Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52cdf958-64cb-496a-aeda-f4f9a07b440e.roa
File: 52cdf958-64cb-496a-aeda-f4f9a07b440e.roa (raw, json)
Hash identifier: D9E6q7CaGzyq6HEIZb4jVGUBMsG0CUG4LtF6vq0BruU=
Subject key identifier: 9D:78:53:4B:92:8E:04:61:13:06:A1:0E:4F:7E:85:3E:E8:0E:10:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B7825846F1B5CE6F251553F42E0BDEEF8CEB2E9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52cdf958-64cb-496a-aeda-f4f9a07b440e.roa
Signing time: Wed 30 Jul 2025 20:07:11 +0000
ROA not before: Wed 30 Jul 2025 20:07:11 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:78:25:84:6f:1b:5c:e6:f2:51:55:3f:42:e0:bd:ee:f8:ce:b2:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:07:11 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=321683ca6fbae1b41a2e09de7cf5f68d4dcd32ab9d48dae14e0d02cdcda0d6ad, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:08:51:ca:d8:42:ff:0d:e5:99:63:e1:dd:d9:
8d:1a:5a:d9:1f:24:be:bb:30:b2:ee:97:a0:6a:2b:
32:8c:8d:2c:bc:4d:29:12:7a:83:ca:87:95:60:a6:
13:44:43:9e:3f:a7:b1:cd:1b:d0:1f:45:71:e5:9a:
c2:fd:72:70:bd:40:e5:15:59:ae:32:d6:96:09:83:
d7:f7:c9:20:31:65:50:80:11:b7:47:1e:f8:3f:88:
cc:50:1d:90:18:0b:ed:10:08:3b:77:7a:a0:62:08:
6f:84:be:b5:77:25:a2:81:26:69:2a:c7:21:b7:74:
b0:31:36:61:6b:f0:4f:0b:6e:bd:e3:77:72:cb:b4:
62:e7:0b:29:28:e8:ff:05:2e:80:f5:0e:67:c5:3a:
cd:fd:06:1f:ba:e3:67:e0:b8:82:4a:88:c7:13:55:
4a:89:5a:9a:c0:ef:14:f3:b4:06:c9:fd:0c:7e:d0:
bd:f9:46:76:f1:69:35:2c:b4:18:54:16:9b:19:44:
8d:66:9a:64:f0:9d:cd:8a:84:5f:2d:95:55:6a:f5:
48:47:d7:dc:fc:59:00:dd:f5:04:32:18:1b:65:18:
2f:15:fd:55:51:d1:08:69:2f:13:da:e5:4b:9f:0c:
52:a3:c2:2e:97:42:fa:ea:54:2b:a3:fb:dc:a9:28:
96:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:78:53:4B:92:8E:04:61:13:06:A1:0E:4F:7E:85:3E:E8:0E:10:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52cdf958-64cb-496a-aeda-f4f9a07b440e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:2000::/40
Signature Algorithm: sha256WithRSAEncryption
40:91:13:15:33:69:dd:47:c9:69:34:f5:48:48:74:82:86:5e:
67:26:3c:41:67:09:b6:e5:9a:4a:b4:cc:13:12:31:cf:a8:7c:
16:50:de:6a:55:b9:9c:ca:a1:2d:b2:b9:5c:c8:43:95:0a:6d:
64:17:5f:37:48:31:6d:0b:e9:17:a0:a8:80:50:31:b1:6e:64:
c6:26:9a:9b:2c:88:57:3b:9c:6e:05:af:ac:eb:2f:25:ea:cb:
d1:e7:bf:44:3d:fe:f0:14:a4:e7:88:94:61:4d:8d:73:83:82:
fa:26:d7:bc:8e:d5:bd:c0:b5:4f:3e:24:94:23:b0:be:ba:18:
0b:81:4b:ea:e5:d9:36:e2:bf:ca:4c:fc:1e:75:05:be:1d:bc:
17:11:f9:2f:6b:d1:8d:66:9d:21:77:89:e9:f1:d2:fa:c1:1b:
75:96:36:cb:75:71:bf:30:27:45:93:ea:0f:14:5b:3a:0f:d9:
ed:97:3c:b3:59:23:8c:d0:b9:31:5e:97:6b:12:46:c2:3f:f9:
ee:a3:6e:7f:c7:50:15:1c:b3:fe:bd:79:fe:0b:27:8f:3e:bd:
83:00:07:58:9f:d7:f1:b0:d5:05:2b:2f:cc:81:e3:f2:8d:42:
dc:d5:f8:51:51:49:3d:fd:d2:06:3e:e5:d3:83:a9:57:5d:7b:
54:ed:d1:9a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUO3glhG8bXObyUVU/QuC97vjOsukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MzAyMDA3MTFaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyMTY4M2NhNmZiYWUxYjQxYTJlMDlkZTdjZjVmNjhkNGRjZDMyYWI5ZDQ4
ZGFlMTRlMGQwMmNkY2RhMGQ2YWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJgIUcrYQv8N5Zlj4d3ZjRpa2R8kvrswsu6XoGorMoyNLLxNKRJ6g8qHlWCm
E0RDnj+nsc0b0B9FceWawv1ycL1A5RVZrjLWlgmD1/fJIDFlUIARt0ce+D+IzFAd
kBgL7RAIO3d6oGIIb4S+tXclooEmaSrHIbd0sDE2YWvwTwtuveN3csu0YucLKSjo
/wUugPUOZ8U6zf0GH7rjZ+C4gkqIxxNVSolamsDvFPO0Bsn9DH7QvflGdvFpNSy0
GFQWmxlEjWaaZPCdzYqEXy2VVWr1SEfX3PxZAN31BDIYG2UYLxX9VVHRCGkvE9rl
S58MUqPCLpdC+upUK6P73KkolnsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSdeFNL
ko4EYRMGoQ5PfoU+6A4QnTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTJjZGY5NTgtNjRjYi00OTZhLWFlZGEtZjRmOWEwN2I0NDBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DUg
MA0GCSqGSIb3DQEBCwUAA4IBAQBAkRMVM2ndR8lpNPVISHSChl5nJjxBZwm25ZpK
tMwTEjHPqHwWUN5qVbmcyqEtsrlcyEOVCm1kF183SDFtC+kXoKiAUDGxbmTGJpqb
LIhXO5xuBa+s6y8l6svR579EPf7wFKTniJRhTY1zg4L6Jte8jtW9wLVPPiSUI7C+
uhgLgUvq5dk24r/KTPwedQW+HbwXEfkva9GNZp0hd4np8dL6wRt1ljbLdXG/MCdF
k+oPFFs6D9ntlzyzWSOM0LkxXpdrEkbCP/nuo25/x1AVHLP+vXn+CyePPr2DAAdY
n9fxsNUFKy/MgePyjULc1fhRUUk9/dIGPuXTg6lXXXtU7dGa
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:29 2025 by rpki-client