Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
File: 7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa (raw, json)
Hash identifier: B5QQopWQw4rUD42AIivw7shOh1xwuYvXTp3r/GJLQTg=
Subject key identifier: 04:4C:51:CC:33:96:37:F2:03:82:25:93:F7:B3:FB:48:51:AC:EE:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 410DAAF6DECED3DB16AE5112BFFE7CB8A55C7635
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
Signing time: Fri 01 Aug 2025 17:10:57 +0000
ROA not before: Fri 01 Aug 2025 17:10:57 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:0d:aa:f6:de:ce:d3:db:16:ae:51:12:bf:fe:7c:b8:a5:5c:76:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:10:57 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=d7192effcfc6bf03f007a6f78187c4153dc0043a9c769331e71db7b9b3d0ec12, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:80:18:d2:51:af:54:82:d4:71:7a:da:6c:a0:
2b:dc:3f:d2:69:1a:3f:bf:f6:7e:03:10:86:ce:34:
26:95:bc:76:9f:af:be:3b:43:3a:6f:68:ef:47:42:
c3:9d:9f:3e:fa:05:8f:f1:28:4e:bf:5c:89:73:82:
d9:e0:b9:9d:8d:3d:70:a4:c5:e4:e9:16:78:0d:fb:
3f:3e:75:a1:7a:13:65:0f:f3:00:c7:cb:72:25:c2:
c3:cc:73:aa:e9:1b:63:89:d1:ee:45:fa:56:d4:2d:
af:73:20:5b:59:b0:7e:54:e1:f5:0e:46:61:5f:7d:
03:1d:c1:29:9d:f5:98:bb:5e:f7:96:82:07:03:1f:
93:f5:a1:87:5e:e1:30:ab:83:0c:c0:cf:a8:f9:c3:
f1:af:bc:3a:87:1e:cd:0d:7d:b2:fa:0a:34:58:1c:
71:3c:91:da:99:90:48:13:fa:fc:04:52:9e:a0:de:
48:01:f8:3a:2a:87:9a:f1:23:2a:9c:de:17:9b:1a:
d9:23:a6:12:c8:ec:ca:7e:63:bf:36:27:69:d1:cf:
04:80:7b:22:77:51:68:e7:41:0d:59:d5:a6:11:f6:
a6:31:70:51:82:ff:48:a9:d7:d3:37:35:51:44:54:
9b:0b:68:09:68:d6:9f:f2:fa:d6:5a:53:71:bf:60:
d7:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:4C:51:CC:33:96:37:F2:03:82:25:93:F7:B3:FB:48:51:AC:EE:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038::/32
Signature Algorithm: sha256WithRSAEncryption
51:63:dd:e8:e6:d2:16:de:52:10:c7:a7:c2:b4:55:36:43:e6:
65:a1:b1:20:5f:b0:92:fa:87:84:e9:1c:fb:b6:46:5c:1c:58:
94:5b:e7:21:1d:e0:ac:81:ab:b2:08:cb:57:e3:bf:23:d0:76:
97:f8:75:69:72:e6:3c:b6:23:b6:f9:38:5d:bd:02:71:5c:f4:
7a:39:1e:7a:87:4c:4e:4d:58:b2:47:63:33:8f:ff:dd:03:22:
a8:a9:c0:30:d1:92:43:73:f5:00:9a:f4:08:f1:56:21:ff:03:
9e:20:5d:33:26:a3:c4:92:fe:3b:6e:58:66:51:66:20:fc:44:
b3:c0:44:3a:cc:57:12:eb:a5:71:34:d7:20:3a:5f:17:49:ed:
14:ff:1a:eb:06:93:b0:9f:b8:f3:22:c1:67:52:ff:2d:d4:49:
c4:ae:b2:c1:64:d8:e0:aa:77:5f:01:06:90:83:e6:67:98:75:
6e:3c:38:f5:01:c6:a6:42:41:66:95:b6:a8:dd:55:32:6c:53:
2f:8b:f0:7d:1c:94:bd:4e:2d:bb:62:82:de:7c:e6:80:64:af:
c9:07:c6:af:67:9b:e1:51:cf:b9:b5:d2:45:a5:bb:68:8a:8c:
ad:b6:03:aa:b7:67:fc:22:b9:e9:17:d1:f7:c4:05:52:02:28:
aa:3d:0f:03
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUQQ2q9t7O09sWrlESv/58uKVcdjUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzEwNTdaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3MTkyZWZmY2ZjNmJmMDNmMDA3YTZmNzgxODdjNDE1M2RjMDA0M2E5Yzc2
OTMzMWU3MWRiN2I5YjNkMGVjMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALiAGNJRr1SC1HF62mygK9w/0mkaP7/2fgMQhs40JpW8dp+vvjtDOm9o70dC
w52fPvoFj/EoTr9ciXOC2eC5nY09cKTF5OkWeA37Pz51oXoTZQ/zAMfLciXCw8xz
qukbY4nR7kX6VtQtr3MgW1mwflTh9Q5GYV99Ax3BKZ31mLte95aCBwMfk/Whh17h
MKuDDMDPqPnD8a+8OocezQ19svoKNFgccTyR2pmQSBP6/ARSnqDeSAH4OiqHmvEj
KpzeF5sa2SOmEsjsyn5jvzYnadHPBIB7IndRaOdBDVnVphH2pjFwUYL/SKnX0zc1
UURUmwtoCWjWn/L61lpTcb9g18kCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQETFHM
M5Y38gOCJZP3s/tIUazukzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RjZjAxNGYtYWY4OC00YWI5LTk5NzYtNzQ2ZWQ4ZGVjMWE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Dgw
DQYJKoZIhvcNAQELBQADggEBAFFj3ejm0hbeUhDHp8K0VTZD5mWhsSBfsJL6h4Tp
HPu2RlwcWJRb5yEd4KyBq7IIy1fjvyPQdpf4dWly5jy2I7b5OF29AnFc9Ho5HnqH
TE5NWLJHYzOP/90DIqipwDDRkkNz9QCa9AjxViH/A54gXTMmo8SS/jtuWGZRZiD8
RLPARDrMVxLrpXE01yA6XxdJ7RT/GusGk7CfuPMiwWdS/y3UScSussFk2OCqd18B
BpCD5meYdW48OPUBxqZCQWaVtqjdVTJsUy+L8H0clL1OLbtigt585oBkr8kHxq9n
m+FRz7m10kWlu2iKjK22A6q3Z/wiuekX0ffEBVICKKo9DwM=
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:57:01 2025 by rpki-client