Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
File: 631196a4-90f5-4760-982e-15fbaf4805ec.roa (raw, json)
Hash identifier: njS5V04ZpipFS6NAcqLP68jPl8RdxR9qTc+lI7g50kE=
Subject key identifier: 4D:5F:ED:5E:20:58:B4:59:F9:7E:C0:CE:8C:64:C1:3A:D0:AD:85:15
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D732957E709821BDB13E7C10D47CFA31F9D84A2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
Signing time: Fri 01 Aug 2025 17:20:08 +0000
ROA not before: Fri 01 Aug 2025 17:20:08 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d020:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:73:29:57:e7:09:82:1b:db:13:e7:c1:0d:47:cf:a3:1f:9d:84:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:20:08 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=f8891bc33fb58ab48ef5a5ef92961e9867694bf07e1d0711513f151a2477f3dc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:78:a1:b9:96:07:ba:73:b7:d3:d7:a3:31:5d:
af:94:bd:82:ff:ec:6c:52:72:22:14:75:c0:6d:41:
61:0d:0f:7c:5d:40:ff:d3:d5:bb:f9:7e:52:95:7f:
72:1f:32:70:6a:80:fd:a2:46:0f:64:8e:3b:a1:8f:
c2:6b:07:74:a7:5b:46:ef:34:51:13:85:8f:00:39:
86:0a:5f:6b:b3:04:dd:45:a6:2d:9c:33:ac:74:63:
70:0f:9e:17:3a:bf:f2:8e:00:81:5b:eb:7c:3a:37:
7d:0a:a4:3c:ab:1a:ec:42:a9:f2:ac:15:9e:52:28:
13:d2:a0:06:a1:25:d5:15:80:d4:e6:df:c9:17:b4:
92:d6:ae:bc:d0:49:a7:95:d2:8b:cb:3f:1a:e4:eb:
a9:ac:30:f4:81:4c:26:c7:0d:8c:00:1d:0c:61:4f:
40:94:73:3a:b3:9b:3a:b8:ab:76:57:e1:cb:5c:b8:
0e:6a:58:5c:da:2e:06:c2:a9:61:ff:8d:aa:59:41:
5e:7c:f7:03:73:36:e8:6b:92:b3:81:d9:9b:ce:b3:
c5:01:e6:32:5a:26:83:4d:c1:0a:38:66:48:8f:4d:
f9:62:8f:01:e9:45:a1:07:43:6a:b6:e5:86:55:60:
73:f7:81:52:b8:df:25:58:80:58:5f:cf:22:d0:b0:
67:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:5F:ED:5E:20:58:B4:59:F9:7E:C0:CE:8C:64:C1:3A:D0:AD:85:15
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d020:8000::/36
Signature Algorithm: sha256WithRSAEncryption
21:48:c0:66:17:4a:a0:3c:fd:3a:c0:56:1a:2f:40:46:c3:d4:
8e:41:ca:0c:ee:7e:b5:1b:3a:bc:09:c4:1c:fd:45:5c:1e:c5:
88:26:84:1c:09:59:6e:3c:84:17:ac:ad:b6:43:99:56:fa:df:
46:52:6a:e3:47:e3:03:6d:45:ee:15:e3:00:8a:fa:bb:5f:05:
29:69:e0:55:45:30:27:fd:65:db:c0:3e:2d:83:e4:4e:38:7b:
6f:98:91:f3:2e:3b:bc:07:ff:36:59:b4:f7:c3:e7:63:74:e1:
f6:a7:de:a9:99:2d:74:f3:1d:92:1d:b1:e2:b2:60:a4:6d:09:
b5:55:67:89:2e:cb:29:05:ff:20:cf:4f:2d:de:8a:e3:07:40:
78:da:bf:d5:51:8e:b7:8d:cd:de:05:33:96:77:a8:8d:53:7c:
3c:3b:7e:50:6d:27:51:fa:62:e0:cb:32:dd:3d:be:75:c8:1f:
60:e7:62:f7:e9:68:28:96:10:50:99:52:76:ff:69:4b:83:1e:
3e:11:a9:c3:48:97:34:1c:e0:50:78:71:32:35:dd:84:a1:51:
73:65:dc:28:29:ab:27:8d:c6:f6:83:cc:ac:eb:26:e0:fa:fd:
29:4c:cc:a4:81:e6:69:c4:0b:f7:20:46:23:2e:39:89:66:ef:
0c:6a:b1:22
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDXMpV+cJghvbE+fBDUfPox+dhKIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzIwMDhaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4ODkxYmMzM2ZiNThhYjQ4ZWY1YTVlZjkyOTYxZTk4Njc2OTRiZjA3ZTFk
MDcxMTUxM2YxNTFhMjQ3N2YzZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOd4obmWB7pzt9PXozFdr5S9gv/sbFJyIhR1wG1BYQ0PfF1A/9PVu/l+UpV/
ch8ycGqA/aJGD2SOO6GPwmsHdKdbRu80UROFjwA5hgpfa7ME3UWmLZwzrHRjcA+e
Fzq/8o4AgVvrfDo3fQqkPKsa7EKp8qwVnlIoE9KgBqEl1RWA1ObfyRe0ktauvNBJ
p5XSi8s/GuTrqaww9IFMJscNjAAdDGFPQJRzOrObOrirdlfhy1y4DmpYXNouBsKp
Yf+NqllBXnz3A3M26GuSs4HZm86zxQHmMlomg03BCjhmSI9N+WKPAelFoQdDarbl
hlVgc/eBUrjfJViAWF/PItCwZ/0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRNX+1e
IFi0Wfl+wM6MZME60K2FFTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjMxMTk2YTQtOTBmNS00NzYwLTk4MmUtMTVmYmFmNDgwNWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CCA
MA0GCSqGSIb3DQEBCwUAA4IBAQAhSMBmF0qgPP06wFYaL0BGw9SOQcoM7n61Gzq8
CcQc/UVcHsWIJoQcCVluPIQXrK22Q5lW+t9GUmrjR+MDbUXuFeMAivq7XwUpaeBV
RTAn/WXbwD4tg+ROOHtvmJHzLju8B/82WbT3w+djdOH2p96pmS108x2SHbHismCk
bQm1VWeJLsspBf8gz08t3orjB0B42r/VUY63jc3eBTOWd6iNU3w8O35QbSdR+mLg
yzLdPb51yB9g52L36WgolhBQmVJ2/2lLgx4+EanDSJc0HOBQeHEyNd2EoVFzZdwo
Kasnjcb2g8ys6ybg+v0pTMykgeZpxAv3IEYjLjmJZu8MarEi
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:22:32 2025 by rpki-client