Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1bb27900-3531-4083-aef8-cc7656dba027.roa
File: 1bb27900-3531-4083-aef8-cc7656dba027.roa (raw, json)
Hash identifier: 5XgNkImexjcExV+SVjXw23RRZ6tly/h1xzChVLk6TYs=
Subject key identifier: 82:D6:C4:9F:C2:36:D0:18:E7:11:64:19:6A:BA:63:A3:77:C5:EE:F2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 508223A09B1F88FFE17FA3ACE9E494DE6FB6C52C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1bb27900-3531-4083-aef8-cc7656dba027.roa
Signing time: Mon 21 Jul 2025 16:50:11 +0000
ROA not before: Mon 21 Jul 2025 16:50:11 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:82:23:a0:9b:1f:88:ff:e1:7f:a3:ac:e9:e4:94:de:6f:b6:c5:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:50:11 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=c4a2662fcb5b5453c2b0a4b7fb2e31704d9a108b89e3773384c017684683ceca, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9e:e9:bb:fe:56:dc:6a:90:00:03:a3:9a:4c:
26:f2:3c:4f:f9:c9:38:69:d0:24:e4:91:79:5f:3a:
07:56:67:21:e2:0f:53:65:af:49:3b:5a:61:70:27:
00:e2:eb:f0:a9:1c:7f:ae:d9:d4:a6:2b:79:d8:32:
0d:97:7e:95:ff:6e:2d:02:26:60:84:82:09:df:3d:
06:18:1f:27:6d:bf:40:e9:74:a1:9d:96:07:00:27:
ec:e1:ab:21:8a:0f:78:f9:4e:dc:ae:be:62:35:96:
36:a5:9d:07:d6:da:6d:7c:b1:42:68:3d:6e:d3:c6:
0c:3e:67:cd:ae:00:24:95:dc:25:e8:ed:6a:ea:79:
14:b8:97:53:3d:4c:29:e1:9e:af:94:05:bc:04:44:
85:52:32:be:82:37:6e:ad:c8:65:f5:67:43:aa:f7:
4e:5a:66:f7:ea:da:48:df:b3:c0:d2:4e:0e:e6:7b:
fb:ff:62:b5:8c:13:73:f9:83:67:79:92:2f:fa:fe:
61:99:89:d6:de:ea:1e:40:6b:62:f9:30:95:fe:d7:
99:b4:6f:21:9e:d2:7f:8e:7f:11:35:88:4a:8a:52:
7e:84:d0:a7:23:c8:ee:fe:ff:d2:3d:c8:6c:90:0d:
f3:29:d4:fa:af:ad:00:74:6f:8b:0b:ee:d7:3e:ec:
97:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:D6:C4:9F:C2:36:D0:18:E7:11:64:19:6A:BA:63:A3:77:C5:EE:F2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1bb27900-3531-4083-aef8-cc7656dba027.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:b000::/40
Signature Algorithm: sha256WithRSAEncryption
0f:9c:a5:7f:22:13:98:42:cf:62:c9:be:0f:11:1c:a8:87:41:
af:d6:f0:1e:0e:41:e1:20:14:5a:e0:d7:99:fa:52:66:0d:b7:
f9:05:bb:47:b5:76:6e:a8:4b:17:97:b9:91:db:53:a7:39:3d:
09:75:9c:8f:9f:e7:d4:b7:d8:7c:52:dc:7f:a8:78:71:6e:36:
8c:1a:67:c6:9c:be:d6:93:fc:5f:d4:70:a9:33:88:30:55:94:
f3:d7:58:b3:52:19:53:39:27:6e:14:41:5c:70:da:d6:9e:de:
7a:15:51:ee:9a:1c:ad:53:bd:42:47:d5:85:69:56:ff:5f:6c:
f5:3e:4c:d4:88:f6:78:b0:21:ba:10:70:ca:2e:3d:03:74:ba:
df:51:da:60:4e:38:74:5c:d5:82:05:68:bb:51:be:08:5f:03:
4c:7d:13:0e:95:68:21:ee:04:d5:44:84:93:5c:ae:46:81:d4:
3a:75:f5:fe:b1:95:4f:93:98:40:81:a0:cb:c1:f7:e3:d1:1d:
de:27:91:8b:a1:70:eb:9f:1f:53:ed:f4:8b:08:0a:10:51:4f:
88:a9:d1:33:3e:f4:b9:cd:a1:69:f4:50:51:66:3a:a4:f2:83:
0d:1a:63:df:14:6d:cf:d6:c4:6f:10:c0:88:fa:3f:b1:94:08:
21:4f:b3:23
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUIIjoJsfiP/hf6Os6eSU3m+2xSwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjUwMTFaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0YTI2NjJmY2I1YjU0NTNjMmIwYTRiN2ZiMmUzMTcwNGQ5YTEwOGI4OWUz
NzczMzg0YzAxNzY4NDY4M2NlY2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKue6bv+VtxqkAADo5pMJvI8T/nJOGnQJOSReV86B1ZnIeIPU2WvSTtaYXAn
AOLr8Kkcf67Z1KYredgyDZd+lf9uLQImYISCCd89BhgfJ22/QOl0oZ2WBwAn7OGr
IYoPePlO3K6+YjWWNqWdB9babXyxQmg9btPGDD5nza4AJJXcJejtaup5FLiXUz1M
KeGer5QFvAREhVIyvoI3bq3IZfVnQ6r3Tlpm9+raSN+zwNJODuZ7+/9itYwTc/mD
Z3mSL/r+YZmJ1t7qHkBrYvkwlf7XmbRvIZ7Sf45/ETWISopSfoTQpyPI7v7/0j3I
bJAN8ynU+q+tAHRviwvu1z7sl4UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSC1sSf
wjbQGOcRZBlqumOjd8Xu8jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWJiMjc5MDAtMzUzMS00MDgzLWFlZjgtY2M3NjU2ZGJhMDI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HOw
MA0GCSqGSIb3DQEBCwUAA4IBAQAPnKV/IhOYQs9iyb4PERyoh0Gv1vAeDkHhIBRa
4NeZ+lJmDbf5BbtHtXZuqEsXl7mR21OnOT0JdZyPn+fUt9h8Utx/qHhxbjaMGmfG
nL7Wk/xf1HCpM4gwVZTz11izUhlTOSduFEFccNrWnt56FVHumhytU71CR9WFaVb/
X2z1PkzUiPZ4sCG6EHDKLj0DdLrfUdpgTjh0XNWCBWi7Ub4IXwNMfRMOlWgh7gTV
RISTXK5GgdQ6dfX+sZVPk5hAgaDLwffj0R3eJ5GLoXDrnx9T7fSLCAoQUU+IqdEz
PvS5zaFp9FBRZjqk8oMNGmPfFG3P1sRvEMCI+j+xlAghT7Mj
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:45 2025 by rpki-client