Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/773f4606-0d98-4350-9ccd-3aba599136ef.roa
File: 773f4606-0d98-4350-9ccd-3aba599136ef.roa (raw, json)
Hash identifier: cQS+34qqcSCSDN5ezyS2AUOazfSJsRA8k56CyEiVafs=
Subject key identifier: 16:22:C9:81:14:A1:83:86:5D:94:8B:38:6F:C6:60:24:E2:40:18:12
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 489090BE61D355CCF72628A2C31ED48AC6F1983E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/773f4606-0d98-4350-9ccd-3aba599136ef.roa
Signing time: Fri 01 Aug 2025 17:10:56 +0000
ROA not before: Fri 01 Aug 2025 17:10:56 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:90:90:be:61:d3:55:cc:f7:26:28:a2:c3:1e:d4:8a:c6:f1:98:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:10:56 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=6adda48dddb2e4db5839b880f249b9b1249011c3aa1984c2681fab6d9255d5ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bb:78:c4:54:3b:47:47:db:04:32:d1:33:cf:
77:59:b1:7d:4f:ad:cb:1b:44:4e:5e:37:29:de:01:
20:69:3c:68:97:69:1e:2e:87:66:88:72:24:e8:ff:
9c:d1:b8:a8:3c:04:6a:5e:09:23:19:a1:a5:b1:02:
a4:cd:f4:d7:c7:1f:3b:3c:27:99:e0:b9:db:2d:a1:
6e:c1:f3:43:82:7a:f0:d3:64:af:46:3d:95:4e:16:
8d:0e:05:d0:52:ae:15:d5:d2:be:11:06:6e:78:62:
b1:4a:e0:84:93:be:2b:7f:ec:73:87:eb:d1:f1:cf:
b3:38:12:8e:0e:32:1d:72:d3:1d:5c:1f:55:60:6f:
35:c6:09:bb:fe:3a:6f:12:d4:7b:70:ec:ee:35:b2:
ba:5e:d1:c7:c4:d1:3a:fd:ab:67:0b:f9:8e:f8:7b:
47:e6:e2:34:1a:cd:48:92:06:34:4c:e4:4e:be:0d:
c9:2f:8d:b4:dd:a9:20:85:9b:ef:49:c1:c5:a8:f6:
94:b5:a7:e2:ea:38:c0:b6:72:3d:67:20:49:d4:5d:
69:bd:c4:b7:eb:84:14:a2:b2:50:66:5a:ad:85:19:
1b:db:f4:2a:56:e0:9b:e7:cc:b0:80:7c:df:22:c0:
0c:ff:28:9c:1c:ea:2d:fb:66:60:96:82:05:13:fa:
08:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:22:C9:81:14:A1:83:86:5D:94:8B:38:6F:C6:60:24:E2:40:18:12
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/773f4606-0d98-4350-9ccd-3aba599136ef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:800::/40
Signature Algorithm: sha256WithRSAEncryption
26:ff:de:53:01:02:11:0d:93:e9:c9:26:07:7d:27:6d:ce:80:
71:96:a9:ee:cb:d3:55:44:01:3b:80:6d:7d:7e:d1:2d:0f:61:
b3:06:01:bd:a6:cc:97:fa:47:70:37:57:d1:96:d1:5c:d4:c8:
54:51:0f:e3:ed:77:7a:bb:97:37:e5:27:69:e3:64:fd:10:fe:
6f:16:4f:93:f6:83:c2:c7:9e:0f:3e:4c:17:ca:16:2d:cf:44:
2d:b6:f8:ce:b1:20:c0:63:3a:65:09:ee:c9:0d:d6:34:f3:8f:
1b:b9:ef:47:91:3e:d1:0f:a1:4f:b0:ed:9c:4f:20:8b:ce:40:
a3:1c:da:ff:f8:0c:9f:cb:ef:d5:ec:56:34:20:0a:1a:7c:45:
b8:0a:e9:b5:30:6a:93:66:5a:cc:a7:49:9c:d3:af:18:0a:d3:
2f:4d:4d:c3:9c:08:fe:83:60:a4:82:4f:fd:84:a3:19:78:df:
73:3b:92:ea:25:c8:3f:2f:ff:8b:67:f8:e7:92:22:40:65:65:
c3:74:a3:81:85:22:21:66:e3:13:65:3b:04:9f:58:62:8c:d6:
18:b6:89:90:a7:bb:d2:ac:7f:c5:c0:62:96:4d:dc:fb:21:d8:
04:cc:34:89:3b:58:60:71:6f:30:31:68:37:30:66:b2:d2:d6:
52:80:e3:83
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSJCQvmHTVcz3Jiiiwx7UisbxmD4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzEwNTZaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhZGRhNDhkZGRiMmU0ZGI1ODM5Yjg4MGYyNDliOWIxMjQ5MDExYzNhYTE5
ODRjMjY4MWZhYjZkOTI1NWQ1ZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALS7eMRUO0dH2wQy0TPPd1mxfU+tyxtETl43Kd4BIGk8aJdpHi6HZohyJOj/
nNG4qDwEal4JIxmhpbECpM3018cfOzwnmeC52y2hbsHzQ4J68NNkr0Y9lU4WjQ4F
0FKuFdXSvhEGbnhisUrghJO+K3/sc4fr0fHPszgSjg4yHXLTHVwfVWBvNcYJu/46
bxLUe3Ds7jWyul7Rx8TROv2rZwv5jvh7R+biNBrNSJIGNEzkTr4NyS+NtN2pIIWb
70nBxaj2lLWn4uo4wLZyPWcgSdRdab3Et+uEFKKyUGZarYUZG9v0Klbgm+fMsIB8
3yLADP8onBzqLftmYJaCBRP6CJECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWIsmB
FKGDhl2UizhvxmAk4kAYEjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzczZjQ2MDYtMGQ5OC00MzUwLTljY2QtM2FiYTU5OTEzNmVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DgI
MA0GCSqGSIb3DQEBCwUAA4IBAQAm/95TAQIRDZPpySYHfSdtzoBxlqnuy9NVRAE7
gG19ftEtD2GzBgG9psyX+kdwN1fRltFc1MhUUQ/j7Xd6u5c35Sdp42T9EP5vFk+T
9oPCx54PPkwXyhYtz0QttvjOsSDAYzplCe7JDdY0848bue9HkT7RD6FPsO2cTyCL
zkCjHNr/+Ayfy+/V7FY0IAoafEW4Cum1MGqTZlrMp0mc068YCtMvTU3DnAj+g2Ck
gk/9hKMZeN9zO5LqJcg/L/+LZ/jnkiJAZWXDdKOBhSIhZuMTZTsEn1hijNYYtomQ
p7vSrH/FwGKWTdz7IdgEzDSJO1hgcW8wMWg3MGay0tZSgOOD
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:41 2025 by rpki-client