Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
File: 97700b94-3ec6-472c-97f5-b54fb1f56f76.roa (raw, json)
Hash identifier: nsNMIy0ktuONfwCHSR/BeaKR+lo/xnDWKnq4gkVQWOE=
Subject key identifier: 34:1D:0A:E1:54:4B:53:E4:0A:83:21:18:50:DD:A1:B7:14:D6:80:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F1C8083658BE5906C3EFAA9670CFB4C9165E822
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
Signing time: Mon 21 Jul 2025 16:50:17 +0000
ROA not before: Mon 21 Jul 2025 16:50:17 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:2040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:1c:80:83:65:8b:e5:90:6c:3e:fa:a9:67:0c:fb:4c:91:65:e8:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:50:17 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=e643cf00e2d7eec3fedcc44be2df0b084217c12b0134d04448cf434254def575, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:97:c9:a7:25:0a:c1:9a:d6:16:69:82:5d:5c:
90:a8:e9:fa:7b:6a:99:4f:f5:ef:66:7f:b4:98:c9:
04:bc:13:df:97:34:90:61:1c:90:7a:9a:64:c4:d6:
f9:58:17:8b:e5:d6:0f:11:5e:a9:dd:b0:d0:2a:6b:
d7:ef:9a:9b:5b:85:ec:35:d8:da:ab:e1:16:17:32:
57:a2:a6:d0:34:13:a1:5d:44:e0:2e:7f:d9:35:d8:
ed:f1:b1:0a:a6:c6:ee:40:eb:4f:11:84:8b:1f:54:
5e:50:33:ea:5f:ed:a1:4a:27:f7:0f:7d:fc:0c:e9:
57:ab:8a:ad:38:97:46:91:c2:59:d5:04:31:15:f2:
aa:4f:ea:8a:e4:9c:3e:2d:1a:12:15:11:76:a3:e3:
30:0c:c3:ca:ad:5b:34:40:08:85:f5:ff:2e:b8:22:
d0:ee:94:70:6c:71:e6:10:78:06:ae:7b:6c:0c:19:
8a:66:09:f0:f9:95:a2:fd:88:33:64:78:9a:61:82:
f1:bf:95:d5:c7:6b:62:11:9f:aa:49:b8:ce:38:7f:
d5:5c:61:1d:1c:95:7d:3c:aa:37:8b:d1:da:4f:9a:
6f:82:1d:f7:2a:f6:15:58:e0:57:10:a8:ac:81:b8:
78:fd:1f:ff:67:72:48:26:9b:30:52:a3:1c:5f:7a:
23:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:1D:0A:E1:54:4B:53:E4:0A:83:21:18:50:DD:A1:B7:14:D6:80:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:2040::/46
Signature Algorithm: sha256WithRSAEncryption
c1:9f:6d:17:a0:69:74:be:17:67:06:d3:0a:eb:be:88:ea:d7:
21:9d:9a:85:88:2a:37:bb:fd:98:06:d4:5d:c1:ea:0c:6a:5f:
6c:ed:cc:35:3a:d1:5b:4e:e0:48:04:bf:6c:f4:03:17:8b:54:
60:b4:c5:94:0e:ab:49:f0:0f:52:d6:99:a1:28:62:2f:d4:4a:
67:ce:70:67:a6:f8:66:43:3f:ff:41:35:bf:cb:f7:98:4f:2d:
f5:83:95:83:7d:3e:6f:f9:67:66:d3:7d:95:33:39:9f:c5:bb:
4b:60:69:54:f4:10:81:b8:5f:bd:d2:b8:4d:4c:9c:4a:f6:82:
00:35:bd:8f:6a:d2:62:c4:a3:4b:49:28:76:ee:1e:4d:07:89:
e2:08:1b:6e:7d:c6:24:19:65:21:df:8a:07:d6:8e:47:7f:7b:
f2:a2:51:7f:d5:fa:4d:6d:bb:57:ee:3d:6f:bb:f4:bb:72:dc:
4e:2b:c5:46:e8:4d:1c:08:6d:53:1f:3e:4d:87:c1:c0:f1:f2:
7e:60:8e:fd:f8:b0:55:39:f0:7d:e6:b4:4e:96:61:06:58:42:
7e:b7:c3:be:7c:15:08:95:da:af:6c:75:71:70:52:69:a8:ee:
0d:2c:2f:1b:04:51:ec:58:52:71:99:d7:38:9d:bb:d6:ac:ac:
20:3d:15:aa
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTxyAg2WL5ZBsPvqpZwz7TJFl6CIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjUwMTdaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2NDNjZjAwZTJkN2VlYzNmZWRjYzQ0YmUyZGYwYjA4NDIxN2MxMmIwMTM0
ZDA0NDQ4Y2Y0MzQyNTRkZWY1NzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKXyaclCsGa1hZpgl1ckKjp+ntqmU/172Z/tJjJBLwT35c0kGEckHqaZMTW
+VgXi+XWDxFeqd2w0Cpr1++am1uF7DXY2qvhFhcyV6Km0DQToV1E4C5/2TXY7fGx
CqbG7kDrTxGEix9UXlAz6l/toUon9w99/AzpV6uKrTiXRpHCWdUEMRXyqk/qiuSc
Pi0aEhURdqPjMAzDyq1bNEAIhfX/Lrgi0O6UcGxx5hB4Bq57bAwZimYJ8PmVov2I
M2R4mmGC8b+V1cdrYhGfqkm4zjh/1VxhHRyVfTyqN4vR2k+ab4Id9yr2FVjgVxCo
rIG4eP0f/2dySCabMFKjHF96I/MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ0HQrh
VEtT5AqDIRhQ3aG3FNaAeTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc3MDBiOTQtM2VjNi00NzJjLTk3ZjUtYjU0ZmIxZjU2Zjc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMg
QDANBgkqhkiG9w0BAQsFAAOCAQEAwZ9tF6BpdL4XZwbTCuu+iOrXIZ2ahYgqN7v9
mAbUXcHqDGpfbO3MNTrRW07gSAS/bPQDF4tUYLTFlA6rSfAPUtaZoShiL9RKZ85w
Z6b4ZkM//0E1v8v3mE8t9YOVg30+b/lnZtN9lTM5n8W7S2BpVPQQgbhfvdK4TUyc
SvaCADW9j2rSYsSjS0kodu4eTQeJ4ggbbn3GJBllId+KB9aOR3978qJRf9X6TW27
V+49b7v0u3LcTivFRuhNHAhtUx8+TYfBwPHyfmCO/fiwVTnwfea0TpZhBlhCfrfD
vnwVCJXar2x1cXBSaajuDSwvGwRR7FhScZnXOJ271qysID0Vqg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:56 2025 by rpki-client