Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
File: 7a025e69-9e3e-460c-9734-42e9bd14485c.roa (raw, json)
Hash identifier: rg8PhZ02TrnU9oy5/zbL7s7YVfZPXLHf0wTx3ItUrxw=
Subject key identifier: 70:F7:8D:09:FE:B9:62:E3:57:F4:14:C9:0B:85:4B:BF:3E:F7:75:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07800438B25042DAB44C95274B43C8B94EEDF0DD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
Signing time: Mon 28 Jul 2025 16:11:14 +0000
ROA not before: Mon 28 Jul 2025 16:11:14 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:80:04:38:b2:50:42:da:b4:4c:95:27:4b:43:c8:b9:4e:ed:f0:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:11:14 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=9a9a556257ad7c801f85bb394adf74cfdf49b653841fedd4d6931729757086d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d9:62:b2:64:5c:c4:81:81:d8:98:64:dc:94:
ae:cb:5f:f6:be:44:ff:58:76:04:2d:42:b7:dd:d9:
a5:14:05:59:f1:db:ef:8d:1c:f6:4e:b2:e6:73:a2:
dd:8e:64:ee:4b:e8:03:e7:fe:b5:01:9f:2a:3c:e8:
b4:cf:97:82:ff:4a:e5:ac:ec:35:17:38:28:c0:bb:
75:11:94:d2:8c:df:3b:89:74:1b:37:bb:fc:b7:37:
29:c8:af:4f:b9:12:c8:4f:c2:01:0e:26:88:0e:5c:
63:98:83:49:ba:34:02:e3:54:cd:f3:be:21:f0:9a:
52:e2:f0:9b:ed:49:dc:79:5e:db:d7:39:36:d2:61:
1e:35:54:02:4a:c7:4e:be:db:15:f6:1f:f0:6a:46:
55:b2:d5:8a:fc:6d:52:49:e0:9c:a4:b6:3f:84:49:
85:66:67:f8:39:23:67:53:fd:fe:5f:8d:9a:96:0f:
41:af:e4:53:bd:5b:51:a1:cc:a0:8d:21:6c:b0:27:
bd:50:3e:a7:2f:32:34:4e:09:5a:d9:48:80:0a:37:
87:fd:23:a6:bc:2f:21:2f:b7:bf:81:86:a6:c5:fe:
eb:ae:d6:50:33:11:58:aa:f7:64:9d:23:df:7f:b2:
45:6d:5c:be:f5:13:14:d0:e3:2f:ce:47:11:91:2f:
5a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:F7:8D:09:FE:B9:62:E3:57:F4:14:C9:0B:85:4B:BF:3E:F7:75:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:6000::/40
Signature Algorithm: sha256WithRSAEncryption
75:1d:b5:c6:79:dc:d2:db:55:23:de:10:a6:19:ba:34:7a:ef:
f1:d2:58:36:96:d2:fa:f0:0e:1d:24:8a:5c:5b:7c:1d:40:92:
17:26:70:fd:c3:70:fb:ff:cf:86:92:80:f1:b0:72:9a:8e:79:
80:11:b7:e7:8e:18:49:79:d3:a4:06:07:5d:93:30:18:b9:f9:
09:f0:54:85:8b:38:ff:05:e9:c8:96:88:82:38:c9:6c:99:07:
be:a2:3e:5f:8a:45:97:8e:73:7e:21:fa:33:f5:38:aa:15:32:
d8:08:77:2b:d0:7b:0a:2f:d0:b5:84:85:fa:e1:ea:f7:7e:5a:
df:89:8b:4a:02:8e:51:49:e3:d9:00:e1:a3:c1:2a:66:d5:88:
d7:e4:19:51:a7:08:0a:fc:1d:2b:4d:c3:0f:50:a9:0e:76:ed:
d5:30:a7:d0:9a:ac:c1:c2:19:c7:8a:ac:02:93:cd:d4:95:11:
66:2a:0d:a3:03:c8:e9:89:af:79:6b:88:8c:da:cc:90:97:9d:
43:82:81:7a:07:5a:bb:54:bc:f9:2d:46:e5:da:77:12:48:58:
25:e4:92:b2:a5:e2:c5:0c:a5:01:4c:08:fc:d0:b8:95:92:9d:
a8:ec:71:61:55:96:9d:4d:89:89:a7:d4:19:d3:32:8f:c8:fe:
fb:16:08:1f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUB4AEOLJQQtq0TJUnS0PIuU7t8N0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjExMTRaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhOWE1NTYyNTdhZDdjODAxZjg1YmIzOTRhZGY3NGNmZGY0OWI2NTM4NDFm
ZWRkNGQ2OTMxNzI5NzU3MDg2ZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHZYrJkXMSBgdiYZNyUrstf9r5E/1h2BC1Ct93ZpRQFWfHb740c9k6y5nOi
3Y5k7kvoA+f+tQGfKjzotM+Xgv9K5azsNRc4KMC7dRGU0ozfO4l0Gze7/Lc3Kciv
T7kSyE/CAQ4miA5cY5iDSbo0AuNUzfO+IfCaUuLwm+1J3Hle29c5NtJhHjVUAkrH
Tr7bFfYf8GpGVbLVivxtUkngnKS2P4RJhWZn+DkjZ1P9/l+NmpYPQa/kU71bUaHM
oI0hbLAnvVA+py8yNE4JWtlIgAo3h/0jprwvIS+3v4GGpsX+667WUDMRWKr3ZJ0j
33+yRW1cvvUTFNDjL85HEZEvWssCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRw940J
/rli41f0FMkLhUu/Pvd1JjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2EwMjVlNjktOWUzZS00NjBjLTk3MzQtNDJlOWJkMTQ0ODVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBg
MA0GCSqGSIb3DQEBCwUAA4IBAQB1HbXGedzS21Uj3hCmGbo0eu/x0lg2ltL68A4d
JIpcW3wdQJIXJnD9w3D7/8+GkoDxsHKajnmAEbfnjhhJedOkBgddkzAYufkJ8FSF
izj/BenIloiCOMlsmQe+oj5fikWXjnN+Ifoz9TiqFTLYCHcr0HsKL9C1hIX64er3
flrfiYtKAo5RSePZAOGjwSpm1YjX5BlRpwgK/B0rTcMPUKkOdu3VMKfQmqzBwhnH
iqwCk83UlRFmKg2jA8jpia95a4iM2syQl51DgoF6B1q7VLz5LUbl2ncSSFgl5JKy
peLFDKUBTAj80LiVkp2o7HFhVZadTYmJp9QZ0zKPyP77Fggf
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:13 2025 by rpki-client