Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
File: 739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa (raw, json)
Hash identifier: UyGlE2sNPGCN1Y7kFVSK3Qq0YgyxB2cCxgu7u9WftxI=
Subject key identifier: 4B:CB:C1:55:F6:3F:D8:15:9A:0F:90:41:09:4B:FD:7A:85:AB:EB:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: ABFCD815F413C546684FAB031D516E519285EF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
Signing time: Fri 11 Jul 2025 20:30:21 +0000
ROA not before: Fri 11 Jul 2025 20:30:21 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
ab:fc:d8:15:f4:13:c5:46:68:4f:ab:03:1d:51:6e:51:92:85:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:30:21 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=b75f6a8f0107c7400c7e2cbd0911cfbcff6582c8b701e8298ed64d0aa847a08b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fe:fb:e9:69:b3:50:a8:e5:a5:c8:e9:66:f1:
8c:db:cb:57:a2:cd:d5:9f:1d:50:fc:0e:86:16:90:
e4:a4:eb:c2:82:66:ef:0e:91:ed:19:bd:b9:63:cf:
fc:ac:fc:90:7b:3e:4d:21:23:93:9a:85:9e:e0:e0:
2e:7d:db:ac:4b:69:9b:e6:a5:e1:8e:68:24:db:d5:
70:c7:48:61:65:76:79:23:79:38:d0:9c:06:11:9d:
e3:bd:50:3a:35:79:c4:d1:bd:ef:4f:48:f2:e7:b0:
a1:af:c6:e2:b5:0e:9e:2c:59:3d:3d:4c:a9:7d:e6:
e3:2a:ef:b4:d3:6a:7a:7e:73:b2:55:99:a8:20:82:
f2:1a:92:c2:c5:46:50:ab:45:af:16:7c:f9:5e:b2:
56:a2:f0:28:f8:09:ad:91:86:6a:30:90:49:3b:70:
53:74:a9:e1:ed:41:46:f9:6f:fa:a9:98:d4:61:5d:
97:c5:68:41:86:66:0d:98:8e:95:2d:67:37:1e:7e:
d9:31:67:3f:f1:86:5d:ed:f6:b3:2c:7b:b1:76:d1:
c4:44:6e:d9:6f:d1:59:65:93:87:6d:73:00:11:3f:
0f:62:63:0d:c1:92:c3:8f:87:00:2c:72:50:81:c4:
b6:51:dd:46:46:c6:20:82:74:02:ea:6a:8f:96:32:
64:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:CB:C1:55:F6:3F:D8:15:9A:0F:90:41:09:4B:FD:7A:85:AB:EB:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:9000::/40
Signature Algorithm: sha256WithRSAEncryption
40:22:95:56:11:2d:12:ff:55:3c:32:03:92:b5:d9:41:e2:58:
1b:66:db:f2:72:22:a8:e5:9b:2c:b3:3c:a8:01:9b:59:39:74:
f9:15:45:33:05:ad:30:a5:04:71:e6:f7:8c:05:ea:2d:c5:b1:
0d:a4:c3:b0:4b:05:a9:8f:cc:7b:88:cf:27:f4:01:37:2f:2f:
77:5f:c7:6b:f6:98:d9:35:f9:89:7c:a9:a1:63:a8:57:ca:d3:
ff:b2:2a:9e:23:ff:0e:9f:a7:06:ae:ea:73:26:5d:e8:35:3b:
a5:98:17:3a:e4:69:44:25:fd:c6:c0:f1:c1:71:4f:e1:e4:5c:
39:06:9a:ec:5c:5c:23:81:72:74:47:3e:30:fd:71:7e:bd:df:
80:4b:67:53:42:d3:f9:86:27:69:2f:8a:01:a5:b7:ec:ee:7a:
6a:4b:c6:c1:35:a9:07:2e:8a:89:50:9d:58:cb:ce:72:c5:49:
e7:50:74:88:bb:f5:10:39:be:fc:e8:70:14:e6:55:86:02:fd:
6b:45:22:03:f1:d1:f7:22:b7:37:5f:56:da:e3:9d:56:d1:f1:
7c:06:69:d1:62:2c:68:38:ac:e9:09:b6:7f:25:c3:90:95:ac:
2e:50:32:bc:41:8e:c4:e1:f6:d6:7c:02:de:9a:57:02:8f:5f:
8a:7b:c1:39
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAKv82BX0E8VGaE+rAx1RblGShe8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMwMjFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3NWY2YThmMDEwN2M3NDAwYzdlMmNiZDA5MTFjZmJjZmY2NTgyYzhiNzAx
ZTgyOThlZDY0ZDBhYTg0N2EwOGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALT+++lps1Co5aXI6WbxjNvLV6LN1Z8dUPwOhhaQ5KTrwoJm7w6R7Rm9uWPP
/Kz8kHs+TSEjk5qFnuDgLn3brEtpm+al4Y5oJNvVcMdIYWV2eSN5ONCcBhGd471Q
OjV5xNG9709I8uewoa/G4rUOnixZPT1MqX3m4yrvtNNqen5zslWZqCCC8hqSwsVG
UKtFrxZ8+V6yVqLwKPgJrZGGajCQSTtwU3Sp4e1BRvlv+qmY1GFdl8VoQYZmDZiO
lS1nNx5+2TFnP/GGXe32syx7sXbRxERu2W/RWWWTh21zABE/D2JjDcGSw4+HACxy
UIHEtlHdRkbGIIJ0Aupqj5YyZJkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRLy8FV
9j/YFZoPkEEJS/16havrhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM5ZDhiMDgtZjgyYi00YTJhLTg0MWMtMmZhZjdhMzMxZmZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBAIpVWES0S/1U8MgOStdlB4lgbZtvyciKo5Zss
szyoAZtZOXT5FUUzBa0wpQRx5veMBeotxbENpMOwSwWpj8x7iM8n9AE3Ly93X8dr
9pjZNfmJfKmhY6hXytP/siqeI/8On6cGrupzJl3oNTulmBc65GlEJf3GwPHBcU/h
5Fw5BprsXFwjgXJ0Rz4w/XF+vd+AS2dTQtP5hidpL4oBpbfs7npqS8bBNakHLoqJ
UJ1Yy85yxUnnUHSIu/UQOb786HAU5lWGAv1rRSID8dH3Irc3X1ba451W0fF8BmnR
YixoOKzpCbZ/JcOQlawuUDK8QY7E4fbWfALemlcCj1+Ke8E5
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:09 2025 by rpki-client