85:35:f4:a6:cb:
b3:03:52:5d:25:30:53:95:5c:76:d2:6e:3e:0e:fd:
8d:65:2c:06:60:27:cc:76:c9:f0:ce:af:ab:dc:48:
ef:0d:71:98:5c:c4:15:01:c2:ef:f2:f6:b1:be:aa:
59:47:8e:69:42:6c:e4:ed:a0:ca:46:8e:6e:28:7d:
12:aa:5b:02:70:fa:86:2d:73:92:30:17:e6:46:7d:
db:83:e3:89:b5:14:08:b3:0c:d1:ec:06:80:94:1e:
94:c0:7c:9e:8f:3a:99:78:26:a5:6d:d6:80:53:6d:
25:60:7a:3a:f9:44:08:2e:8b:a2:d2:05:30:5a:c0:
fa:e3:58:cd:34:87:e0:70:86:e8:a5:85:20:7c:7b:
21:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:11:99:03:D0:18:C8:4A:45:6C:53:1C:42:8A:E9:2E:5D:D0:42:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1277c797-1181-445f-b798-ef72bbfc284c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:e000::/40
Signature Algorithm: sha256WithRSAEncryption
41:22:d0:9c:02:68:4c:a9:7f:34:c8:00:23:e2:5a:53:95:41:
2e:44:d7:21:96:95:32:3d:e6:68:03:82:6f:7b:f4:53:f5:9b:
68:ca:61:98:a5:60:31:b2:fc:c9:dd:63:cc:d4:9f:d7:0b:b0:
e6:95:fa:c0:38:80:2f:d8:8e:09:3a:69:08:e8:9d:ae:71:96:
f8:64:98:36:69:7d:df:7a:7c:ea:2f:92:f4:60:d3:1e:72:86:
d6:0f:80:34:92:2b:44:16:45:8e:c9:c9:48:6d:c3:f4:2c:b3:
49:31:9d:b7:87:5a:12:57:90:b9:23:cc:d2:89:9e:67:18:d9:
d4:55:dd:32:ee:b3:d8:55:20:ad:01:d4:06:b6:72:05:ad:6f:
c9:68:2a:47:85:1b:0c:4b:27:2b:d0:0e:9b:4e:10:7f:d0:d4:
c8:48:d6:80:f4:70:93:95:b7:c8:64:40:ad:7e:ef:c8:0b:61:
d3:af:13:31:2d:57:b3:8b:1f:15:d4:4c:c0:59:64:3d:c4:b3:
7e:d9:5d:5c:45:3a:93:d4:8a:e0:16:78:29:0f:d4:ac:aa:9e:
9a:28:f9:da:df:14:ba:f8:c7:d4:c4:2b:f9:b4:96:ef:91:69:
f6:82:53:6a:a2:74:24:d2:37:3d:87:fd:a8:84:b5:56:bc:5f:
9a:e4:49:b8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFIL7cA9NNeUA6z0J4jvCidBRAqkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUwMDdaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkMDI5MGE4ZTk2NDRiMmFmNDNlMmQzZTIxNzljODFhY2MzNDgxY2FhMmJm
ZGU0MWU0NzY0NjVmNmUxYzEyNjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALy0Ybkbv1Yl3fjyBYMmA3c/p7o8nnxCbSTDcQkqPSHLiklMA1gDZFmLlDnn
RGk+9MLmSWEaGU5Eu0cfX1/FlCqNabaWqkkmousxsV21fe5RE/7nPNh9TMBZEOym
/70Jn6qbTH6lYJ8Ua78rkuEL7UT2xoU19KbLswNSXSUwU5VcdtJuPg79jWUsBmAn
zHbJ8M6vq9xI7w1xmFzEFQHC7/L2sb6qWUeOaUJs5O2gykaObih9EqpbAnD6hi1z
kjAX5kZ924PjibUUCLMM0ewGgJQelMB8no86mXgmpW3WgFNtJWB6OvlECC6LotIF
MFrA+uNYzTSH4HCG6KWFIHx7ISUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR7EZkD
0BjISkVsUxxCiukuXdBCpjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTI3N2M3OTctMTE4MS00NDVmLWI3OTgtZWY3MmJiZmMyODRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTg
MA0GCSqGSIb3DQEBCwUAA4IBAQBBItCcAmhMqX80yAAj4lpTlUEuRNchlpUyPeZo
A4Jve/RT9ZtoymGYpWAxsvzJ3WPM1J/XC7DmlfrAOIAv2I4JOmkI6J2ucZb4ZJg2
aX3fenzqL5L0YNMecobWD4A0kitEFkWOyclIbcP0LLNJMZ23h1oSV5C5I8zSiZ5n
GNnUVd0y7rPYVSCtAdQGtnIFrW/JaCpHhRsMSycr0A6bThB/0NTISNaA9HCTlbfI
ZECtfu/IC2HTrxMxLVezix8V1EzAWWQ9xLN+2V1cRTqT1IrgFngpD9Ssqp6aKPna
3xS6+MfUxCv5tJbvkWn2glNqonQk0jc9h/2ohLVWvF+a5Em4
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:02:43 2025 by rpki-client