Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7109e934-b803-4bd3-8dfc-cfe0c2222824.roa
File: 7109e934-b803-4bd3-8dfc-cfe0c2222824.roa (raw, json)
Hash identifier: UvSLmdgeI+KXgHisrHPefvYNVMJFms1z5U8Gr3nrd80=
Subject key identifier: 73:F3:3A:67:BF:52:98:EA:F6:21:B1:E0:81:C3:DA:4F:72:93:CA:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32F9ADF4F2BDF60BD3076C2B64E99356277B9933
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7109e934-b803-4bd3-8dfc-cfe0c2222824.roa
Signing time: Mon 21 Jul 2025 16:51:34 +0000
ROA not before: Mon 21 Jul 2025 16:51:34 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:5040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:f9:ad:f4:f2:bd:f6:0b:d3:07:6c:2b:64:e9:93:56:27:7b:99:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:51:34 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=04d337aabc09f7e6ddf040c718cf9c459e01272678d96a9b7d05de74b6827284, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:49:1a:95:94:16:5c:8f:d5:64:0c:f2:01:6b:
79:f7:7b:58:eb:53:ee:92:ee:9c:fe:13:3c:76:22:
fb:d0:30:0e:d9:ba:9e:43:3f:1f:b8:c8:23:ce:1c:
14:b9:2e:2c:10:5a:ff:96:92:1f:d3:32:c7:8e:32:
39:8d:be:d5:b8:f0:ed:07:79:77:6d:80:1d:e2:de:
c3:cc:47:f7:30:4d:20:fc:2a:ab:f3:2a:2c:5f:79:
b9:3d:46:20:c9:10:af:b0:1f:30:7e:0e:e5:55:ab:
c0:13:d9:68:76:be:b6:13:b3:4c:5d:af:62:2d:e9:
81:98:54:3b:6a:fc:64:13:cf:74:ba:41:4c:8a:41:
84:78:40:b7:aa:3c:75:56:21:3d:b6:d9:29:55:dd:
76:5d:46:c6:10:65:90:65:2c:26:11:c7:f2:3e:50:
97:6e:97:7d:b2:d6:b6:3f:b7:94:a3:ca:b9:ca:d5:
03:87:95:a3:30:8c:e2:ca:80:26:d4:cd:99:72:3a:
f3:53:be:ef:50:4f:c3:19:10:85:bb:5b:7b:36:11:
8e:31:05:fc:94:cc:e0:1c:5b:c3:a6:74:cf:fc:95:
7a:4c:94:5a:21:68:c3:75:4b:e9:aa:0e:a8:89:99:
8a:92:a5:2a:70:88:24:9b:cc:99:75:43:ac:52:19:
13:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:F3:3A:67:BF:52:98:EA:F6:21:B1:E0:81:C3:DA:4F:72:93:CA:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7109e934-b803-4bd3-8dfc-cfe0c2222824.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:5040::/46
Signature Algorithm: sha256WithRSAEncryption
4e:2b:3a:e3:90:3f:68:d6:ac:10:eb:8a:40:47:65:6a:13:05:
19:b0:e0:f6:69:1a:6a:da:f4:04:91:8e:51:09:7c:89:95:c7:
d5:11:94:06:b3:97:9b:61:64:12:d5:2f:3e:00:e7:f7:15:f7:
7e:96:da:22:5f:7c:e3:c8:b7:6e:e9:c4:05:17:f0:b9:c0:81:
80:94:0d:4f:48:27:d5:df:ed:d3:45:c1:a9:90:ea:9a:27:dd:
f4:2d:ff:51:7a:e1:ee:87:88:eb:87:88:8c:f8:35:e6:c8:a3:
4e:e5:29:46:57:ae:f8:8f:14:46:49:52:ae:20:f7:48:5c:66:
a2:69:8f:02:aa:af:ac:9a:1c:e8:5c:ea:9e:10:7f:d9:a3:89:
de:bc:29:6d:71:16:1c:62:df:2d:28:cf:76:d2:ba:6e:06:7d:
67:b6:bf:b2:8d:f1:92:bf:e7:f7:16:e9:d8:54:d4:05:41:a6:
c2:a4:dd:e1:84:60:d5:6d:ea:ae:50:15:aa:94:32:d3:da:b1:
99:89:60:d3:0a:a9:20:4d:d1:23:1b:8d:c2:1e:eb:86:85:b0:
c0:c4:c5:86:cb:11:a7:15:e4:41:f4:8b:77:d5:15:7c:d7:9c:
04:af:26:3a:02:6d:8e:db:67:85:7b:60:d4:87:55:5b:fa:ad:
61:01:5a:f2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMvmt9PK99gvTB2wrZOmTVid7mTMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjUxMzRaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0ZDMzN2FhYmMwOWY3ZTZkZGYwNDBjNzE4Y2Y5YzQ1OWUwMTI3MjY3OGQ5
NmE5YjdkMDVkZTc0YjY4MjcyODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1JGpWUFlyP1WQM8gFrefd7WOtT7pLunP4TPHYi+9AwDtm6nkM/H7jII84c
FLkuLBBa/5aSH9Myx44yOY2+1bjw7Qd5d22AHeLew8xH9zBNIPwqq/MqLF95uT1G
IMkQr7AfMH4O5VWrwBPZaHa+thOzTF2vYi3pgZhUO2r8ZBPPdLpBTIpBhHhAt6o8
dVYhPbbZKVXddl1GxhBlkGUsJhHH8j5Ql26XfbLWtj+3lKPKucrVA4eVozCM4sqA
JtTNmXI681O+71BPwxkQhbtbezYRjjEF/JTM4Bxbw6Z0z/yVekyUWiFow3VL6aoO
qImZipKlKnCIJJvMmXVDrFIZE80CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRz8zpn
v1KY6vYhseCBw9pPcpPK/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzEwOWU5MzQtYjgwMy00YmQzLThkZmMtY2ZlMGMyMjIyODI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNQ
QDANBgkqhkiG9w0BAQsFAAOCAQEATis645A/aNasEOuKQEdlahMFGbDg9mkaatr0
BJGOUQl8iZXH1RGUBrOXm2FkEtUvPgDn9xX3fpbaIl9848i3bunEBRfwucCBgJQN
T0gn1d/t00XBqZDqmifd9C3/UXrh7oeI64eIjPg15sijTuUpRleu+I8URklSriD3
SFxmommPAqqvrJoc6FzqnhB/2aOJ3rwpbXEWHGLfLSjPdtK6bgZ9Z7a/so3xkr/n
9xbp2FTUBUGmwqTd4YRg1W3qrlAVqpQy09qxmYlg0wqpIE3RIxuNwh7rhoWwwMTF
hssRpxXkQfSLd9UVfNecBK8mOgJtjttnhXtg1IdVW/qtYQFa8g==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:59:09 2025 by rpki-client