Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4875c926-8b00-4b21-bffa-08659e5c223d.roa
File: 4875c926-8b00-4b21-bffa-08659e5c223d.roa (raw, json)
Hash identifier: NKutOTafCFCe4rcgfVqdgoEM5iZ5zcXLuflJ22Sb8e8=
Subject key identifier: 71:FF:5F:32:C4:76:D0:41:F6:17:22:FA:4A:CA:8B:F8:DB:B6:AD:37
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29D632228EC1120225195DD336C04ABCE0D9CC20
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4875c926-8b00-4b21-bffa-08659e5c223d.roa
Signing time: Tue 29 Jul 2025 18:30:20 +0000
ROA not before: Tue 29 Jul 2025 18:30:20 +0000
ROA not after: Tue 02 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:d6:32:22:8e:c1:12:02:25:19:5d:d3:36:c0:4a:bc:e0:d9:cc:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 29 18:30:20 2025 GMT
Not After : Sep 2 23:59:59 2025 GMT
Subject: serialNumber=c6f6b2b4e466bf81c8f7fb0af7f896ef1bf54e4ac7b6e044cb3966ec8c5f38b9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0a:9e:76:3b:35:bf:06:fd:aa:8e:0d:76:cb:
c9:8f:0c:f5:54:c5:68:f8:9c:5c:81:a0:e1:f7:ba:
0f:0b:4b:fc:11:60:99:24:9c:85:d7:37:70:78:2e:
db:ff:db:d8:a9:65:a7:60:43:80:58:d3:f8:d7:d2:
84:dc:fd:e6:5e:2c:5c:f9:8d:68:3e:02:fc:4e:1a:
e4:29:d4:b7:3b:2f:04:bd:d5:b0:58:51:bb:9f:3a:
5f:a2:23:28:9c:00:5f:f3:9f:4a:b4:32:9c:2d:0f:
68:76:44:e5:1d:b5:80:a2:4e:19:33:01:27:bc:4b:
bb:d1:33:29:47:8f:3c:ae:65:82:ae:94:71:3b:87:
2b:a4:4f:75:7f:38:1b:96:19:a7:e8:82:46:5f:73:
92:b0:34:4b:2b:ae:3e:86:e7:6e:ff:62:7c:ad:48:
75:28:51:f0:d5:76:82:06:cf:65:16:bd:81:51:f8:
05:27:a3:cb:9c:f8:eb:bf:f8:42:e6:46:93:a5:a9:
33:24:8b:51:49:ee:c3:30:c0:d7:1e:b7:da:ad:9d:
05:33:36:4c:e0:52:2f:51:f2:ce:15:68:9f:60:11:
74:ab:ad:27:fc:86:8d:0c:37:f5:6f:63:98:ae:1a:
c4:29:0c:ba:bb:d4:e7:40:b4:97:30:67:3a:42:58:
07:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:FF:5F:32:C4:76:D0:41:F6:17:22:FA:4A:CA:8B:F8:DB:B6:AD:37
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4875c926-8b00-4b21-bffa-08659e5c223d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:1000::/40
Signature Algorithm: sha256WithRSAEncryption
62:f3:dc:47:98:d6:4a:4d:ad:65:44:7a:ab:ea:0f:35:51:d3:
31:b2:cd:71:1b:4e:69:54:3d:ad:b1:db:08:e8:8b:6b:92:6e:
f9:ce:e1:7f:2d:dd:a1:5f:af:94:43:cb:f4:92:ee:a5:de:c1:
44:66:11:2e:52:46:5d:de:85:f2:95:ac:66:3f:f6:ec:fa:06:
11:0a:9c:00:46:d1:87:ac:3e:20:cf:20:a8:29:61:91:d0:33:
8b:d0:99:83:c0:c9:09:57:0d:96:ad:29:e9:9f:21:db:eb:2f:
f8:ac:dc:38:7f:6a:d8:ef:c0:47:e6:bf:d4:00:db:85:aa:c0:
c6:aa:31:b8:68:0f:ac:44:b7:aa:77:ab:ca:88:4f:20:bf:a4:
54:cc:87:05:64:5e:9e:03:a8:03:a5:11:1d:0e:5d:61:2a:58:
b9:23:39:ab:78:b8:ea:f7:83:21:f4:f8:04:23:af:7d:23:d0:
b9:4f:10:1d:4d:7c:42:9e:35:a7:d6:5f:14:05:27:68:17:54:
5d:ba:55:0d:4f:f5:b1:f1:cb:f5:32:fa:e4:2f:03:20:f1:e2:
ab:c0:57:48:1f:e6:1c:e5:2d:7e:9c:92:45:b0:7e:4d:3d:4b:
f2:b6:26:da:c6:50:13:1b:f9:5e:0a:2f:02:66:96:7f:9d:de:
e7:62:2a:ae
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKdYyIo7BEgIlGV3TNsBKvODZzCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjkxODMwMjBaFw0yNTA5MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2ZjZiMmI0ZTQ2NmJmODFjOGY3ZmIwYWY3Zjg5NmVmMWJmNTRlNGFjN2I2
ZTA0NGNiMzk2NmVjOGM1ZjM4YjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIUKnnY7Nb8G/aqODXbLyY8M9VTFaPicXIGg4fe6DwtL/BFgmSSchdc3cHgu
2//b2Kllp2BDgFjT+NfShNz95l4sXPmNaD4C/E4a5CnUtzsvBL3VsFhRu586X6Ij
KJwAX/OfSrQynC0PaHZE5R21gKJOGTMBJ7xLu9EzKUePPK5lgq6UcTuHK6RPdX84
G5YZp+iCRl9zkrA0SyuuPobnbv9ifK1IdShR8NV2ggbPZRa9gVH4BSejy5z467/4
QuZGk6WpMySLUUnuwzDA1x632q2dBTM2TOBSL1HyzhVon2ARdKutJ/yGjQw39W9j
mK4axCkMurvU50C0lzBnOkJYB0ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRx/18y
xHbQQfYXIvpKyov427atNzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDg3NWM5MjYtOGIwMC00YjIxLWJmZmEtMDg2NTllNWMyMjNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBi89xHmNZKTa1lRHqr6g81UdMxss1xG05pVD2t
sdsI6Itrkm75zuF/Ld2hX6+UQ8v0ku6l3sFEZhEuUkZd3oXylaxmP/bs+gYRCpwA
RtGHrD4gzyCoKWGR0DOL0JmDwMkJVw2WrSnpnyHb6y/4rNw4f2rY78BH5r/UANuF
qsDGqjG4aA+sRLeqd6vKiE8gv6RUzIcFZF6eA6gDpREdDl1hKli5IzmreLjq94Mh
9PgEI699I9C5TxAdTXxCnjWn1l8UBSdoF1RdulUNT/Wx8cv1MvrkLwMg8eKrwFdI
H+Yc5S1+nJJFsH5NPUvytibaxlATG/leCi8CZpZ/nd7nYiqu
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:30 2025 by rpki-client