Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
File: 66a53b3f-eb55-4869-ac1a-f83569ee728f.roa (raw, json)
Hash identifier: WeyG/ZMeibCOsMpGuJ6OoVH6tZccOcaLQZn/pS3nIiE=
Subject key identifier: 6A:68:61:25:FC:84:56:38:3E:DD:18:24:E9:0F:A0:D3:AA:6D:C4:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 495037C4F341CC6B528CC62613038B5C3C97087D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
Signing time: Mon 28 Jul 2025 16:11:10 +0000
ROA not before: Mon 28 Jul 2025 16:11:10 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:50:37:c4:f3:41:cc:6b:52:8c:c6:26:13:03:8b:5c:3c:97:08:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:11:10 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=e3a0dd124127aa94ffe8d7ab4c637175eab23c13d6a42f99e35186bcb4bbd188, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:3b:03:9b:ca:8c:c3:ae:1b:64:c1:0f:c9:fb:
10:94:96:cb:c0:87:0d:15:68:50:aa:37:ee:d7:35:
43:a3:7e:04:e9:50:10:58:34:f2:57:78:bc:66:69:
2d:a2:29:8e:b9:a2:1e:71:86:14:a8:c1:5f:1c:91:
1a:8e:51:60:fc:d4:e7:a9:6c:be:09:6e:c7:4d:c6:
93:6a:f1:a9:e9:a2:b6:0f:d7:8a:56:5a:cc:27:6d:
f9:9d:94:f9:d0:e9:c2:db:23:25:a1:f9:fa:76:3f:
4b:bc:2e:77:dc:c9:46:aa:60:23:c3:bb:49:d3:55:
12:b3:ed:34:36:f0:01:37:c3:42:60:d1:19:b9:bc:
81:2b:0f:53:e4:8d:a8:44:87:95:41:2a:71:17:a5:
a4:4c:14:38:ec:63:6c:5a:0e:ec:c8:be:0c:83:b4:
7c:14:ab:4a:19:c1:8b:e4:1b:e5:97:39:3c:7c:93:
db:4c:81:24:ca:27:2a:6e:cd:11:e7:b1:78:0c:8f:
9d:f9:1f:c0:9d:61:35:bc:cf:7e:8b:f4:c7:87:2f:
05:26:32:ac:ce:16:03:cd:97:1a:53:64:12:e5:0c:
1b:86:e4:00:4a:a0:75:57:e5:5e:9d:ac:da:06:f5:
4b:97:94:4c:7d:40:12:28:20:14:97:9e:10:4b:9a:
bf:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:68:61:25:FC:84:56:38:3E:DD:18:24:E9:0F:A0:D3:AA:6D:C4:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8000::/40
Signature Algorithm: sha256WithRSAEncryption
4d:17:35:f0:20:28:d0:f5:83:f3:16:cf:1b:02:bf:64:3e:b3:
d2:8b:82:60:5f:ff:6d:cf:5f:75:ba:64:77:16:d7:01:48:03:
f0:9b:05:4e:83:83:0f:02:8d:31:46:c3:9b:83:cc:7f:bc:10:
ab:7a:03:25:bc:26:80:72:50:d4:0e:0e:b8:2f:b0:9c:03:27:
a2:9a:01:2d:46:03:cb:19:5e:b3:e2:77:c1:27:ab:84:74:ff:
17:ed:7e:48:78:36:3a:43:44:ab:01:c3:10:e9:45:2f:ea:86:
92:93:67:91:5b:1d:38:c6:fd:5f:52:55:91:66:0d:be:85:b5:
a1:0b:5d:9d:06:ba:00:2c:d7:d1:ae:12:bf:f2:5d:cc:1a:8f:
87:84:2c:d9:e6:0d:7a:63:40:9f:88:71:8d:c1:cb:b4:3c:0e:
eb:44:5f:21:28:21:ff:65:a9:a7:d5:cf:57:5e:ac:1f:4f:f1:
8c:7b:86:9b:2d:e3:11:d9:64:41:d0:bb:66:f1:02:73:00:50:
9f:77:ee:49:44:e1:09:a5:c0:e4:d8:f2:5b:ab:01:50:67:a9:
44:ad:4d:f8:31:04:7e:b1:22:41:c4:bd:cc:f4:a0:f7:24:22:
9b:0e:4b:a1:da:9f:0a:50:9f:a3:cf:6c:d8:d1:cc:99:7e:d4:
89:77:cb:40
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSVA3xPNBzGtSjMYmEwOLXDyXCH0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjExMTBaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzYTBkZDEyNDEyN2FhOTRmZmU4ZDdhYjRjNjM3MTc1ZWFiMjNjMTNkNmE0
MmY5OWUzNTE4NmJjYjRiYmQxODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOI7A5vKjMOuG2TBD8n7EJSWy8CHDRVoUKo37tc1Q6N+BOlQEFg08ld4vGZp
LaIpjrmiHnGGFKjBXxyRGo5RYPzU56lsvglux03Gk2rxqemitg/XilZazCdt+Z2U
+dDpwtsjJaH5+nY/S7wud9zJRqpgI8O7SdNVErPtNDbwATfDQmDRGbm8gSsPU+SN
qESHlUEqcRelpEwUOOxjbFoO7Mi+DIO0fBSrShnBi+Qb5Zc5PHyT20yBJMonKm7N
EeexeAyPnfkfwJ1hNbzPfov0x4cvBSYyrM4WA82XGlNkEuUMG4bkAEqgdVflXp2s
2gb1S5eUTH1AEiggFJeeEEuav+kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRqaGEl
/IRWOD7dGCTpD6DTqm3EqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjZhNTNiM2YtZWI1NS00ODY5LWFjMWEtZjgzNTY5ZWU3MjhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSA
MA0GCSqGSIb3DQEBCwUAA4IBAQBNFzXwICjQ9YPzFs8bAr9kPrPSi4JgX/9tz191
umR3FtcBSAPwmwVOg4MPAo0xRsObg8x/vBCregMlvCaAclDUDg64L7CcAyeimgEt
RgPLGV6z4nfBJ6uEdP8X7X5IeDY6Q0SrAcMQ6UUv6oaSk2eRWx04xv1fUlWRZg2+
hbWhC12dBroALNfRrhK/8l3MGo+HhCzZ5g16Y0CfiHGNwcu0PA7rRF8hKCH/Zamn
1c9XXqwfT/GMe4abLeMR2WRB0Ltm8QJzAFCfd+5JROEJpcDk2PJbqwFQZ6lErU34
MQR+sSJBxL3M9KD3JCKbDkuh2p8KUJ+jz2zY0cyZftSJd8tA
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:40 2025 by rpki-client