Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
File: 9ea9340f-dd25-4e30-a952-27ce8d9906df.roa (raw, json)
Hash identifier: /j9+7FTXYy28AHZGdkJtZIYCC+Vumn3nCL+uPLh35ps=
Subject key identifier: DF:CF:61:97:D7:FB:DE:2C:3C:38:AF:06:58:F6:E1:2E:AF:F8:68:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68C9941FFE5D574519E54B5EDF7CA2A035EA4EB5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
Signing time: Mon 28 Jul 2025 16:11:17 +0000
ROA not before: Mon 28 Jul 2025 16:11:17 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:c9:94:1f:fe:5d:57:45:19:e5:4b:5e:df:7c:a2:a0:35:ea:4e:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:11:17 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=3e6423a70fc072772ca292a27fd889fc13e5a55170cdcf062ddde139fe33f82f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e7:b8:33:99:38:51:2f:12:22:04:b3:d3:f7:
41:39:1b:06:ef:c3:6d:1e:52:4e:f9:5e:60:31:07:
b1:d2:7c:c4:94:60:00:b5:3e:84:c6:df:7c:21:d5:
e0:8b:af:bf:9e:c2:21:42:14:a7:4d:c4:f7:87:85:
4b:7c:3c:98:f5:9b:7a:39:8a:83:5b:98:a1:5b:4b:
3e:88:2b:61:7e:63:10:04:b1:3e:9a:a8:68:10:3e:
df:b2:a1:b5:f1:64:cc:7e:83:4a:23:a8:de:68:14:
34:3d:f8:66:2c:e9:45:00:b0:6b:39:0c:ac:6f:6e:
09:6c:74:56:c1:ec:97:b0:b7:34:c3:07:b3:1c:41:
0b:49:2a:09:5a:f1:d7:66:e6:d5:8c:5a:da:92:27:
42:95:37:71:7d:74:2b:ef:3d:eb:78:a3:ae:f7:14:
89:36:3a:48:99:5e:33:df:df:6b:15:02:e2:1e:a0:
6c:ca:d1:4a:94:94:b2:97:47:9f:ed:f7:86:6c:87:
71:6f:b3:f7:71:de:62:a5:ad:c4:63:47:72:95:fd:
da:15:ea:94:d6:05:73:d0:d1:bd:4f:a7:7f:37:21:
35:fa:3a:57:b2:5f:6f:95:1b:a0:f2:c0:f7:9b:86:
10:a8:d4:91:18:90:b6:34:e4:12:cf:ad:dd:ea:8f:
bd:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:CF:61:97:D7:FB:DE:2C:3C:38:AF:06:58:F6:E1:2E:AF:F8:68:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:4000::/40
Signature Algorithm: sha256WithRSAEncryption
96:62:09:20:37:65:e8:11:7d:c4:37:b6:78:4c:b0:13:d2:ea:
cb:e2:c1:88:6e:63:be:5c:e8:f8:49:65:d6:85:4c:d8:bc:c1:
65:39:0a:b2:aa:c9:81:0d:81:5a:9c:95:52:d3:fd:62:c7:cf:
4a:37:31:e1:5a:2d:8b:ff:ab:64:fe:f5:3b:fe:ae:49:84:9f:
94:61:c6:b7:f0:01:d1:bf:64:cf:32:53:42:d1:b7:77:e3:58:
f2:c7:2c:83:9d:44:3e:30:66:b6:f6:99:99:9d:32:c3:84:fe:
8b:11:b1:59:a4:d2:b0:d5:64:23:3d:3b:c2:2e:7e:2a:08:b7:
40:fa:3d:e5:d6:f1:2b:64:ef:48:f6:d2:f4:92:73:4c:96:cd:
9f:ee:af:57:86:f9:26:30:91:3b:7f:f2:c2:56:67:63:5d:5a:
07:bc:63:5a:32:ad:b9:20:2b:a8:f6:b4:fb:59:25:6f:89:50:
73:b4:e3:6e:43:c6:cf:84:3c:63:db:47:58:68:3f:87:48:0f:
01:f9:88:55:bb:dc:81:b0:45:d4:dd:7d:ef:96:da:6e:cb:aa:
0d:bf:6e:95:71:c8:98:ad:ee:d0:09:73:fd:1a:e6:ab:b4:61:
7a:b6:03:e9:b0:da:4d:b0:da:97:30:92:e3:86:7f:75:28:98:
98:10:9b:16
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaMmUH/5dV0UZ5Ute33yioDXqTrUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjExMTdaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlNjQyM2E3MGZjMDcyNzcyY2EyOTJhMjdmZDg4OWZjMTNlNWE1NTE3MGNk
Y2YwNjJkZGRlMTM5ZmUzM2Y4MmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJnnuDOZOFEvEiIEs9P3QTkbBu/DbR5STvleYDEHsdJ8xJRgALU+hMbffCHV
4Iuvv57CIUIUp03E94eFS3w8mPWbejmKg1uYoVtLPogrYX5jEASxPpqoaBA+37Kh
tfFkzH6DSiOo3mgUND34ZizpRQCwazkMrG9uCWx0VsHsl7C3NMMHsxxBC0kqCVrx
12bm1Yxa2pInQpU3cX10K+8963ijrvcUiTY6SJleM9/faxUC4h6gbMrRSpSUspdH
n+33hmyHcW+z93HeYqWtxGNHcpX92hXqlNYFc9DRvU+nfzchNfo6V7Jfb5UboPLA
95uGEKjUkRiQtjTkEs+t3eqPvZUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTfz2GX
1/veLDw4rwZY9uEur/ho4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVhOTM0MGYtZGQyNS00ZTMwLWE5NTItMjdjZThkOTkwNmRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBA
MA0GCSqGSIb3DQEBCwUAA4IBAQCWYgkgN2XoEX3EN7Z4TLAT0urL4sGIbmO+XOj4
SWXWhUzYvMFlOQqyqsmBDYFanJVS0/1ix89KNzHhWi2L/6tk/vU7/q5JhJ+UYca3
8AHRv2TPMlNC0bd341jyxyyDnUQ+MGa29pmZnTLDhP6LEbFZpNKw1WQjPTvCLn4q
CLdA+j3l1vErZO9I9tL0knNMls2f7q9XhvkmMJE7f/LCVmdjXVoHvGNaMq25ICuo
9rT7WSVviVBztONuQ8bPhDxj20dYaD+HSA8B+YhVu9yBsEXU3X3vltpuy6oNv26V
cciYre7QCXP9GuartGF6tgPpsNpNsNqXMJLjhn91KJiYEJsW
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:24 2025 by rpki-client