Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
File: 74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa (raw, json)
Hash identifier: v/nKuAwaGwiqk9VwmDs6wV53X21ctY6qJJ3bUnf6Xu8=
Subject key identifier: A4:82:C5:F3:1C:52:72:D2:58:F8:A9:51:1A:3E:A4:6E:6A:17:B1:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 185D936531A746A2667E737EAF60005428046F6A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
Signing time: Fri 01 Aug 2025 17:10:29 +0000
ROA not before: Fri 01 Aug 2025 17:10:29 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:5d:93:65:31:a7:46:a2:66:7e:73:7e:af:60:00:54:28:04:6f:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:10:29 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=acfdc2e4d6a4410c13541b6e32691eadb2b317dfaef45730b50b2bd36c42f685, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a9:cd:83:fb:60:8d:1b:e7:1b:55:26:f7:4e:
3e:ce:f6:13:1e:d9:7c:4a:14:5a:f0:d1:c8:ad:8b:
20:2b:82:1b:15:43:c9:cf:b3:da:b1:d9:52:1c:0f:
25:38:1b:5d:98:dd:74:2a:d3:3a:32:51:1f:ee:cd:
89:df:e1:82:4c:ef:a6:a8:8c:c2:2c:e8:c2:6e:72:
2e:15:76:d9:90:88:14:ae:11:d7:eb:32:fb:0a:a6:
31:0d:80:b1:51:20:a2:c7:b5:fa:80:03:ac:7c:de:
d8:f7:8c:a9:77:53:cc:8a:16:ea:04:1e:57:74:93:
44:4b:03:33:fe:9d:ba:81:62:4f:d0:51:7f:fc:ea:
b8:83:b5:b1:53:d6:a4:56:30:54:41:26:4d:3a:d2:
35:1a:54:aa:dd:8a:80:11:5b:3a:9a:37:e1:e3:ce:
fb:f3:fc:82:ae:f9:c2:1f:89:bb:f3:52:45:98:fe:
0d:f2:7c:dd:8e:3b:4c:8d:6a:f7:69:55:ad:7a:88:
03:47:1a:f4:f1:03:3f:95:d6:37:72:26:79:93:5c:
4b:74:19:44:39:81:88:f4:34:6c:84:a8:47:e8:38:
92:78:10:53:3e:1a:0d:9d:1d:21:31:d8:73:d5:01:
62:16:df:da:70:5b:86:db:8a:8e:4f:aa:2a:28:9c:
35:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:82:C5:F3:1C:52:72:D2:58:F8:A9:51:1A:3E:A4:6E:6A:17:B1:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:880::/48
Signature Algorithm: sha256WithRSAEncryption
6d:58:58:89:dc:05:bc:e3:b5:e8:3a:ee:71:00:50:7d:ab:cb:
18:56:8c:1b:03:54:4f:85:f1:25:77:9d:4f:01:ce:6c:2e:41:
d6:42:cb:9f:c7:ba:a3:ea:a4:e2:aa:62:6e:f1:e9:d8:d5:5f:
a7:c1:a7:0f:87:5f:5e:c1:46:b2:7e:00:ce:21:c6:23:80:a6:
88:f8:4f:37:c4:2f:20:c5:cb:2d:af:b7:be:c3:a6:71:aa:7a:
30:f9:03:6c:79:93:89:9d:26:52:9f:37:fb:3b:f1:69:e7:8e:
17:ca:bd:75:d9:ac:85:00:79:04:2a:2c:64:e1:c8:55:58:06:
d0:40:6b:de:4b:cc:a7:36:84:01:8b:b1:51:d8:60:56:80:38:
46:aa:ea:4d:cc:11:5f:54:e6:ed:62:a0:7d:79:57:86:9b:25:
82:70:b5:fe:a2:0d:3e:26:91:ab:7e:3c:42:c0:3d:05:79:51:
87:a8:34:43:d5:2b:22:94:56:aa:fd:51:55:8e:ae:ed:ce:bb:
e1:06:1c:1b:82:23:b2:52:88:93:72:08:22:01:3f:c4:dd:aa:
e1:b1:ab:9b:52:10:5a:82:84:44:bf:7b:eb:18:d0:1c:26:08:
fd:9a:7a:a5:5e:5d:42:46:d9:1a:9c:6d:56:96:72:ce:bf:78:
84:1f:71:bc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGF2TZTGnRqJmfnN+r2AAVCgEb2owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzEwMjlaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjZmRjMmU0ZDZhNDQxMGMxMzU0MWI2ZTMyNjkxZWFkYjJiMzE3ZGZhZWY0
NTczMGI1MGIyYmQzNmM0MmY2ODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALupzYP7YI0b5xtVJvdOPs72Ex7ZfEoUWvDRyK2LICuCGxVDyc+z2rHZUhwP
JTgbXZjddCrTOjJRH+7Nid/hgkzvpqiMwizowm5yLhV22ZCIFK4R1+sy+wqmMQ2A
sVEgose1+oADrHze2PeMqXdTzIoW6gQeV3STREsDM/6duoFiT9BRf/zquIO1sVPW
pFYwVEEmTTrSNRpUqt2KgBFbOpo34ePO+/P8gq75wh+Ju/NSRZj+DfJ83Y47TI1q
92lVrXqIA0ca9PEDP5XWN3ImeZNcS3QZRDmBiPQ0bISoR+g4kngQUz4aDZ0dITHY
c9UBYhbf2nBbhtuKjk+qKiicNesCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSkgsXz
HFJy0lj4qVEaPqRuahexADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzRmNDFjYzktYmEwZS00NmQ5LWE3NzQtNDVmNmEwMzBhM2Y0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DgI
gDANBgkqhkiG9w0BAQsFAAOCAQEAbVhYidwFvOO16DrucQBQfavLGFaMGwNUT4Xx
JXedTwHObC5B1kLLn8e6o+qk4qpibvHp2NVfp8GnD4dfXsFGsn4AziHGI4CmiPhP
N8QvIMXLLa+3vsOmcap6MPkDbHmTiZ0mUp83+zvxaeeOF8q9ddmshQB5BCosZOHI
VVgG0EBr3kvMpzaEAYuxUdhgVoA4RqrqTcwRX1Tm7WKgfXlXhpslgnC1/qINPiaR
q348QsA9BXlRh6g0Q9UrIpRWqv1RVY6u7c674QYcG4IjslKIk3IIIgE/xN2q4bGr
m1IQWoKERL976xjQHCYI/Zp6pV5dQkbZGpxtVpZyzr94hB9xvA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:57:39 2025 by rpki-client