Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75900e8f-9582-4f56-8b92-09a50d5110f8.roa
File: 75900e8f-9582-4f56-8b92-09a50d5110f8.roa (raw, json)
Hash identifier: 8GQ2bTz8tuZVdxXZ4c4tp4GkAfRI4iTJdWkgRXWPVjI=
Subject key identifier: D5:8B:85:E8:0C:23:14:05:0C:8A:E8:A4:B2:36:D8:22:45:51:16:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24B3CA55D4B25BD07EB217161BE21F8C3E25823F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75900e8f-9582-4f56-8b92-09a50d5110f8.roa
Signing time: Mon 21 Jul 2025 16:51:43 +0000
ROA not before: Mon 21 Jul 2025 16:51:43 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:b3:ca:55:d4:b2:5b:d0:7e:b2:17:16:1b:e2:1f:8c:3e:25:82:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:51:43 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=cd2705e2b0b40d0f82613f101ff91709adab9db4334eb72f23f38f3753026e16, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b0:81:07:23:31:52:54:e8:59:58:57:3b:c8:
33:34:a9:92:ee:69:31:23:1f:90:c7:58:ae:b6:6e:
a1:76:0f:49:4b:8d:d0:60:07:f3:6d:d6:44:96:57:
85:bf:0a:a6:10:14:75:a1:2e:b8:59:da:54:0c:90:
dc:d8:ff:dd:ce:7c:c9:16:3b:e1:b0:a1:09:c7:97:
d2:0d:b6:56:88:62:b5:43:f2:34:3a:07:4a:32:3b:
69:ef:ec:0e:04:ba:08:eb:9e:8a:e4:d7:38:b7:7a:
00:fe:f6:ff:b7:c9:76:f0:3a:c4:1e:22:94:a0:f2:
df:e4:6b:af:85:e4:34:48:bf:67:9b:9a:15:95:93:
1d:95:c8:39:b7:2c:a0:81:1c:9f:c5:f6:07:e1:9e:
88:7a:ed:ec:1d:b4:c8:fa:69:8f:6b:2f:9c:6e:c5:
73:f8:66:f1:97:9b:b2:a1:0c:ce:24:16:e0:3b:94:
c7:c1:c0:35:6a:54:2a:e1:66:df:9c:26:06:aa:ab:
b1:ee:e8:36:da:c6:6a:71:cd:80:49:06:ef:d7:88:
98:ee:0b:88:9f:f6:8a:85:14:a9:ce:3b:74:7d:d7:
a7:cb:a9:66:f9:83:09:71:f8:aa:c4:c0:60:c2:b9:
60:78:d2:35:35:6d:29:38:6e:d7:c4:f9:eb:fb:0b:
37:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:8B:85:E8:0C:23:14:05:0C:8A:E8:A4:B2:36:D8:22:45:51:16:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75900e8f-9582-4f56-8b92-09a50d5110f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:a000::/40
Signature Algorithm: sha256WithRSAEncryption
0c:7b:86:48:45:25:fb:93:2c:eb:ae:51:0d:42:9f:7c:96:a9:
4a:06:2f:0d:ef:0c:d4:ee:a2:8c:0b:48:87:db:f4:6a:d7:55:
7b:17:25:3f:e1:b9:c5:13:e8:3c:aa:aa:3f:8d:5e:d7:e6:09:
b7:2f:fc:f2:d5:d8:72:19:7e:fc:8a:77:87:31:80:a9:d3:b4:
ac:46:06:bf:55:82:af:19:fa:50:da:a0:6c:72:d5:92:2a:61:
ce:be:b6:9e:85:eb:48:c2:80:d5:35:d4:0f:f0:98:29:b5:7a:
fa:64:a3:cc:39:9f:c6:e8:6b:0e:1f:7e:1b:bb:44:bc:cc:68:
1f:17:53:34:de:4e:02:c2:62:2b:4c:82:c1:6f:00:65:a6:26:
0e:04:3e:04:3f:f1:2f:22:57:38:70:d4:bb:cc:cb:4d:07:09:
ea:79:50:9a:dc:e8:cd:2f:78:77:7e:e5:6f:63:53:93:ce:c9:
f3:9e:c9:67:13:bc:80:f0:f3:8b:96:6b:5f:50:11:27:ce:de:
1c:72:97:55:93:54:1f:b9:83:34:3c:95:dc:8e:61:69:91:69:
8d:7f:68:78:7f:5e:e8:f3:e1:83:be:9e:b1:68:9e:b7:e0:0f:
68:46:26:8b:c6:b7:55:d6:ee:1e:26:d2:a9:0d:77:e5:a5:c8:
4d:09:78:21
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJLPKVdSyW9B+shcWG+IfjD4lgj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjUxNDNaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkMjcwNWUyYjBiNDBkMGY4MjYxM2YxMDFmZjkxNzA5YWRhYjlkYjQzMzRl
YjcyZjIzZjM4ZjM3NTMwMjZlMTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN+wgQcjMVJU6FlYVzvIMzSpku5pMSMfkMdYrrZuoXYPSUuN0GAH823WRJZX
hb8KphAUdaEuuFnaVAyQ3Nj/3c58yRY74bChCceX0g22VohitUPyNDoHSjI7ae/s
DgS6COueiuTXOLd6AP72/7fJdvA6xB4ilKDy3+Rrr4XkNEi/Z5uaFZWTHZXIObcs
oIEcn8X2B+GeiHrt7B20yPppj2svnG7Fc/hm8ZebsqEMziQW4DuUx8HANWpUKuFm
35wmBqqrse7oNtrGanHNgEkG79eImO4LiJ/2ioUUqc47dH3Xp8upZvmDCXH4qsTA
YMK5YHjSNTVtKThu18T56/sLN6ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVi4Xo
DCMUBQyK6KSyNtgiRVEWpjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzU5MDBlOGYtOTU4Mi00ZjU2LThiOTItMDlhNTBkNTExMGY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HOg
MA0GCSqGSIb3DQEBCwUAA4IBAQAMe4ZIRSX7kyzrrlENQp98lqlKBi8N7wzU7qKM
C0iH2/Rq11V7FyU/4bnFE+g8qqo/jV7X5gm3L/zy1dhyGX78ineHMYCp07SsRga/
VYKvGfpQ2qBsctWSKmHOvraehetIwoDVNdQP8JgptXr6ZKPMOZ/G6GsOH34bu0S8
zGgfF1M03k4CwmIrTILBbwBlpiYOBD4EP/EvIlc4cNS7zMtNBwnqeVCa3OjNL3h3
fuVvY1OTzsnznslnE7yA8POLlmtfUBEnzt4ccpdVk1QfuYM0PJXcjmFpkWmNf2h4
f17o8+GDvp6xaJ634A9oRiaLxrdV1u4eJtKpDXflpchNCXgh
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:57:04 2025 by rpki-client