Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
File: 76526233-4062-463b-bfd0-bbe1d12891fa.roa (raw, json)
Hash identifier: KeNxMN9zAHDM3sbfjD7gc0EQ63K5CSadJ1OEnuBFkhI=
Subject key identifier: 52:AA:52:BE:F7:D7:69:5D:3E:D2:2F:BD:A6:C8:79:D6:56:97:4C:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6629EBEA9490F7F5E8D27EB8807B0014115C9531
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
Signing time: Tue 29 Jul 2025 18:30:15 +0000
ROA not before: Tue 29 Jul 2025 18:30:15 +0000
ROA not after: Tue 02 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:29:eb:ea:94:90:f7:f5:e8:d2:7e:b8:80:7b:00:14:11:5c:95:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 29 18:30:15 2025 GMT
Not After : Sep 2 23:59:59 2025 GMT
Subject: serialNumber=e760786cd2a83da6457c90435f5f1b11621ef6270aa9b28a7afff0c29f15b74a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a1:a8:f9:be:ad:50:97:38:77:f6:8f:5c:f4:
e6:03:ba:a1:ac:a2:54:b8:c2:bb:74:ec:83:c9:0c:
89:5b:c4:ec:4b:d6:48:06:ce:bf:8f:f2:38:96:cb:
79:18:14:7f:7a:ed:b7:29:23:e7:bd:66:28:4b:0c:
65:ee:a8:76:a8:4d:59:39:13:32:ea:2a:ac:81:f6:
9c:43:be:c6:2a:8a:83:7b:6f:25:62:c9:cb:7c:60:
30:93:52:f5:88:89:a0:32:2a:cc:35:f5:9e:cd:39:
d2:37:8c:1a:7c:89:6f:d5:6c:20:5c:2b:2e:13:9e:
09:df:dd:c9:00:06:28:ca:17:5e:1a:51:b9:c3:5a:
1c:51:b8:e3:a1:00:03:ce:cf:cd:f6:e6:a3:c2:4a:
25:0c:47:0a:01:42:76:67:13:d2:21:10:d2:37:95:
c0:58:39:b5:76:36:9f:e2:90:b9:7d:7e:27:40:b1:
d0:dd:48:b2:b6:e2:a7:52:af:3d:f7:1d:b8:dc:8f:
43:ee:0b:e7:c4:db:f5:43:29:df:c1:3e:d9:ad:91:
6f:02:0b:1f:ec:7b:ca:04:c3:2b:4b:c2:f6:93:59:
cc:57:16:d6:82:5d:47:8a:7a:e6:d2:55:52:c0:7e:
16:11:62:51:e3:8f:7d:30:90:ff:a8:a5:84:64:39:
14:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:AA:52:BE:F7:D7:69:5D:3E:D2:2F:BD:A6:C8:79:D6:56:97:4C:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76526233-4062-463b-bfd0-bbe1d12891fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4010::/48
Signature Algorithm: sha256WithRSAEncryption
6d:f8:cc:9b:45:69:0b:03:41:b9:27:39:93:7e:db:d4:1c:5d:
57:70:7e:d3:62:a8:00:b2:78:6a:3f:82:6e:a8:f3:bf:45:67:
dd:86:78:50:f7:d3:17:66:10:bd:6a:1c:49:65:ae:db:44:2e:
b4:76:f3:06:b4:87:f9:bc:31:a2:ca:3e:6a:b7:c2:54:80:c3:
c5:64:33:79:72:4f:8a:3e:bc:0e:73:db:02:e1:95:da:2f:6f:
a3:f2:08:d6:aa:fb:53:24:ba:34:49:2c:98:6d:15:5e:6d:c8:
f0:a5:8c:b7:f3:7c:59:b7:cb:3c:20:a1:fb:d3:4b:eb:11:2d:
45:dc:8d:4a:e9:fd:f2:b7:0a:ef:f0:50:6c:4d:fc:be:83:0a:
81:4e:30:05:f3:1a:b9:b3:65:12:c3:be:13:a2:7d:87:a8:e7:
71:6d:b9:2f:aa:0b:e6:08:be:d3:b5:09:9b:c8:0b:93:22:0f:
c6:d3:0f:55:95:d1:b4:a0:bd:64:a8:ed:17:46:84:2d:5f:57:
9a:1f:6d:2f:7d:83:50:7b:be:0e:8a:89:45:f3:74:b4:47:b2:
fc:2c:93:92:73:b4:0c:90:e4:a2:bb:14:cf:74:3f:94:78:26:
49:f1:55:68:00:cb:f2:dd:14:2d:6f:e2:d7:b7:8f:67:db:d5:
d3:47:5b:ab
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZinr6pSQ9/Xo0n64gHsAFBFclTEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjkxODMwMTVaFw0yNTA5MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3NjA3ODZjZDJhODNkYTY0NTdjOTA0MzVmNWYxYjExNjIxZWY2MjcwYWE5
YjI4YTdhZmZmMGMyOWYxNWI3NGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmhqPm+rVCXOHf2j1z05gO6oayiVLjCu3Tsg8kMiVvE7EvWSAbOv4/yOJbL
eRgUf3rttykj571mKEsMZe6odqhNWTkTMuoqrIH2nEO+xiqKg3tvJWLJy3xgMJNS
9YiJoDIqzDX1ns050jeMGnyJb9VsIFwrLhOeCd/dyQAGKMoXXhpRucNaHFG446EA
A87Pzfbmo8JKJQxHCgFCdmcT0iEQ0jeVwFg5tXY2n+KQuX1+J0Cx0N1Isrbip1Kv
PfcduNyPQ+4L58Tb9UMp38E+2a2RbwILH+x7ygTDK0vC9pNZzFcW1oJdR4p65tJV
UsB+FhFiUeOPfTCQ/6ilhGQ5FDsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRSqlK+
99dpXT7SL72myHnWVpdMajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzY1MjYyMzMtNDA2Mi00NjNiLWJmZDAtYmJlMWQxMjg5MWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
EDANBgkqhkiG9w0BAQsFAAOCAQEAbfjMm0VpCwNBuSc5k37b1BxdV3B+02KoALJ4
aj+Cbqjzv0Vn3YZ4UPfTF2YQvWocSWWu20QutHbzBrSH+bwxoso+arfCVIDDxWQz
eXJPij68DnPbAuGV2i9vo/II1qr7UyS6NEksmG0VXm3I8KWMt/N8WbfLPCCh+9NL
6xEtRdyNSun98rcK7/BQbE38voMKgU4wBfMaubNlEsO+E6J9h6jncW25L6oL5gi+
07UJm8gLkyIPxtMPVZXRtKC9ZKjtF0aELV9Xmh9tL32DUHu+DoqJRfN0tEey/CyT
knO0DJDkorsUz3Q/lHgmSfFVaADL8t0ULW/i17ePZ9vV00dbqw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:10:35 2025 by rpki-client