Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa
File: 1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa (raw, json)
Hash identifier: KCnYp75SDiJWuXbiJUvAxP7Ry3qH+DAb5pbFSx0HCIg=
Subject key identifier: E6:33:E0:1E:8A:58:AA:0D:DE:97:41:43:25:0A:92:4F:AB:1D:44:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0FDF90F0C2D641904D7679BC34DB3DD81C766E7C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa
Signing time: Mon 21 Jul 2025 16:50:12 +0000
ROA not before: Mon 21 Jul 2025 16:50:12 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:80c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:df:90:f0:c2:d6:41:90:4d:76:79:bc:34:db:3d:d8:1c:76:6e:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:50:12 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=d80c702bbb12e84aea91cd08c9eac467742cfb3bbda63012c9c62d954bfc18ca, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:72:be:9d:a3:08:30:50:2e:7e:cd:37:5f:78:
57:b9:9f:6f:76:20:0b:16:ec:ee:5c:10:c6:40:4e:
32:50:e8:07:39:c9:67:bd:b8:b7:89:46:62:62:71:
d1:60:cb:16:35:05:4d:c1:63:04:8b:24:e5:98:89:
bc:db:68:32:20:91:fc:fa:de:19:dd:51:0b:cb:da:
e5:3e:df:16:5a:80:2a:d5:cd:53:d4:8f:66:9e:cc:
08:c6:a0:29:24:0d:be:0d:b7:e7:57:0d:79:4d:f2:
93:85:76:47:4c:fe:61:6a:2d:ec:89:89:83:8b:49:
48:f7:bb:72:14:95:49:db:f8:98:70:4b:e6:3c:ce:
b9:ce:94:42:7a:31:fe:95:b7:1f:25:55:3f:d2:0c:
60:08:f8:2b:5b:14:4b:66:7b:05:d8:c3:e4:5d:71:
19:09:88:48:41:2c:04:23:51:f6:f8:3f:84:ce:93:
c2:73:7b:3c:b0:1f:40:52:15:cd:44:ea:fe:34:66:
e0:d9:3d:8e:40:7d:7a:8c:d2:cc:d7:68:4e:f8:ca:
ee:8d:23:18:cf:5d:5a:86:75:6f:97:ec:31:1d:99:
d5:6a:1c:3e:9e:c5:82:18:a2:bd:a2:1d:78:0d:06:
5a:38:0e:31:30:74:f1:28:6d:33:7f:e3:b3:89:82:
55:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:33:E0:1E:8A:58:AA:0D:DE:97:41:43:25:0A:92:4F:AB:1D:44:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1730fb0f-afd2-4a40-b218-7d0df2b2a1e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:80c0::/46
Signature Algorithm: sha256WithRSAEncryption
40:23:0d:e4:08:c8:a7:44:9d:9b:18:21:73:7d:90:5e:a9:0b:
ae:e3:a4:91:32:98:61:d1:bf:b6:09:03:9b:46:ba:b3:b5:48:
36:8d:59:1c:b9:0f:06:04:42:fe:24:5c:af:70:94:35:90:f1:
e8:fe:2c:de:e4:a7:9d:2f:42:a4:89:cb:85:0b:fe:7d:46:6d:
32:13:fd:b4:b5:5d:9f:b8:51:18:de:da:81:9a:b6:a2:0e:40:
ed:fc:6b:22:ba:17:f5:3a:2a:68:2f:e8:5d:df:b8:df:97:b5:
47:d9:ab:d5:50:ff:07:0f:2b:53:49:b9:0a:e2:e9:18:6f:50:
be:46:f6:54:8e:cb:14:76:fb:e1:81:0c:23:24:18:ad:f8:16:
b0:e3:a1:8c:3a:56:7d:ab:3f:f8:c4:76:7f:bb:52:4c:85:40:
ec:d7:0e:44:d9:9f:9d:fa:5c:4f:4f:e9:59:c7:ef:40:f8:f2:
0d:ab:a3:b4:b6:7f:7c:ad:f6:ae:0c:c0:a8:15:6e:0c:08:25:
23:61:e9:e1:b2:39:44:b1:80:bf:d2:52:a8:6b:5c:8e:07:16:
23:73:a7:4d:db:91:05:ff:1d:e9:d2:23:df:d0:8c:7b:d9:b0:
90:5b:b3:74:d4:c3:85:3f:6b:52:fb:9d:07:6b:1f:a9:e3:47:
a4:99:37:57
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUD9+Q8MLWQZBNdnm8NNs92Bx2bnwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjUwMTJaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4MGM3MDJiYmIxMmU4NGFlYTkxY2QwOGM5ZWFjNDY3NzQyY2ZiM2JiZGE2
MzAxMmM5YzYyZDk1NGJmYzE4Y2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZyvp2jCDBQLn7NN194V7mfb3YgCxbs7lwQxkBOMlDoBznJZ724t4lGYmJx
0WDLFjUFTcFjBIsk5ZiJvNtoMiCR/PreGd1RC8va5T7fFlqAKtXNU9SPZp7MCMag
KSQNvg2351cNeU3yk4V2R0z+YWot7ImJg4tJSPe7chSVSdv4mHBL5jzOuc6UQnox
/pW3HyVVP9IMYAj4K1sUS2Z7BdjD5F1xGQmISEEsBCNR9vg/hM6TwnN7PLAfQFIV
zUTq/jRm4Nk9jkB9eozSzNdoTvjK7o0jGM9dWoZ1b5fsMR2Z1WocPp7FghiivaId
eA0GWjgOMTB08ShtM3/js4mCVbsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTmM+Ae
iliqDd6XQUMlCpJPqx1EajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTczMGZiMGYtYWZkMi00YTQwLWIyMTgtN2QwZGYyYjJhMWU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOA
wDANBgkqhkiG9w0BAQsFAAOCAQEAQCMN5AjIp0Sdmxghc32QXqkLruOkkTKYYdG/
tgkDm0a6s7VINo1ZHLkPBgRC/iRcr3CUNZDx6P4s3uSnnS9CpInLhQv+fUZtMhP9
tLVdn7hRGN7agZq2og5A7fxrIroX9ToqaC/oXd+435e1R9mr1VD/Bw8rU0m5CuLp
GG9Qvkb2VI7LFHb74YEMIyQYrfgWsOOhjDpWfas/+MR2f7tSTIVA7NcORNmfnfpc
T0/pWcfvQPjyDaujtLZ/fK32rgzAqBVuDAglI2Hp4bI5RLGAv9JSqGtcjgcWI3On
TduRBf8d6dIj39CMe9mwkFuzdNTDhT9rUvudB2sfqeNHpJk3Vw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:36 2025 by rpki-client