Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73745b45-c65b-482b-9e7a-25a90d279147.roa
File: 73745b45-c65b-482b-9e7a-25a90d279147.roa (raw, json)
Hash identifier: i3p3d5g/Og9vD6uDyRLyVDukP22Lzjq/rznfIYB3ZU4=
Subject key identifier: 2B:01:4C:53:69:6B:0F:88:FD:3C:D1:81:EE:22:95:99:D6:DC:89:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B4BC38F2440E8D9D57C7CA60F764A9524937399
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73745b45-c65b-482b-9e7a-25a90d279147.roa
Signing time: Wed 30 Jul 2025 20:07:25 +0000
ROA not before: Wed 30 Jul 2025 20:07:25 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:4b:c3:8f:24:40:e8:d9:d5:7c:7c:a6:0f:76:4a:95:24:93:73:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:07:25 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=80b9517894dbe48f230f1926b7f45b3dbd44ec760880f0798260d8ad507341ee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:10:2e:f8:e6:a9:4f:cc:52:a1:5e:5d:d7:d5:
a4:d0:a2:29:e3:a3:39:e2:bb:a4:dc:ac:d5:03:90:
b4:1f:92:f3:9c:b5:1d:c1:b9:b9:5d:e9:02:e2:73:
b6:1a:22:06:9b:23:d9:96:d1:d1:ed:88:cc:a2:ec:
db:d8:3a:86:c5:cb:2a:c6:23:bc:e2:e4:0d:a3:97:
0a:b4:37:8d:a1:24:7e:6e:07:4d:44:a9:17:d8:a0:
20:e0:f7:89:14:64:a6:a1:0a:25:54:02:6e:ec:46:
ed:da:07:a5:ef:21:af:2f:64:59:bc:88:0c:ac:49:
b1:87:f2:c3:1d:d3:1f:27:ac:14:bc:c4:26:2d:3a:
8a:db:47:87:56:79:8a:68:a5:2e:60:e8:0a:a2:7f:
c5:52:dc:73:5a:f6:34:a7:1c:25:ad:df:34:3b:3c:
ac:25:38:f7:50:d7:76:63:46:61:ac:e7:32:0b:9c:
d9:57:b7:82:d4:a7:18:b0:6e:07:9a:2e:bd:4d:66:
f0:e9:a1:18:7d:72:b6:28:e0:cc:a9:f4:45:a1:f6:
16:f4:83:f9:23:5e:37:bb:f8:c7:ec:67:45:e0:b8:
ed:8f:c0:9f:28:70:19:6d:93:2c:30:58:b5:95:5e:
62:c1:ff:e9:2c:e2:6a:af:cb:2a:0c:dc:c1:4f:72:
e4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:01:4C:53:69:6B:0F:88:FD:3C:D1:81:EE:22:95:99:D6:DC:89:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73745b45-c65b-482b-9e7a-25a90d279147.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:4000::/40
Signature Algorithm: sha256WithRSAEncryption
13:b8:c8:a2:96:29:41:f1:7f:f0:e4:b6:78:1f:5e:64:9c:60:
30:1b:77:9e:f9:fa:21:f4:d8:a9:bd:11:6f:93:63:af:66:3e:
6c:97:f3:b0:59:80:16:a8:f4:9b:94:d2:2d:60:42:15:9e:17:
51:38:43:1a:4c:5e:77:f9:f2:9e:45:fe:f4:9b:a7:2b:70:71:
60:d9:e0:eb:be:53:3b:3f:da:8a:8b:fa:ec:d1:37:5f:de:d9:
c3:a0:0a:69:c9:92:3f:28:fa:18:50:85:99:ec:37:25:2a:69:
6b:ad:6c:f8:13:6d:f7:92:b9:78:de:91:81:01:5d:39:04:a7:
e8:d1:0c:27:52:26:b7:5e:0c:ed:1b:d2:5f:15:01:b6:39:b2:
7d:eb:ae:47:6c:37:a2:33:4a:0a:8d:6c:8b:33:c5:60:55:06:
c6:72:12:cc:6b:e4:ae:f8:a8:8d:4d:fd:e1:c8:42:57:f9:50:
07:6b:63:38:3c:f0:e8:8a:90:97:9f:24:90:1f:21:af:9e:80:
35:f7:c6:c9:34:aa:ae:af:0f:4d:ee:d3:25:7d:65:9c:1a:4e:
96:6a:cd:4d:5e:80:6d:d7:99:2b:5c:3f:6c:76:1a:17:f9:2c:
34:5f:bd:ff:96:3b:dd:f9:0e:ec:d8:80:aa:bb:60:c7:22:e3:
3f:5f:43:24
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe0vDjyRA6NnVfHymD3ZKlSSTc5kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MzAyMDA3MjVaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwYjk1MTc4OTRkYmU0OGYyMzBmMTkyNmI3ZjQ1YjNkYmQ0NGVjNzYwODgw
ZjA3OTgyNjBkOGFkNTA3MzQxZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAQLvjmqU/MUqFeXdfVpNCiKeOjOeK7pNys1QOQtB+S85y1HcG5uV3pAuJz
thoiBpsj2ZbR0e2IzKLs29g6hsXLKsYjvOLkDaOXCrQ3jaEkfm4HTUSpF9igIOD3
iRRkpqEKJVQCbuxG7doHpe8hry9kWbyIDKxJsYfywx3THyesFLzEJi06ittHh1Z5
imilLmDoCqJ/xVLcc1r2NKccJa3fNDs8rCU491DXdmNGYaznMguc2Ve3gtSnGLBu
B5ouvU1m8OmhGH1ytijgzKn0RaH2FvSD+SNeN7v4x+xnReC47Y/AnyhwGW2TLDBY
tZVeYsH/6Sziaq/LKgzcwU9y5CkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQrAUxT
aWsPiP080YHuIpWZ1tyJMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM3NDViNDUtYzY1Yi00ODJiLTllN2EtMjVhOTBkMjc5MTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HtA
MA0GCSqGSIb3DQEBCwUAA4IBAQATuMiililB8X/w5LZ4H15knGAwG3ee+foh9Nip
vRFvk2OvZj5sl/OwWYAWqPSblNItYEIVnhdROEMaTF53+fKeRf70m6crcHFg2eDr
vlM7P9qKi/rs0Tdf3tnDoAppyZI/KPoYUIWZ7DclKmlrrWz4E233krl43pGBAV05
BKfo0QwnUia3XgztG9JfFQG2ObJ9665HbDeiM0oKjWyLM8VgVQbGchLMa+Su+KiN
Tf3hyEJX+VAHa2M4PPDoipCXnySQHyGvnoA198bJNKqurw9N7tMlfWWcGk6Was1N
XoBt15krXD9sdhoX+Sw0X73/ljvd+Q7s2ICqu2DHIuM/X0Mk
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:46 2025 by rpki-client