Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa
File: 7cde858d-62b0-4607-8c80-6907e7e92d59.roa (raw, json)
Hash identifier: Z1GmLT+/ib/Ta3TT3b3jehgsp+LxIvHh7PskVvg32ys=
Subject key identifier: 4E:F2:BA:56:D5:1D:1F:D5:6B:F6:F8:33:12:3A:F5:0F:50:85:14:51
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0357A5A56A2F35CE47CC688C65D0C5588AB9FE51
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa
Signing time: Fri 25 Jul 2025 16:50:36 +0000
ROA not before: Fri 25 Jul 2025 16:50:36 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:57:a5:a5:6a:2f:35:ce:47:cc:68:8c:65:d0:c5:58:8a:b9:fe:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:50:36 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=8a1896606232b3731946de4e16adee0fa6e433eb2b1ed0546761c5b7273dce82, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0a:0a:1c:15:e7:00:11:cf:a4:46:3c:bb:ad:
c3:8f:d0:16:d2:a4:c5:77:96:37:c9:37:bd:cb:8b:
ee:ac:bf:b7:23:a6:6f:af:39:8b:f5:fe:24:f9:b5:
1b:80:51:64:f1:d8:f0:e0:16:a0:37:11:0e:07:43:
3e:6e:f7:04:d8:68:45:1f:78:b0:45:6b:e3:ef:07:
4a:ae:17:de:d6:33:ff:bf:ae:2f:de:97:7a:dd:40:
a6:03:de:d2:d4:d4:77:ca:5a:f3:e4:8e:f4:4c:35:
48:a0:ac:6f:ae:bf:72:18:39:a7:5f:5e:ef:f6:13:
30:4a:f8:38:7e:a6:a0:b0:d5:2a:c8:31:e1:b4:f3:
1e:ca:10:ce:7f:5f:48:2f:a6:e9:3d:c0:4f:7f:61:
8f:ff:95:21:08:7d:d7:7a:09:f9:3f:d1:70:66:9e:
b8:86:e5:78:40:69:43:91:83:d4:73:f1:82:65:c6:
00:da:4a:c4:d7:9d:e0:a6:8d:e2:dc:2c:56:2c:9b:
0a:a5:0a:ed:ad:48:49:a4:15:64:ca:f8:47:c8:fc:
40:94:55:64:56:ce:76:9d:7e:8c:41:bd:99:81:ed:
cf:2b:1b:43:10:64:e9:f7:28:9e:fe:43:38:53:3e:
d2:4c:49:80:42:34:2e:83:fa:11:2c:fe:99:0e:e9:
48:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:F2:BA:56:D5:1D:1F:D5:6B:F6:F8:33:12:3A:F5:0F:50:85:14:51
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:800::/40
Signature Algorithm: sha256WithRSAEncryption
4d:d5:d6:fc:00:f9:a1:dd:7d:e9:20:46:42:ec:b2:a8:70:39:
d9:5e:7f:a4:46:bf:56:bc:71:4a:2c:94:a7:3a:ca:bf:4e:4e:
47:79:2c:a2:82:90:86:0f:1a:d8:6f:3a:96:0d:ba:af:da:af:
c2:a1:c9:e8:89:eb:63:d3:b6:05:7f:88:ae:24:a0:b1:c6:74:
fc:9f:cb:e1:e9:1e:d7:6f:0a:5c:f9:ed:07:88:a4:67:5f:d7:
9b:7c:41:6d:2d:d2:ee:b2:57:47:02:61:36:63:3e:af:4c:e1:
90:3d:f8:22:f6:22:a0:f2:77:61:04:c6:4b:20:20:c6:94:0d:
06:d6:76:6d:8f:5b:74:38:c3:de:7d:c6:af:98:29:29:2e:78:
5a:d2:9d:ab:88:65:a4:18:33:4b:64:d9:10:b4:07:71:78:d3:
2f:da:b5:b8:25:51:15:bb:a0:44:69:eb:70:4d:df:bb:ac:0f:
ff:63:96:9e:a8:cb:9f:96:ca:dc:41:18:be:7e:67:7e:be:88:
49:28:3b:af:f5:4c:93:49:7a:eb:b9:56:42:c0:0b:9b:18:17:
a7:f2:20:e7:e2:16:23:ec:8f:f2:4c:25:e1:37:6d:47:ac:03:
83:23:02:b6:0d:03:09:cc:e5:b3:c5:1f:d4:80:f6:e1:90:47:
b0:38:5b:0d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUA1elpWovNc5HzGiMZdDFWIq5/lEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUwMzZaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhMTg5NjYwNjIzMmIzNzMxOTQ2ZGU0ZTE2YWRlZTBmYTZlNDMzZWIyYjFl
ZDA1NDY3NjFjNWI3MjczZGNlODIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOUKChwV5wARz6RGPLutw4/QFtKkxXeWN8k3vcuL7qy/tyOmb685i/X+JPm1
G4BRZPHY8OAWoDcRDgdDPm73BNhoRR94sEVr4+8HSq4X3tYz/7+uL96Xet1ApgPe
0tTUd8pa8+SO9Ew1SKCsb66/chg5p19e7/YTMEr4OH6moLDVKsgx4bTzHsoQzn9f
SC+m6T3AT39hj/+VIQh913oJ+T/RcGaeuIbleEBpQ5GD1HPxgmXGANpKxNed4KaN
4twsViybCqUK7a1ISaQVZMr4R8j8QJRVZFbOdp1+jEG9mYHtzysbQxBk6fconv5D
OFM+0kxJgEI0LoP6ESz+mQ7pSMECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRO8rpW
1R0f1Wv2+DMSOvUPUIUUUTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2NkZTg1OGQtNjJiMC00NjA3LThjODAtNjkwN2U3ZTkyZDU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkI
MA0GCSqGSIb3DQEBCwUAA4IBAQBN1db8APmh3X3pIEZC7LKocDnZXn+kRr9WvHFK
LJSnOsq/Tk5HeSyigpCGDxrYbzqWDbqv2q/Cocnoietj07YFf4iuJKCxxnT8n8vh
6R7Xbwpc+e0HiKRnX9ebfEFtLdLusldHAmE2Yz6vTOGQPfgi9iKg8ndhBMZLICDG
lA0G1nZtj1t0OMPefcavmCkpLnha0p2riGWkGDNLZNkQtAdxeNMv2rW4JVEVu6BE
aetwTd+7rA//Y5aeqMuflsrcQRi+fmd+vohJKDuv9UyTSXrruVZCwAubGBen8iDn
4hYj7I/yTCXhN21HrAODIwK2DQMJzOWzxR/UgPbhkEewOFsN
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:58:49 2025 by rpki-client