Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7fc80124-256d-4d3d-bffc-2fe5d82c477f.roa
File: 7fc80124-256d-4d3d-bffc-2fe5d82c477f.roa (raw, json)
Hash identifier: B/dYyqdRg76+rhukY7HJ/0kq7jvSLcWt8F5bUChnS8k=
Subject key identifier: 37:88:17:3B:C1:6E:5F:83:EE:DC:FD:64:BA:3C:5F:59:67:DC:98:11
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 033363F87CA957B975246635749917E867A8FE96
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7fc80124-256d-4d3d-bffc-2fe5d82c477f.roa
Signing time: Wed 30 Jul 2025 20:07:12 +0000
ROA not before: Wed 30 Jul 2025 20:07:12 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:33:63:f8:7c:a9:57:b9:75:24:66:35:74:99:17:e8:67:a8:fe:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:07:12 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=fb65ea12e83649a92139bc48e28b717a7af13682739291558161c5a1ab1e4e07, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5d:d7:8f:f2:7a:c8:36:b8:3c:23:72:d9:f4:
ea:3b:23:4a:da:69:4f:58:52:a1:66:46:0d:52:fb:
34:fe:9d:61:42:84:b6:6d:c8:fd:5f:a1:8b:bb:dc:
b1:c5:dd:c2:ad:bb:12:66:14:59:5c:9a:dc:73:1a:
0d:b3:7b:b3:6f:97:ee:5e:75:ba:af:14:92:c3:a2:
25:4b:1d:dd:94:30:50:fd:b2:78:0f:b7:f8:46:d1:
c8:60:ac:9e:4f:5a:9e:34:b7:fd:e3:0f:48:92:07:
4e:91:87:e4:cc:3a:89:7c:7c:8e:c7:68:d0:5e:fb:
bb:4c:b4:78:d0:01:1a:e0:25:03:73:d7:38:64:8a:
45:6f:9a:fa:1f:11:85:56:58:62:5e:b2:72:b7:05:
64:ac:b0:d0:b9:d5:d9:8b:67:8a:eb:17:a1:a5:54:
45:03:2d:35:a1:70:af:04:84:9b:fb:b6:50:55:65:
2b:33:c6:d4:bc:e6:89:87:f0:9e:e5:86:f0:87:49:
ad:28:fa:47:3e:6a:17:bb:05:78:df:8b:cd:96:2f:
46:69:78:8d:31:5f:a0:a4:e3:3f:6a:9f:02:64:b4:
42:a7:98:fe:b8:12:1c:6e:65:32:ac:5a:16:ee:46:
ce:31:5b:1f:a5:cb:32:68:7e:97:fc:be:98:4e:36:
f4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:88:17:3B:C1:6E:5F:83:EE:DC:FD:64:BA:3C:5F:59:67:DC:98:11
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7fc80124-256d-4d3d-bffc-2fe5d82c477f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:4000::/40
Signature Algorithm: sha256WithRSAEncryption
57:6b:1f:4d:93:c1:e2:b1:9a:cd:30:b6:de:f8:cb:20:e9:b1:
5b:16:a2:71:c6:5f:26:87:62:ef:e4:71:d5:7b:9e:da:82:8f:
f6:4e:f2:1b:b7:23:da:69:dd:23:8a:a5:b8:20:e2:94:44:5f:
a8:50:f0:2c:4c:63:4f:76:ff:cc:9b:c5:dc:b5:ac:e0:63:3f:
e2:8e:3f:94:90:77:20:ee:ba:71:05:0d:14:a2:cd:2a:8e:72:
e0:e9:aa:f3:50:47:47:9d:03:59:b3:ce:1c:2d:23:45:d7:a8:
75:8b:ad:f2:2c:85:4d:a1:97:a9:e7:60:20:62:20:71:b6:03:
96:cf:a3:91:7f:56:45:23:9e:8a:2f:08:17:81:43:42:ab:f0:
15:c3:e1:cb:2e:48:e6:57:b4:97:54:a2:04:86:5b:5f:84:6e:
e2:ae:53:1a:d5:cc:8f:84:71:66:49:bc:5a:bd:eb:23:09:33:
19:ba:d6:31:2e:b5:58:b4:49:5e:43:df:0d:e9:cf:bc:4d:69:
4f:bb:d6:ba:df:6f:e3:b0:2b:df:03:b8:07:61:c5:fd:c0:ed:
6f:2a:4c:43:39:40:00:8e:fb:74:15:c6:9b:82:ec:aa:da:a6:
6c:d0:ee:ef:76:77:89:b7:fd:66:6d:23:2f:b8:0e:dd:e0:2c:
88:94:29:1d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAzNj+HypV7l1JGY1dJkX6Geo/pYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MzAyMDA3MTJaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiNjVlYTEyZTgzNjQ5YTkyMTM5YmM0OGUyOGI3MTdhN2FmMTM2ODI3Mzky
OTE1NTgxNjFjNWExYWIxZTRlMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZd14/yesg2uDwjctn06jsjStppT1hSoWZGDVL7NP6dYUKEtm3I/V+hi7vc
scXdwq27EmYUWVya3HMaDbN7s2+X7l51uq8UksOiJUsd3ZQwUP2yeA+3+EbRyGCs
nk9anjS3/eMPSJIHTpGH5Mw6iXx8jsdo0F77u0y0eNABGuAlA3PXOGSKRW+a+h8R
hVZYYl6ycrcFZKyw0LnV2YtniusXoaVURQMtNaFwrwSEm/u2UFVlKzPG1LzmiYfw
nuWG8IdJrSj6Rz5qF7sFeN+LzZYvRml4jTFfoKTjP2qfAmS0QqeY/rgSHG5lMqxa
Fu5GzjFbH6XLMmh+l/y+mE429DECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3iBc7
wW5fg+7c/WS6PF9ZZ9yYETAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2ZjODAxMjQtMjU2ZC00ZDNkLWJmZmMtMmZlNWQ4MmM0NzdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVA
MA0GCSqGSIb3DQEBCwUAA4IBAQBXax9Nk8HisZrNMLbe+Msg6bFbFqJxxl8mh2Lv
5HHVe57ago/2TvIbtyPaad0jiqW4IOKURF+oUPAsTGNPdv/Mm8XctazgYz/ijj+U
kHcg7rpxBQ0Uos0qjnLg6arzUEdHnQNZs84cLSNF16h1i63yLIVNoZep52AgYiBx
tgOWz6ORf1ZFI56KLwgXgUNCq/AVw+HLLkjmV7SXVKIEhltfhG7irlMa1cyPhHFm
SbxavesjCTMZutYxLrVYtEleQ98N6c+8TWlPu9a632/jsCvfA7gHYcX9wO1vKkxD
OUAAjvt0Fcabguyq2qZs0O7vdneJt/1mbSMvuA7d4CyIlCkd
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:55 2025 by rpki-client