Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82baa148-3f1e-4e5f-a19f-3be140c60d34.roa
File: 82baa148-3f1e-4e5f-a19f-3be140c60d34.roa (raw, json)
Hash identifier: QasMtOJEJ73dAhiYZtGuLIjCDvJ87CE4+U0UvvpBF5Q=
Subject key identifier: 6F:89:4D:E4:C5:93:BB:6B:F2:93:5E:F9:FC:5E:89:65:B2:34:F7:BF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 677E977A3017AD17231BC862AB571D3D27764E37
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82baa148-3f1e-4e5f-a19f-3be140c60d34.roa
Signing time: Mon 28 Jul 2025 16:11:18 +0000
ROA not before: Mon 28 Jul 2025 16:11:18 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:7e:97:7a:30:17:ad:17:23:1b:c8:62:ab:57:1d:3d:27:76:4e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:11:18 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=3552e49c3ca291b91c3b2e84c5f729e25004432af132301b999fc2e3483845fb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f8:e8:cd:31:cc:67:ff:14:c0:13:30:a8:e2:
75:0d:65:ab:40:63:28:82:7d:21:09:c7:3e:32:50:
b1:5e:dd:62:1b:1f:4a:ec:76:c8:b4:dd:f2:fe:7f:
3a:3f:09:7d:1b:0a:56:03:cb:00:db:1c:cf:62:fd:
96:5b:57:72:9f:99:17:49:f4:64:69:c1:2c:ee:aa:
f8:62:f3:99:4c:79:c9:ad:0f:40:ba:d1:d1:6b:90:
d4:cc:53:ed:59:c3:02:8b:66:49:2c:09:d4:be:bb:
56:19:db:0a:7a:e5:e9:8f:e5:44:c2:76:1a:c4:e4:
41:1f:78:8c:60:65:12:cb:8d:07:0d:56:81:fd:90:
98:1d:1e:a5:7d:2d:32:65:e0:a8:d7:e7:04:88:fa:
2e:09:dc:c9:4b:8a:31:76:c8:f8:a5:8f:84:81:ed:
d6:eb:e0:95:b3:28:81:0f:05:57:a4:18:36:ba:e1:
3f:dd:78:f3:1c:d3:52:a3:b5:37:e1:e2:bf:cf:3b:
91:4e:f9:be:63:20:76:c5:da:23:cd:59:f3:b6:74:
e5:67:68:c1:41:ad:bf:9f:65:94:47:21:40:f2:7a:
9a:95:55:4a:17:12:d0:ff:91:82:0b:86:d1:58:3c:
ea:9c:c0:91:ed:f1:05:ee:3e:5f:b6:59:45:db:05:
48:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:89:4D:E4:C5:93:BB:6B:F2:93:5E:F9:FC:5E:89:65:B2:34:F7:BF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82baa148-3f1e-4e5f-a19f-3be140c60d34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:4000::/40
Signature Algorithm: sha256WithRSAEncryption
9e:4e:51:40:96:07:30:ea:ca:76:d7:5a:cc:54:1d:0a:7c:4d:
c6:e9:05:9e:c7:0d:2b:59:1a:c3:fd:77:ce:53:58:5d:b8:7e:
44:49:71:ce:1c:27:47:5d:79:61:1b:c1:80:51:c0:57:cd:ef:
c2:55:db:8a:57:7e:de:6e:b4:ee:46:36:6c:18:36:d4:43:50:
6a:42:ed:92:26:34:bb:69:a5:94:52:6a:dc:4e:71:87:e5:ac:
75:9b:91:af:eb:92:98:8d:97:6c:38:1f:b9:ab:6a:55:9c:69:
e4:e4:1f:f9:f2:a4:5c:98:c7:95:56:69:8c:6f:09:b2:61:de:
b5:99:c4:ef:c3:7b:6a:14:ee:9d:81:51:3a:d6:f2:a2:d8:15:
1f:ce:c0:58:fe:ee:ac:24:b1:57:11:a0:7d:2a:d1:94:52:15:
c9:46:6f:5e:96:2e:d4:49:dd:68:dc:36:ad:21:44:15:fd:15:
50:56:d8:b0:60:9c:79:0b:2d:16:11:82:c3:e7:5e:e9:51:a4:
d9:f2:1b:27:87:cc:b5:b1:41:a2:e4:4b:7f:f5:87:c5:29:fd:
7c:02:d0:26:ab:79:b7:5b:66:32:3e:25:2a:3f:0a:71:13:02:
3d:b4:25:3a:ab:e7:5c:a5:94:3e:16:cc:6c:33:3c:65:9a:3b:
bc:0e:3d:9f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZ36XejAXrRcjG8hiq1cdPSd2TjcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjExMThaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1NTJlNDljM2NhMjkxYjkxYzNiMmU4NGM1ZjcyOWUyNTAwNDQzMmFmMTMy
MzAxYjk5OWZjMmUzNDgzODQ1ZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALj46M0xzGf/FMATMKjidQ1lq0BjKIJ9IQnHPjJQsV7dYhsfSux2yLTd8v5/
Oj8JfRsKVgPLANscz2L9lltXcp+ZF0n0ZGnBLO6q+GLzmUx5ya0PQLrR0WuQ1MxT
7VnDAotmSSwJ1L67VhnbCnrl6Y/lRMJ2GsTkQR94jGBlEsuNBw1Wgf2QmB0epX0t
MmXgqNfnBIj6LgncyUuKMXbI+KWPhIHt1uvglbMogQ8FV6QYNrrhP9148xzTUqO1
N+Hiv887kU75vmMgdsXaI81Z87Z05WdowUGtv59llEchQPJ6mpVVShcS0P+RgguG
0Vg86pzAke3xBe4+X7ZZRdsFSIkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRviU3k
xZO7a/KTXvn8XollsjT3vzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODJiYWExNDgtM2YxZS00ZTVmLWExOWYtM2JlMTQwYzYwZDM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBA
MA0GCSqGSIb3DQEBCwUAA4IBAQCeTlFAlgcw6sp211rMVB0KfE3G6QWexw0rWRrD
/XfOU1hduH5ESXHOHCdHXXlhG8GAUcBXze/CVduKV37ebrTuRjZsGDbUQ1BqQu2S
JjS7aaWUUmrcTnGH5ax1m5Gv65KYjZdsOB+5q2pVnGnk5B/58qRcmMeVVmmMbwmy
Yd61mcTvw3tqFO6dgVE61vKi2BUfzsBY/u6sJLFXEaB9KtGUUhXJRm9eli7USd1o
3DatIUQV/RVQVtiwYJx5Cy0WEYLD517pUaTZ8hsnh8y1sUGi5Et/9YfFKf18AtAm
q3m3W2YyPiUqPwpxEwI9tCU6q+dcpZQ+FsxsMzxlmju8Dj2f
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:03 2025 by rpki-client