Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2562684d-020c-40d9-b3bb-3fcb4c638494.roa
File: 2562684d-020c-40d9-b3bb-3fcb4c638494.roa (raw, json)
Hash identifier: nv3whAScOjN24/g98T60Ma6TNS8SJxIH7e35zWK3eMY=
Subject key identifier: 1E:9B:CC:37:13:26:F7:CA:00:92:6A:FA:C0:42:B4:4C:73:A6:BD:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 410226D073FCC4B453841D56CD39F741E2C50824
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2562684d-020c-40d9-b3bb-3fcb4c638494.roa
Signing time: Fri 25 Jul 2025 16:50:19 +0000
ROA not before: Fri 25 Jul 2025 16:50:19 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:02:26:d0:73:fc:c4:b4:53:84:1d:56:cd:39:f7:41:e2:c5:08:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:50:19 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=7313fb1b48e5d9436a6dbecc7ce537ced6f0921c770434b580bce70a38014ac3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1a:3c:84:74:82:5e:e5:e8:62:84:2a:47:35:
34:77:ec:72:0a:9b:9e:46:dd:25:f4:39:08:71:7b:
6f:7e:e6:41:d9:7c:16:a5:85:9d:d9:cb:fb:e1:96:
f4:fd:c7:51:34:2a:1b:07:36:28:3e:61:90:fe:14:
75:df:1e:80:74:a3:dd:65:e1:7c:63:83:15:20:e0:
68:cf:82:71:7e:c0:b9:e7:4a:24:e7:82:ca:c2:67:
eb:c7:d2:70:4a:de:d3:04:68:36:e4:bc:de:50:d1:
16:9a:ba:cd:27:e3:40:2a:b5:96:f0:5c:be:ad:67:
91:01:72:b6:aa:4e:09:71:b0:45:fc:1d:71:85:5f:
b7:f0:bc:23:d6:76:4c:e3:b6:88:7c:a0:bc:52:26:
24:2c:1e:6e:eb:7c:3e:ec:b9:f6:b4:99:2e:09:84:
87:66:87:8e:99:d5:66:bf:87:68:d8:09:a2:c1:8a:
7d:5e:67:9f:c3:cd:5d:62:d5:40:47:3f:d3:be:a6:
c0:04:3b:a1:cb:ca:6b:7e:1e:9a:97:39:41:17:84:
18:8e:a5:e2:9a:dd:24:14:b6:9f:a3:e8:51:d4:43:
5d:e4:d8:32:ff:81:89:ec:15:93:8c:70:43:d7:58:
d3:31:e7:e1:b2:b0:32:d4:52:32:06:cd:4c:3d:6d:
67:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:9B:CC:37:13:26:F7:CA:00:92:6A:FA:C0:42:B4:4C:73:A6:BD:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2562684d-020c-40d9-b3bb-3fcb4c638494.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:9000::/40
Signature Algorithm: sha256WithRSAEncryption
00:7e:7d:25:1d:d4:9c:bd:2a:1e:1d:23:6c:8a:13:1a:b8:43:
41:c2:77:97:45:54:38:43:c4:fb:66:6f:a0:43:df:82:0d:f8:
97:c8:79:18:b1:ef:5e:d5:d2:3f:ea:d3:16:5d:52:3e:e8:8e:
ad:c4:b0:83:90:db:f7:d0:f8:2b:65:10:62:99:5a:88:8d:da:
71:7a:c6:bf:b5:e8:8f:25:03:13:6f:a3:b6:3a:27:cb:df:2d:
ac:d0:1e:ac:68:00:8a:c7:93:c4:68:34:5f:69:e7:8c:a0:be:
e4:6c:dc:86:7a:8f:85:78:25:d6:c2:e0:2b:ad:8a:ec:23:80:
7d:49:fb:3f:7d:30:93:eb:1e:aa:75:88:14:5c:ca:8a:0f:c8:
bd:1c:8d:69:0f:53:72:43:66:27:bc:44:9d:3f:a9:fb:1e:4e:
55:dd:ee:da:f9:03:dc:b7:14:cf:f2:4b:fc:57:61:c9:aa:bc:
2c:d5:30:ae:f7:91:a6:4f:2a:c8:9b:c5:f7:25:ca:f6:65:ce:
f0:80:2d:ac:41:b1:97:3d:2f:cc:3b:83:9a:62:3f:3b:d2:64:
c6:39:41:9b:79:73:30:33:52:00:4c:a2:0a:79:b1:58:4f:bb:
99:47:db:47:cf:01:b1:89:a8:6c:e7:aa:96:1b:5c:12:a5:a4:
42:1d:71:5b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQQIm0HP8xLRThB1WzTn3QeLFCCQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUwMTlaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDczMTNmYjFiNDhlNWQ5NDM2YTZkYmVjYzdjZTUzN2NlZDZmMDkyMWM3NzA0
MzRiNTgwYmNlNzBhMzgwMTRhYzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJMaPIR0gl7l6GKEKkc1NHfscgqbnkbdJfQ5CHF7b37mQdl8FqWFndnL++GW
9P3HUTQqGwc2KD5hkP4Udd8egHSj3WXhfGODFSDgaM+CcX7AuedKJOeCysJn68fS
cEre0wRoNuS83lDRFpq6zSfjQCq1lvBcvq1nkQFytqpOCXGwRfwdcYVft/C8I9Z2
TOO2iHygvFImJCwebut8Puy59rSZLgmEh2aHjpnVZr+HaNgJosGKfV5nn8PNXWLV
QEc/076mwAQ7ocvKa34empc5QReEGI6l4prdJBS2n6PoUdRDXeTYMv+BiewVk4xw
Q9dY0zHn4bKwMtRSMgbNTD1tZ/0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQem8w3
Eyb3ygCSavrAQrRMc6a9sDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjU2MjY4NGQtMDIwYy00MGQ5LWIzYmItM2ZjYjRjNjM4NDk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAAfn0lHdScvSoeHSNsihMauENBwneXRVQ4Q8T7
Zm+gQ9+CDfiXyHkYse9e1dI/6tMWXVI+6I6txLCDkNv30PgrZRBimVqIjdpxesa/
teiPJQMTb6O2OifL3y2s0B6saACKx5PEaDRfaeeMoL7kbNyGeo+FeCXWwuArrYrs
I4B9Sfs/fTCT6x6qdYgUXMqKD8i9HI1pD1NyQ2YnvESdP6n7Hk5V3e7a+QPctxTP
8kv8V2HJqrws1TCu95GmTyrIm8X3Jcr2Zc7wgC2sQbGXPS/MO4OaYj870mTGOUGb
eXMwM1IATKIKebFYT7uZR9tHzwGxiahs56qWG1wSpaRCHXFb
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:49 2025 by rpki-client