Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa
File: 9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa (raw, json)
Hash identifier: fWwpod1Z7Qc9s8ZStRBtU3/OGW4j8Wul/F0ux2/0JxQ=
Subject key identifier: D0:44:84:24:E6:E0:01:94:6C:63:4C:CF:CF:1E:2B:60:F5:C5:A1:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45492742E49F2366C8795076307BAF2CE9C90862
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa
Signing time: Mon 21 Jul 2025 16:40:16 +0000
ROA not before: Mon 21 Jul 2025 16:40:16 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:90c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:49:27:42:e4:9f:23:66:c8:79:50:76:30:7b:af:2c:e9:c9:08:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:40:16 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=f711db8983a20b760c68ca2d419fc8a1993e8e73fb19459ac6b62ed60cb02b10, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:af:bd:2d:82:0b:5e:1d:4d:84:b6:25:27:b4:
82:37:55:7e:dd:b8:46:8a:f3:39:fb:fe:7e:72:f3:
3a:cd:14:2e:db:e9:41:b7:6f:54:b8:e6:63:11:fa:
f5:ed:94:cd:68:1a:4f:9f:a3:c5:8e:d3:1b:aa:92:
cf:27:77:93:21:f8:c6:7f:59:ca:30:fb:9d:95:7f:
98:45:97:56:ea:01:10:2b:4c:19:fe:7e:4f:c7:3d:
bf:3f:4a:04:32:ec:a9:56:cf:c7:07:fb:19:fc:4c:
76:8b:95:3d:79:8d:b7:ba:be:98:16:c2:53:f6:a1:
3c:4e:09:47:58:b5:1d:4f:2d:b4:f4:c1:82:fb:2d:
1c:58:68:3c:13:98:dc:c3:cb:7f:b7:51:b4:22:48:
4b:84:4a:5e:22:c6:89:e8:7e:99:b9:02:0b:8a:53:
7d:9b:d4:85:72:20:55:4a:53:4d:12:88:77:3f:dc:
b1:81:22:d6:a3:b0:77:db:bf:2f:8e:2a:3c:f6:71:
3f:fe:38:14:d6:a0:a8:e9:76:5d:db:a7:25:25:44:
45:c2:6f:d6:56:1f:ff:68:79:31:6f:fc:a4:58:d0:
27:96:6d:34:98:36:00:b3:a8:08:d0:6d:6d:70:e8:
47:29:9b:2a:f4:1e:b2:80:57:f9:e7:38:94:80:74:
32:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:44:84:24:E6:E0:01:94:6C:63:4C:CF:CF:1E:2B:60:F5:C5:A1:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:90c0::/46
Signature Algorithm: sha256WithRSAEncryption
7a:b0:a7:a9:c5:8b:0f:36:c2:9a:08:db:fa:f7:b8:04:8b:2e:
51:02:8e:fc:2e:8b:7a:fd:c8:93:80:25:5c:2a:0d:98:61:a7:
5b:1b:6e:73:88:3e:fe:dc:09:bb:b9:ae:4c:e3:7d:31:f8:35:
49:2f:95:c4:61:23:b4:92:0b:76:7c:b6:8f:84:7b:e8:86:0a:
ec:40:c6:f7:f5:48:d6:23:e4:f0:3a:6f:90:17:a8:ef:a2:45:
17:a2:6e:b0:79:e6:c3:16:b6:82:3e:c1:b0:05:95:54:9f:ca:
e9:ea:8c:64:48:73:56:1a:31:50:96:e0:b5:ea:66:4a:e1:df:
d5:8c:3b:fc:54:73:82:b4:fb:3e:f4:9f:0c:a8:34:d0:e9:bb:
bf:26:9b:b6:99:9f:5e:94:d4:8b:a8:9c:d8:6e:82:a4:cf:5a:
f9:03:3d:5a:f6:d9:6b:79:5b:63:7d:87:de:06:72:e3:e4:73:
82:55:4a:d5:b8:79:b8:9b:38:8a:41:52:7a:44:c4:46:c6:bc:
d0:cc:9a:59:58:fe:41:5c:da:1e:39:65:8e:70:0f:a2:52:a2:
de:5c:c0:c1:3f:2d:ef:8b:b1:d5:24:2c:75:c5:0c:a6:99:a8:
f7:79:7d:ab:40:a0:86:77:8f:37:4e:a9:fb:87:74:c9:fb:9d:
47:d9:91:28
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURUknQuSfI2bIeVB2MHuvLOnJCGIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjQwMTZaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3MTFkYjg5ODNhMjBiNzYwYzY4Y2EyZDQxOWZjOGExOTkzZThlNzNmYjE5
NDU5YWM2YjYyZWQ2MGNiMDJiMTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWvvS2CC14dTYS2JSe0gjdVft24RorzOfv+fnLzOs0ULtvpQbdvVLjmYxH6
9e2UzWgaT5+jxY7TG6qSzyd3kyH4xn9ZyjD7nZV/mEWXVuoBECtMGf5+T8c9vz9K
BDLsqVbPxwf7GfxMdouVPXmNt7q+mBbCU/ahPE4JR1i1HU8ttPTBgvstHFhoPBOY
3MPLf7dRtCJIS4RKXiLGieh+mbkCC4pTfZvUhXIgVUpTTRKIdz/csYEi1qOwd9u/
L44qPPZxP/44FNagqOl2XdunJSVERcJv1lYf/2h5MW/8pFjQJ5ZtNJg2ALOoCNBt
bXDoRymbKvQesoBX+ec4lIB0MnsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTQRIQk
5uABlGxjTM/PHitg9cWhojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWE1ZmVjMmQtMmM0MC00MDY4LTliY2YtYzQ3ZDc2MDFkMDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAerCnqcWLDzbCmgjb+ve4BIsuUQKO/C6Lev3I
k4AlXCoNmGGnWxtuc4g+/twJu7muTON9Mfg1SS+VxGEjtJILdny2j4R76IYK7EDG
9/VI1iPk8DpvkBeo76JFF6JusHnmwxa2gj7BsAWVVJ/K6eqMZEhzVhoxUJbgtepm
SuHf1Yw7/FRzgrT7PvSfDKg00Om7vyabtpmfXpTUi6ic2G6CpM9a+QM9WvbZa3lb
Y32H3gZy4+RzglVK1bh5uJs4ikFSekTERsa80MyaWVj+QVzaHjlljnAPolKi3lzA
wT8t74ux1SQsdcUMppmo93l9q0CghnePN06p+4d0yfudR9mRKA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:32 2025 by rpki-client