Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
File: 48202432-610c-42b2-9763-e895c6cbe70d.roa (raw, json)
Hash identifier: UjPy9rveFcnhmqnHoifkEg6fhPhJQe5YYYvsybDZsno=
Subject key identifier: D3:03:A4:D8:9E:95:C1:F9:C7:EA:D5:3A:4F:72:E2:33:19:53:58:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D1466A1C30AA9818432CFD28140AF0518E14358
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
Signing time: Tue 29 Jul 2025 18:30:19 +0000
ROA not before: Tue 29 Jul 2025 18:30:19 +0000
ROA not after: Tue 02 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:14:66:a1:c3:0a:a9:81:84:32:cf:d2:81:40:af:05:18:e1:43:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 29 18:30:19 2025 GMT
Not After : Sep 2 23:59:59 2025 GMT
Subject: serialNumber=1d35772c2cffa649489af0eba493bd3f6196f889e2ff37384d526b818127ebaf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7a:c9:af:76:bb:8c:55:99:5e:94:8d:4c:17:
67:fb:54:27:57:2a:b8:2c:fb:c7:9a:91:07:dc:4f:
7f:79:48:9c:63:ea:37:9b:6f:bb:2f:d6:8b:9b:58:
77:ae:dd:9f:c8:27:e2:05:8e:bf:9c:ae:bb:a8:83:
37:19:9d:ca:cd:0e:b5:53:03:f7:20:4f:e0:58:e1:
a9:86:ac:0d:22:50:eb:50:43:48:9b:d7:03:cf:08:
b2:41:52:97:e5:f7:5e:98:f5:1b:ab:bf:fc:cc:c5:
dd:a0:74:0e:7c:38:62:8d:d4:61:01:8f:54:40:e9:
b4:cd:a8:64:bb:9e:c7:f9:65:e7:ca:a9:b1:cd:bf:
e7:af:cc:6c:3b:d3:17:ed:c1:39:73:b3:9e:1d:ea:
d6:4b:d6:f2:ea:3b:1e:f8:de:dd:29:f2:8d:c5:08:
ae:99:a6:e8:22:21:d7:1f:7f:ff:5d:76:07:57:b6:
9a:af:ac:f3:f5:d9:00:09:af:60:30:2d:ad:85:cf:
8b:de:58:74:19:ff:6a:27:88:f0:a4:5f:2d:11:87:
35:17:30:33:97:08:e7:fc:c2:ad:6a:15:53:f6:97:
09:ec:c6:7a:ca:a7:7b:c6:3f:9c:e0:b6:d9:4b:d5:
f9:42:91:60:fa:b4:9f:3b:fa:1c:81:94:8d:0f:ae:
1b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:03:A4:D8:9E:95:C1:F9:C7:EA:D5:3A:4F:72:E2:33:19:53:58:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48202432-610c-42b2-9763-e895c6cbe70d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:1000::/48
Signature Algorithm: sha256WithRSAEncryption
8a:69:b4:56:43:42:75:08:cd:82:42:86:62:c8:e6:82:85:4c:
c5:63:70:7f:13:13:37:4c:4f:25:90:b0:b9:6a:5f:50:b2:b4:
bc:83:31:f9:a7:e2:ee:23:c8:c3:89:14:8c:69:4b:c4:22:76:
de:35:5c:ac:b5:90:b2:e7:41:16:69:0f:df:2c:a7:15:ad:51:
13:54:51:f4:cf:39:b7:08:af:e6:5b:ce:e9:6c:41:75:40:7c:
08:d0:7b:75:32:f3:ac:18:c6:28:8d:f5:77:bf:3c:f3:b7:65:
96:15:07:9b:3b:51:3a:c5:3a:67:48:e2:f6:c4:bd:cf:3a:81:
a9:16:d9:d4:0e:79:e8:22:f7:30:d4:fe:94:e0:33:39:35:eb:
46:ed:eb:5d:26:6b:36:a7:d7:c0:30:ef:a7:79:50:e1:a4:b0:
59:5c:ab:24:b7:c6:99:7c:4b:34:7e:d0:a3:db:d4:32:7a:cf:
bb:1a:ba:70:2c:83:c1:b4:8c:9f:fd:dc:2f:0b:cc:96:fc:40:
c9:2e:62:13:4c:2f:75:d6:fb:92:05:ba:52:38:61:7d:1f:93:
b8:ed:ef:cf:00:42:fb:46:7f:21:cb:62:d8:8e:c3:c9:f2:47:
38:e9:2a:b5:93:7a:78:c8:1f:6b:6f:69:0a:f4:21:14:02:e0:
20:3b:c6:58
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfRRmocMKqYGEMs/SgUCvBRjhQ1gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjkxODMwMTlaFw0yNTA5MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkMzU3NzJjMmNmZmE2NDk0ODlhZjBlYmE0OTNiZDNmNjE5NmY4ODllMmZm
MzczODRkNTI2YjgxODEyN2ViYWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK56ya92u4xVmV6UjUwXZ/tUJ1cquCz7x5qRB9xPf3lInGPqN5tvuy/Wi5tY
d67dn8gn4gWOv5yuu6iDNxmdys0OtVMD9yBP4FjhqYasDSJQ61BDSJvXA88IskFS
l+X3Xpj1G6u//MzF3aB0Dnw4Yo3UYQGPVEDptM2oZLuex/ll58qpsc2/56/MbDvT
F+3BOXOznh3q1kvW8uo7Hvje3SnyjcUIrpmm6CIh1x9//112B1e2mq+s8/XZAAmv
YDAtrYXPi95YdBn/aieI8KRfLRGHNRcwM5cI5/zCrWoVU/aXCezGesqne8Y/nOC2
2UvV+UKRYPq0nzv6HIGUjQ+uG5UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTTA6TY
npXB+cfq1TpPcuIzGVNY/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDgyMDI0MzItNjEwYy00MmIyLTk3NjMtZTg5NWM2Y2JlNzBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HYQ
ADANBgkqhkiG9w0BAQsFAAOCAQEAimm0VkNCdQjNgkKGYsjmgoVMxWNwfxMTN0xP
JZCwuWpfULK0vIMx+afi7iPIw4kUjGlLxCJ23jVcrLWQsudBFmkP3yynFa1RE1RR
9M85twiv5lvO6WxBdUB8CNB7dTLzrBjGKI31d78887dllhUHmztROsU6Z0ji9sS9
zzqBqRbZ1A556CL3MNT+lOAzOTXrRu3rXSZrNqfXwDDvp3lQ4aSwWVyrJLfGmXxL
NH7Qo9vUMnrPuxq6cCyDwbSMn/3cLwvMlvxAyS5iE0wvddb7kgW6UjhhfR+TuO3v
zwBC+0Z/Icti2I7DyfJHOOkqtZN6eMgfa29pCvQhFALgIDvGWA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:59:00 2025 by rpki-client