Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
File: 9a0196e5-a789-4daf-912c-37aa6951f379.roa (raw, json)
Hash identifier: Abm7bAnxasbuIPpuScmn+sBj13bw5UOrOkW8NOa7F2I=
Subject key identifier: 4E:2D:72:C2:47:E4:88:BD:9E:03:10:F2:B5:60:31:4C:94:1B:49:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 26D2A10F530688A5A5E11B3098C9815733F0F893
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
Signing time: Mon 28 Jul 2025 16:10:07 +0000
ROA not before: Mon 28 Jul 2025 16:10:07 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:d2:a1:0f:53:06:88:a5:a5:e1:1b:30:98:c9:81:57:33:f0:f8:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:07 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=f4cf50f971407122e197785757b5b961eb599bc4866ae2fabc4e891443820231, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:92:51:b2:fd:53:40:83:6c:c7:42:e4:77:43:
91:c4:4f:db:c9:1b:f1:3c:b9:73:46:87:cd:3e:18:
c8:44:0e:34:41:78:21:dc:9d:2b:04:9a:0d:46:9a:
f7:32:56:8e:01:91:9e:ad:75:a4:1c:1c:78:61:b3:
a8:0f:2c:dc:80:35:97:32:45:52:a9:52:f3:6d:b7:
1e:a4:d6:1e:da:57:d4:f5:8b:9d:07:50:ce:9a:74:
72:f5:93:60:e9:6c:91:e2:ab:ff:12:2b:34:4d:cc:
2b:bc:53:ea:10:7c:ed:ec:90:4d:2c:02:b4:97:a5:
7e:11:4b:ae:29:74:17:bb:67:f8:5b:7a:53:6a:ed:
7c:62:42:46:1f:dc:ae:5d:f9:54:32:c0:84:06:cb:
75:73:aa:a8:cb:84:d5:c8:11:ee:12:ec:85:de:af:
10:73:89:f6:00:16:2e:48:11:fd:a7:e2:1f:48:bd:
15:28:a1:86:20:4a:15:2a:7f:ea:ef:7d:24:03:f9:
8d:ae:ef:5e:11:d2:ed:26:ce:c6:8f:9f:7c:44:9c:
11:ba:fd:90:d2:cd:9a:c7:a2:9e:3c:d7:9c:20:d4:
70:b1:c0:dc:d4:53:70:d2:fb:cf:83:a0:55:a5:06:
65:99:34:8e:90:96:a4:b8:7a:cb:cc:92:1a:10:af:
71:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:2D:72:C2:47:E4:88:BD:9E:03:10:F2:B5:60:31:4C:94:1B:49:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:a000::/40
Signature Algorithm: sha256WithRSAEncryption
45:1a:71:d4:a9:0e:91:ef:ab:be:30:bc:77:e2:b9:b7:c5:cc:
22:39:5b:20:7a:71:50:55:6c:bb:61:ec:f1:df:f8:4f:a8:51:
dd:b5:91:89:c4:86:7f:4d:65:f4:3d:57:d2:f4:78:33:fc:19:
bd:60:2b:00:48:cc:c2:55:a5:da:c6:9c:42:9f:29:f2:fb:46:
35:14:9d:1b:3e:ad:ac:60:70:73:19:49:9f:93:c9:a9:aa:c3:
4c:a0:0d:bd:8e:c1:de:3d:42:a0:6f:8c:76:3f:92:74:ec:7e:
8c:71:a7:fb:7c:4b:ca:87:1c:a0:67:0b:f4:8e:01:f9:41:03:
7c:94:ec:be:f1:d1:bd:f3:62:5b:0f:3f:24:88:45:a3:49:ef:
9e:1e:43:ea:bb:fd:3f:70:af:4e:13:ed:4f:6a:56:17:16:ab:
11:85:3e:12:7f:00:a4:8b:76:d8:c7:04:49:d3:5a:2f:33:2e:
43:99:fd:f3:e2:c2:98:04:5d:68:79:2a:2d:68:6c:a0:0d:f3:
81:4f:42:23:87:39:e7:8f:8e:c2:2c:97:63:84:b0:82:28:cf:
ff:32:d2:ec:1f:8a:c1:ee:fb:63:7b:88:71:3a:6e:d6:f8:2f:
71:cf:b8:1d:f6:a5:a9:fd:ac:14:c6:74:4e:a2:a8:1f:38:11:
b1:ab:e5:cd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJtKhD1MGiKWl4RswmMmBVzPw+JMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMDdaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0Y2Y1MGY5NzE0MDcxMjJlMTk3Nzg1NzU3YjViOTYxZWI1OTliYzQ4NjZh
ZTJmYWJjNGU4OTE0NDM4MjAyMzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIySUbL9U0CDbMdC5HdDkcRP28kb8Ty5c0aHzT4YyEQONEF4IdydKwSaDUaa
9zJWjgGRnq11pBwceGGzqA8s3IA1lzJFUqlS8223HqTWHtpX1PWLnQdQzpp0cvWT
YOlskeKr/xIrNE3MK7xT6hB87eyQTSwCtJelfhFLril0F7tn+Ft6U2rtfGJCRh/c
rl35VDLAhAbLdXOqqMuE1cgR7hLshd6vEHOJ9gAWLkgR/afiH0i9FSihhiBKFSp/
6u99JAP5ja7vXhHS7SbOxo+ffEScEbr9kNLNmseinjzXnCDUcLHA3NRTcNL7z4Og
VaUGZZk0jpCWpLh6y8ySGhCvcZcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBROLXLC
R+SIvZ4DEPK1YDFMlBtJpzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWEwMTk2ZTUtYTc4OS00ZGFmLTkxMmMtMzdhYTY5NTFmMzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCg
MA0GCSqGSIb3DQEBCwUAA4IBAQBFGnHUqQ6R76u+MLx34rm3xcwiOVsgenFQVWy7
Yezx3/hPqFHdtZGJxIZ/TWX0PVfS9Hgz/Bm9YCsASMzCVaXaxpxCnyny+0Y1FJ0b
Pq2sYHBzGUmfk8mpqsNMoA29jsHePUKgb4x2P5J07H6Mcaf7fEvKhxygZwv0jgH5
QQN8lOy+8dG982JbDz8kiEWjSe+eHkPqu/0/cK9OE+1PalYXFqsRhT4SfwCki3bY
xwRJ01ovMy5Dmf3z4sKYBF1oeSotaGygDfOBT0Ijhznnj47CLJdjhLCCKM//MtLs
H4rB7vtje4hxOm7W+C9xz7gd9qWp/awUxnROoqgfOBGxq+XN
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:57 2025 by rpki-client