Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa
File: 7175e6ba-4879-48cc-b428-9cd0d88a156a.roa (raw, json)
Hash identifier: 1yYHP7HuTS831bzhWlm7sVsqtGEZ1uxa+oE78aQwAY4=
Subject key identifier: 55:C2:18:17:11:F7:EA:17:23:34:80:CE:2C:45:05:05:24:6E:1A:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16020C443E20A02AF13963E50017DEE83D77A395
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa
Signing time: Fri 01 Aug 2025 17:10:27 +0000
ROA not before: Fri 01 Aug 2025 17:10:27 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:02:0c:44:3e:20:a0:2a:f1:39:63:e5:00:17:de:e8:3d:77:a3:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:10:27 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=9c3f471a4692ee99f6ca982a9df84ef41708ac450da4bd2e6cf16d78e1a1f795, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f5:65:6c:05:e9:d0:3c:2f:de:18:2f:60:02:
c3:a9:08:a9:ec:7f:29:00:62:f3:3a:ba:b1:ca:c5:
57:b2:09:3f:68:bd:eb:f6:7b:e7:4e:9c:41:87:6f:
02:d7:92:53:19:cf:9c:0d:e2:b1:c0:c5:68:6d:f9:
0c:26:c7:e8:4c:26:b6:56:c6:8f:15:d8:91:c3:2b:
d7:69:80:a0:e8:6e:cf:74:9d:60:dc:77:d5:a0:a5:
95:81:bb:57:59:29:5f:31:4c:29:17:1d:48:35:93:
38:1b:4a:e3:e7:bd:8f:7b:03:9e:9b:c9:f0:2c:93:
75:2c:7d:9b:06:3d:50:4f:4d:0f:e7:9e:26:ca:52:
ff:cc:35:68:57:0f:9d:a0:3b:fa:18:c3:e8:64:00:
bc:68:e8:31:91:84:de:0c:26:52:91:f8:50:88:21:
ec:0a:b5:95:ff:76:70:99:95:65:71:02:bd:8a:00:
ac:5b:f8:15:70:62:5e:8d:a1:ae:25:93:96:aa:78:
01:12:b5:66:7c:6f:02:ad:6f:18:76:20:2d:a4:97:
3c:4d:6e:a0:25:5f:81:39:50:0b:f9:68:16:79:5e:
e4:e8:96:27:8e:48:e9:fa:d2:49:e7:1b:73:3d:db:
83:aa:de:a9:fe:df:9b:e0:ac:6e:42:95:82:13:24:
a3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:C2:18:17:11:F7:EA:17:23:34:80:CE:2C:45:05:05:24:6E:1A:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
38:3a:dd:03:5b:ab:fb:7a:9d:46:d9:87:ff:ed:17:cc:9b:49:
f7:3c:3c:9b:12:25:f8:6e:84:b7:55:02:a1:58:ee:a0:ee:90:
81:da:d7:a3:69:3e:66:5f:7b:26:bd:67:01:6c:92:93:37:46:
d8:97:82:73:d2:20:f0:23:de:0d:90:39:7a:7d:82:06:35:ab:
0b:b2:a5:fa:11:5c:59:55:d3:f0:1f:d3:f8:25:8f:99:a1:fb:
a5:48:a7:26:52:a2:ca:75:2e:cf:15:4c:e2:39:51:62:01:3c:
e7:65:c4:a5:e0:d1:fc:10:ad:fb:76:2c:de:89:9c:db:55:65:
da:6b:a9:fb:24:26:57:fe:7f:c4:10:cc:99:23:6a:15:42:90:
6d:7a:a1:59:e9:28:83:39:ad:58:b0:ab:aa:24:cc:c9:0d:ea:
aa:cd:0e:ca:aa:08:ac:e4:42:38:fe:95:c8:6f:32:15:19:a3:
a9:af:d8:09:6d:76:12:84:49:b1:df:d7:e9:4d:dc:0c:6c:9a:
23:09:2c:56:be:82:a7:82:4f:3e:c7:04:d5:d7:0a:1a:1e:90:
fb:e4:35:77:bf:3b:90:94:fb:8d:82:0d:67:9d:ac:4d:c9:09:
ec:25:e0:64:b2:0a:d5:73:08:65:ee:58:bb:26:ee:7e:94:18:
d8:04:1f:6c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFgIMRD4goCrxOWPlABfe6D13o5UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzEwMjdaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDljM2Y0NzFhNDY5MmVlOTlmNmNhOTgyYTlkZjg0ZWY0MTcwOGFjNDUwZGE0
YmQyZTZjZjE2ZDc4ZTFhMWY3OTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKL1ZWwF6dA8L94YL2ACw6kIqex/KQBi8zq6scrFV7IJP2i96/Z7506cQYdv
AteSUxnPnA3iscDFaG35DCbH6EwmtlbGjxXYkcMr12mAoOhuz3SdYNx31aCllYG7
V1kpXzFMKRcdSDWTOBtK4+e9j3sDnpvJ8CyTdSx9mwY9UE9ND+eeJspS/8w1aFcP
naA7+hjD6GQAvGjoMZGE3gwmUpH4UIgh7Aq1lf92cJmVZXECvYoArFv4FXBiXo2h
riWTlqp4ARK1ZnxvAq1vGHYgLaSXPE1uoCVfgTlQC/loFnle5OiWJ45I6frSSecb
cz3bg6reqf7fm+CsbkKVghMko7sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRVwhgX
EffqFyM0gM4sRQUFJG4aOTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzE3NWU2YmEtNDg3OS00OGNjLWI0MjgtOWNkMGQ4OGExNTZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEI
wDANBgkqhkiG9w0BAQsFAAOCAQEAODrdA1ur+3qdRtmH/+0XzJtJ9zw8mxIl+G6E
t1UCoVjuoO6QgdrXo2k+Zl97Jr1nAWySkzdG2JeCc9Ig8CPeDZA5en2CBjWrC7Kl
+hFcWVXT8B/T+CWPmaH7pUinJlKiynUuzxVM4jlRYgE852XEpeDR/BCt+3Ys3omc
21Vl2mup+yQmV/5/xBDMmSNqFUKQbXqhWekogzmtWLCrqiTMyQ3qqs0OyqoIrORC
OP6VyG8yFRmjqa/YCW12EoRJsd/X6U3cDGyaIwksVr6Cp4JPPscE1dcKGh6Q++Q1
d787kJT7jYINZ52sTckJ7CXgZLIK1XMIZe5YuybufpQY2AQfbA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:59 2025 by rpki-client