Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53f71feb-77ff-438f-8d1f-e553194144d2.roa
File: 53f71feb-77ff-438f-8d1f-e553194144d2.roa (raw, json)
Hash identifier: NTQ9E8r9opYNX1NxRiaL8NKj25q1yOUaL19dm4fwj6s=
Subject key identifier: 64:25:9E:C7:67:82:84:49:45:17:10:60:2F:5D:FF:12:EC:FF:F3:3B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4047BF7B5861DF12E0D6DF855D74398EECB9AE86
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53f71feb-77ff-438f-8d1f-e553194144d2.roa
Signing time: Mon 21 Jul 2025 16:40:09 +0000
ROA not before: Mon 21 Jul 2025 16:40:09 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:47:bf:7b:58:61:df:12:e0:d6:df:85:5d:74:39:8e:ec:b9:ae:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:40:09 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=d918967369ba9c3075efd46748e6e8fc52e04882b5ac41d12368e0eeaf91ef5c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:57:cf:11:79:8f:52:e3:f6:c7:54:02:3d:63:
a4:c0:ce:dc:a0:fe:23:62:50:36:77:d5:82:71:80:
8e:85:98:be:20:97:98:72:68:a8:3f:4a:35:bb:7d:
82:2a:ae:36:80:31:50:e4:21:e8:d5:ea:51:c7:af:
39:35:a8:65:b3:89:c4:6e:4a:c6:99:78:ad:55:ac:
0e:21:4a:04:d3:36:25:81:f3:c1:cc:44:77:ac:25:
9f:a7:ae:9c:28:74:14:7e:2b:4c:35:8e:39:1a:28:
05:6e:56:02:09:1e:e0:3f:47:c0:0a:77:41:ba:62:
ae:a0:e9:a0:ca:7d:f0:d7:19:bb:b9:9d:35:bd:8d:
73:57:11:0f:18:33:dd:24:b1:25:5b:4b:67:9e:e9:
ad:9a:59:ad:58:de:00:6f:46:41:43:86:55:9b:a3:
8e:0b:f6:be:c2:82:1a:01:87:59:f7:1d:97:6f:c0:
6f:75:3b:49:2b:a0:a9:92:f1:9a:e3:f6:58:20:1a:
b4:44:fe:d8:89:ce:69:5a:d5:c1:cc:eb:53:33:6d:
86:67:b5:cb:a8:dd:20:95:82:ff:96:28:53:61:80:
fa:71:91:8c:5d:48:5a:dc:d9:0e:04:a8:b3:da:62:
79:a7:26:5b:9a:75:68:a6:43:34:69:b3:26:21:82:
e2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:25:9E:C7:67:82:84:49:45:17:10:60:2F:5D:FF:12:EC:FF:F3:3B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53f71feb-77ff-438f-8d1f-e553194144d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4020::/48
Signature Algorithm: sha256WithRSAEncryption
7a:e6:e0:ec:2b:12:13:a1:66:9c:c8:94:05:7a:4a:08:1a:cc:
74:78:30:7b:69:dd:57:c7:f1:e6:9d:a6:b0:79:2a:06:75:0c:
94:10:78:db:43:02:a1:6a:0d:8c:50:97:63:8d:71:c6:c2:4e:
13:e5:9b:65:6c:76:d2:e8:ff:31:b9:9b:71:3e:48:bb:98:be:
04:79:24:c3:2f:87:37:b8:e9:d2:cf:7b:81:f1:b6:fe:b0:76:
5b:9d:09:cb:fa:17:1a:86:ad:b0:07:84:1b:c4:76:62:12:41:
c6:21:60:2a:ce:fe:dc:de:6b:f4:2f:4b:a0:b6:9f:55:3b:86:
c0:8c:82:4a:6f:e6:1c:ae:c4:39:58:e0:f0:ac:ff:69:22:91:
a8:46:9c:79:f1:35:31:be:81:5c:70:89:4b:3d:27:16:17:c8:
28:4c:80:a4:0f:1c:04:cc:5d:93:9d:ba:f9:ef:68:b3:c6:49:
af:9e:7a:40:1d:16:5b:c7:c0:aa:e9:ba:86:d6:d6:da:28:c6:
d7:6c:62:6f:95:2e:d1:00:a3:29:16:35:28:79:b2:c4:5d:05:
a9:c6:69:b8:5c:0c:ef:00:4b:b2:8c:63:0f:3b:58:8d:18:c6:
da:4c:48:07:d6:7b:8e:11:20:ed:da:e2:63:0b:39:dd:00:bc:
3e:8e:cd:b7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQEe/e1hh3xLg1t+FXXQ5juy5roYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjQwMDlaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5MTg5NjczNjliYTljMzA3NWVmZDQ2NzQ4ZTZlOGZjNTJlMDQ4ODJiNWFj
NDFkMTIzNjhlMGVlYWY5MWVmNWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMBXzxF5j1Lj9sdUAj1jpMDO3KD+I2JQNnfVgnGAjoWYviCXmHJoqD9KNbt9
giquNoAxUOQh6NXqUcevOTWoZbOJxG5Kxpl4rVWsDiFKBNM2JYHzwcxEd6wln6eu
nCh0FH4rTDWOORooBW5WAgke4D9HwAp3QbpirqDpoMp98NcZu7mdNb2Nc1cRDxgz
3SSxJVtLZ57prZpZrVjeAG9GQUOGVZujjgv2vsKCGgGHWfcdl2/Ab3U7SSugqZLx
muP2WCAatET+2InOaVrVwczrUzNthme1y6jdIJWC/5YoU2GA+nGRjF1IWtzZDgSo
s9pieacmW5p1aKZDNGmzJiGC4q0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRkJZ7H
Z4KESUUXEGAvXf8S7P/zOzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTNmNzFmZWItNzdmZi00MzhmLThkMWYtZTU1MzE5NDE0NGQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
IDANBgkqhkiG9w0BAQsFAAOCAQEAeubg7CsSE6FmnMiUBXpKCBrMdHgwe2ndV8fx
5p2msHkqBnUMlBB420MCoWoNjFCXY41xxsJOE+WbZWx20uj/MbmbcT5Iu5i+BHkk
wy+HN7jp0s97gfG2/rB2W50Jy/oXGoatsAeEG8R2YhJBxiFgKs7+3N5r9C9LoLaf
VTuGwIyCSm/mHK7EOVjg8Kz/aSKRqEacefE1Mb6BXHCJSz0nFhfIKEyApA8cBMxd
k526+e9os8ZJr556QB0WW8fAqum6htbW2ijG12xib5Uu0QCjKRY1KHmyxF0FqcZp
uFwM7wBLsoxjDztYjRjG2kxIB9Z7jhEg7driYws53QC8Po7Ntw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:21:26 2025 by rpki-client