Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa
File: 431d8e22-a384-419e-9218-32a80c0ce0e3.roa (raw, json)
Hash identifier: AedXQCS+mrkSm+PQKEJZ7JRQ7EA6UGri9EzAyqG/7fE=
Subject key identifier: 73:38:63:12:73:28:75:1C:6A:FF:DF:05:9F:5C:BF:82:A4:0E:BD:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33FDDA3197960DBFB23017BFA2DDFE9B5F1C783C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa
Signing time: Tue 29 Jul 2025 18:30:18 +0000
ROA not before: Tue 29 Jul 2025 18:30:18 +0000
ROA not after: Tue 02 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:fd:da:31:97:96:0d:bf:b2:30:17:bf:a2:dd:fe:9b:5f:1c:78:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 29 18:30:18 2025 GMT
Not After : Sep 2 23:59:59 2025 GMT
Subject: serialNumber=899c73ff24f4aace735a0df30f29729aea67d1dee4000a5fcb15036c1a3e1cba, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:61:f4:92:05:b7:6e:89:c1:1d:45:85:01:63:
77:38:91:9b:c8:ef:46:23:ae:69:fd:44:6d:07:87:
27:db:6d:5b:1f:0f:bc:dc:e8:bd:50:bd:88:7e:ca:
30:61:0f:4e:f2:b9:37:f7:64:fd:5f:49:74:8c:6c:
ae:02:9f:4e:36:01:ab:c4:b5:67:0e:31:ea:8d:f2:
9a:c8:31:3c:7d:dc:09:fb:40:e0:ed:08:ba:e1:b8:
62:cb:74:a8:ab:37:4d:5f:a5:ae:6d:67:44:de:2b:
06:b9:8b:0e:e5:fe:61:80:bc:b8:40:bb:c0:80:ee:
95:1b:cc:f4:0e:c6:57:cc:b5:36:28:ac:24:36:28:
1f:e6:a9:d1:90:e4:8e:f7:dd:2b:35:90:54:27:58:
a1:3d:24:6a:14:1f:cf:d8:0b:83:8e:58:d8:7b:72:
a8:10:9e:06:1e:38:62:20:27:51:a8:97:19:08:e8:
e3:bd:dc:64:5a:a2:9d:61:82:f2:2b:83:74:13:70:
68:0f:55:c2:06:08:9d:64:01:08:a6:1f:1c:ee:ac:
f4:5c:10:ca:18:c9:fd:3a:e5:22:01:2a:2c:93:62:
b9:a8:77:81:8d:75:c5:b0:78:27:b0:3a:f0:15:d8:
59:62:51:2c:8e:9b:71:fc:88:76:97:95:88:6d:ed:
b0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:38:63:12:73:28:75:1C:6A:FF:DF:05:9F:5C:BF:82:A4:0E:BD:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/431d8e22-a384-419e-9218-32a80c0ce0e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:e000::/40
Signature Algorithm: sha256WithRSAEncryption
b6:85:95:df:2d:3b:ac:01:25:ab:73:8c:98:21:1b:7b:30:51:
d2:1f:18:c8:4d:23:c2:6a:df:84:10:7a:27:45:fe:78:f2:d0:
ed:d5:fe:60:69:c1:74:5c:d3:e0:2f:4d:91:3f:7c:c7:81:1d:
2a:4a:46:15:18:bf:50:52:51:0e:fa:27:31:2b:31:c5:55:c0:
f1:69:02:75:86:05:2d:e8:88:27:d0:e7:c5:5c:41:d0:0a:59:
cf:3d:e6:82:54:91:18:b4:05:6a:69:0c:f1:97:e2:a0:70:34:
01:8f:71:8b:fc:b3:99:30:aa:43:2e:dc:45:a5:fb:b5:1e:a5:
d0:72:dc:ab:80:8a:d4:21:9d:be:6f:45:ef:ec:e6:11:75:90:
3e:38:7b:86:48:11:eb:c2:ef:d8:a6:74:59:9f:84:60:be:25:
54:b6:45:24:55:bd:47:28:7c:ae:8a:9e:31:51:08:b0:d1:85:
ef:47:87:63:5e:7f:65:8d:54:81:23:6c:84:63:3a:40:55:06:
e5:d5:56:23:5e:f1:93:34:16:d7:f3:e5:3a:1b:80:77:f2:b4:
74:54:1d:84:2f:30:8c:37:46:c3:c0:17:45:88:fa:23:6b:5a:
7d:e8:96:3d:70:39:fe:d0:80:ff:42:14:8e:a4:e2:1d:b0:0f:
37:b9:3c:1c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM/3aMZeWDb+yMBe/ot3+m18ceDwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjkxODMwMThaFw0yNTA5MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5OWM3M2ZmMjRmNGFhY2U3MzVhMGRmMzBmMjk3MjlhZWE2N2QxZGVlNDAw
MGE1ZmNiMTUwMzZjMWEzZTFjYmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIJh9JIFt26JwR1FhQFjdziRm8jvRiOuaf1EbQeHJ9ttWx8PvNzovVC9iH7K
MGEPTvK5N/dk/V9JdIxsrgKfTjYBq8S1Zw4x6o3ymsgxPH3cCftA4O0IuuG4Yst0
qKs3TV+lrm1nRN4rBrmLDuX+YYC8uEC7wIDulRvM9A7GV8y1NiisJDYoH+ap0ZDk
jvfdKzWQVCdYoT0kahQfz9gLg45Y2HtyqBCeBh44YiAnUaiXGQjo473cZFqinWGC
8iuDdBNwaA9VwgYInWQBCKYfHO6s9FwQyhjJ/TrlIgEqLJNiuah3gY11xbB4J7A6
8BXYWWJRLI6bcfyIdpeViG3tsJsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRzOGMS
cyh1HGr/3wWfXL+CpA69/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDMxZDhlMjItYTM4NC00MTllLTkyMTgtMzJhODBjMGNlMGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hbg
MA0GCSqGSIb3DQEBCwUAA4IBAQC2hZXfLTusASWrc4yYIRt7MFHSHxjITSPCat+E
EHonRf548tDt1f5gacF0XNPgL02RP3zHgR0qSkYVGL9QUlEO+icxKzHFVcDxaQJ1
hgUt6Ign0OfFXEHQClnPPeaCVJEYtAVqaQzxl+KgcDQBj3GL/LOZMKpDLtxFpfu1
HqXQctyrgIrUIZ2+b0Xv7OYRdZA+OHuGSBHrwu/YpnRZn4RgviVUtkUkVb1HKHyu
ip4xUQiw0YXvR4djXn9ljVSBI2yEYzpAVQbl1VYjXvGTNBbX8+U6G4B38rR0VB2E
LzCMN0bDwBdFiPoja1p96JY9cDn+0ID/QhSOpOIdsA83uTwc
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:39 2025 by rpki-client