Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93549c76-d7f3-48f4-9e55-b485fec00b13.roa
File: 93549c76-d7f3-48f4-9e55-b485fec00b13.roa (raw, json)
Hash identifier: jTgJakOEIcuHWrgWNpxIZSeNBE4yI6Rn2dIUDG//rXs=
Subject key identifier: FF:A1:F8:24:2C:A8:3E:4F:BF:D4:AA:A7:A6:E4:D1:44:ED:1C:23:35
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1209572330443DB4405F4716183ED2CCD92D3E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93549c76-d7f3-48f4-9e55-b485fec00b13.roa
Signing time: Wed 30 Jul 2025 20:08:51 +0000
ROA not before: Wed 30 Jul 2025 20:08:51 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:09:57:23:30:44:3d:b4:40:5f:47:16:18:3e:d2:cc:d9:2d:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:08:51 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=a9a60ecd13c5b350e57e320fa597eb3a18eb78474d37170c08594eaedbc4e860, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2d:9f:02:c1:0d:6b:7f:a8:0f:70:77:3c:0f:
92:19:30:74:1a:80:0f:ba:6a:bb:bf:42:1c:17:2b:
b9:3b:7f:8c:bf:e4:3e:af:4a:44:6d:b3:e0:47:b0:
af:75:ed:5c:13:0a:ac:de:9c:55:e1:ce:0d:ea:83:
3d:89:ae:36:83:e3:c7:d6:6f:9a:8a:31:ea:08:39:
97:7e:b8:60:2d:7c:ea:ec:5b:ef:45:0c:b9:38:33:
11:d2:92:62:13:3e:c1:43:5d:3c:07:bb:d3:0a:2d:
28:85:b5:1d:41:ac:99:44:e7:3d:8c:b1:26:69:ce:
98:17:8c:57:90:51:d1:cd:40:fd:15:2f:24:ce:4c:
ad:05:97:bd:77:28:c1:c2:69:63:20:04:e2:68:1b:
0e:76:70:80:1a:02:d0:33:41:31:cc:54:8e:49:5b:
2e:5a:19:52:ca:f9:3e:5d:0e:23:31:0c:c9:f5:12:
d0:a7:94:15:00:60:37:2d:d3:5c:d2:9c:83:00:e9:
22:0e:0a:56:cc:e2:e9:4e:27:9e:75:91:57:b2:30:
f1:8d:ac:f8:5e:31:d7:84:37:c3:91:f5:6b:0a:bb:
8c:69:ad:78:39:6e:ca:54:55:3d:63:fe:d8:00:99:
93:3d:e1:1b:2c:0d:c3:a7:c9:0a:83:f3:5b:ef:4c:
0d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:A1:F8:24:2C:A8:3E:4F:BF:D4:AA:A7:A6:E4:D1:44:ED:1C:23:35
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93549c76-d7f3-48f4-9e55-b485fec00b13.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:a000::/40
Signature Algorithm: sha256WithRSAEncryption
2d:c1:d5:98:45:73:69:54:35:e1:fc:cf:24:b3:24:9f:3d:07:
59:45:fc:56:fe:61:1f:bf:c9:d7:d9:25:51:73:f2:65:89:9a:
46:41:a8:e6:d2:ca:c0:24:bd:85:49:bd:4a:a6:93:6a:7c:0e:
fa:8a:69:a2:74:fa:cf:a0:ab:ff:f4:97:62:3a:7d:74:30:bf:
6f:ae:cd:92:85:4a:98:4b:8f:e1:57:c1:4a:40:d3:9e:22:ba:
4d:b8:cb:a1:20:c7:be:e6:a8:fd:8c:db:f7:c2:77:cc:19:be:
fc:29:23:30:0e:a6:51:86:ab:83:ed:7e:c1:2f:ca:2a:01:bb:
17:66:2d:94:55:e5:68:8e:e3:a1:7d:e7:85:80:9d:ed:4f:38:
2c:ba:a8:dd:53:3b:67:90:1f:55:08:87:53:05:b1:1c:a1:b4:
51:71:60:7a:2b:d2:52:89:db:6f:74:8f:6b:fc:1c:1e:fb:30:
07:2d:eb:97:49:6c:a9:c8:97:3c:bd:b4:c0:38:6f:69:a9:7c:
a8:08:21:d0:39:fe:20:b2:ac:d7:44:01:c5:86:2f:c0:36:70:
b8:e4:43:f2:05:54:30:e5:95:61:aa:0d:cf:6d:0c:bc:3e:a9:
1c:5b:c3:5d:7f:80:63:e4:da:e6:2a:aa:c1:40:7b:9e:9e:70:
4a:ed:06:cb
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgITEglXIzBEPbRAX0cWGD7SzNktPjANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDczMDIwMDg1MVoXDTI1MDkwMzIzNTk1OVowejFJMEcGA1UE
BRNAYTlhNjBlY2QxM2M1YjM1MGU1N2UzMjBmYTU5N2ViM2ExOGViNzg0NzRkMzcx
NzBjMDg1OTRlYWVkYmM0ZTg2MDEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvS2fAsENa3+oD3B3PA+SGTB0GoAPumq7v0IcFyu5O3+Mv+Q+r0pEbbPgR7Cv
de1cEwqs3pxV4c4N6oM9ia42g+PH1m+aijHqCDmXfrhgLXzq7FvvRQy5ODMR0pJi
Ez7BQ108B7vTCi0ohbUdQayZROc9jLEmac6YF4xXkFHRzUD9FS8kzkytBZe9dyjB
wmljIATiaBsOdnCAGgLQM0ExzFSOSVsuWhlSyvk+XQ4jMQzJ9RLQp5QVAGA3LdNc
0pyDAOkiDgpWzOLpTieedZFXsjDxjaz4XjHXhDfDkfVrCruMaa14OW7KVFU9Y/7Y
AJmTPeEbLA3Dp8kKg/Nb70wNSwIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFP+h+CQs
qD5Pv9Sqp6bk0UTtHCM1MB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC85
MzU0OWM3Ni1kN2YzLTQ4ZjQtOWU1NS1iNDg1ZmVjMDBiMTMucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQe6Aw
DQYJKoZIhvcNAQELBQADggEBAC3B1ZhFc2lUNeH8zySzJJ89B1lF/Fb+YR+/ydfZ
JVFz8mWJmkZBqObSysAkvYVJvUqmk2p8DvqKaaJ0+s+gq//0l2I6fXQwv2+uzZKF
SphLj+FXwUpA054iuk24y6Egx77mqP2M2/fCd8wZvvwpIzAOplGGq4PtfsEvyioB
uxdmLZRV5WiO46F954WAne1POCy6qN1TO2eQH1UIh1MFsRyhtFFxYHor0lKJ2290
j2v8HB77MAct65dJbKnIlzy9tMA4b2mpfKgIIdA5/iCyrNdEAcWGL8A2cLjkQ/IF
VDDllWGqDc9tDLw+qRxbw11/gGPk2uYqqsFAe56ecErtBss=
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:40 2025 by rpki-client