Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa
File: a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa (raw, json)
Hash identifier: WW4kySnl7K9GlDHaEX3VEG9i/FIECrrquG1y+5PvjWM=
Subject key identifier: E5:E0:B4:88:86:15:E0:23:71:78:DE:63:22:13:69:09:D3:D7:C4:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77BF5CE682C6EC46B21E74EAFFA9ACF464456212
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa
Signing time: Fri 25 Jul 2025 16:50:18 +0000
ROA not before: Fri 25 Jul 2025 16:50:18 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:bf:5c:e6:82:c6:ec:46:b2:1e:74:ea:ff:a9:ac:f4:64:45:62:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:50:18 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=2d52f8ef7700131779eea4b61d714b86b041ed8361de315986a265c3e667808d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:dc:e7:d5:00:b3:72:d2:d6:0a:92:53:72:ed:
e1:2e:01:d1:80:e2:13:ff:5a:be:21:8e:2a:69:2c:
3b:38:63:57:9c:67:59:45:94:85:90:e1:bd:f1:96:
d6:4e:be:33:98:cf:03:48:25:96:44:e6:93:56:98:
a7:31:b9:d8:75:e6:5c:45:58:5b:10:b4:d7:b1:06:
38:b3:de:7e:63:31:53:f6:e5:43:4d:2d:3f:5a:22:
ea:55:6c:54:41:d0:95:31:b9:e3:aa:e3:4c:f6:6a:
e8:ac:12:99:a1:9d:69:f5:39:ab:11:a2:41:cc:d1:
36:09:20:3b:dc:03:df:6d:09:2d:09:75:cd:76:0b:
0a:41:cf:fd:39:22:f5:de:eb:0c:d2:d3:48:83:46:
45:87:88:a1:3e:98:73:ff:bf:8d:5e:dc:ab:14:2f:
ae:d0:9e:d9:bb:33:2a:9d:8c:20:f5:04:10:31:81:
f2:4e:d4:e0:21:68:e9:98:dc:56:97:31:5f:7c:79:
22:03:42:cb:75:8e:3d:ab:78:40:4f:40:df:fe:a2:
f1:a3:c8:9b:06:40:1c:bd:20:ed:ea:e1:00:93:7e:
49:83:e8:02:20:01:d9:b1:84:0c:ba:25:95:9e:d4:
ad:0a:45:aa:2f:fa:17:92:58:01:b9:57:30:c6:67:
14:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:E0:B4:88:86:15:E0:23:71:78:DE:63:22:13:69:09:D3:D7:C4:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:800::/40
Signature Algorithm: sha256WithRSAEncryption
46:c5:c6:f8:34:7e:a2:32:1d:0c:98:a2:5e:bd:4f:07:e0:98:
0f:d5:e8:9e:95:3d:61:fa:b9:4c:65:d0:93:42:0c:a9:5e:8b:
7c:73:83:81:08:56:ed:f3:2f:48:91:28:56:14:e9:09:df:06:
93:72:22:d2:c6:13:f7:1a:d1:dc:46:c2:cb:93:81:a1:ed:c9:
f4:47:69:da:70:f3:47:81:f6:c1:a6:d8:02:01:1c:a5:04:90:
b4:35:8a:67:af:6c:80:f7:ed:61:d0:06:cd:f4:a0:69:8a:97:
53:e2:f2:ad:67:2b:1b:5c:b3:bb:0f:79:43:ce:64:10:b8:14:
89:99:cb:77:99:23:a6:45:17:bc:1b:d2:e8:69:00:5c:5c:1e:
88:56:a3:62:26:bd:6b:61:69:8e:d5:9c:2d:16:92:e9:3d:fe:
fc:30:dc:7a:7b:29:11:90:38:f1:6a:0a:aa:b2:fd:ea:25:91:
83:29:33:ca:26:a5:fe:c6:8e:3e:e2:9a:87:bc:52:ce:5c:40:
58:10:3a:77:6d:b5:60:41:24:0c:fc:79:dd:57:e7:17:16:f7:
64:61:19:9b:a2:14:8e:95:fb:89:10:53:d1:5e:e6:84:03:49:
04:87:5e:6e:1f:3b:c5:99:ca:96:7b:94:d3:46:5d:6e:a1:05:
bc:98:49:28
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd79c5oLG7EayHnTq/6ms9GRFYhIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUwMThaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkNTJmOGVmNzcwMDEzMTc3OWVlYTRiNjFkNzE0Yjg2YjA0MWVkODM2MWRl
MzE1OTg2YTI2NWMzZTY2NzgwOGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbc59UAs3LS1gqSU3Lt4S4B0YDiE/9aviGOKmksOzhjV5xnWUWUhZDhvfGW
1k6+M5jPA0gllkTmk1aYpzG52HXmXEVYWxC017EGOLPefmMxU/blQ00tP1oi6lVs
VEHQlTG546rjTPZq6KwSmaGdafU5qxGiQczRNgkgO9wD320JLQl1zXYLCkHP/Tki
9d7rDNLTSINGRYeIoT6Yc/+/jV7cqxQvrtCe2bszKp2MIPUEEDGB8k7U4CFo6Zjc
VpcxX3x5IgNCy3WOPat4QE9A3/6i8aPImwZAHL0g7erhAJN+SYPoAiAB2bGEDLol
lZ7UrQpFqi/6F5JYAblXMMZnFCkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTl4LSI
hhXgI3F43mMiE2kJ09fEVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQ5ZTIzZGUtNmZjOS00MTJiLTlkMjMtNGYwODMwZDlmYTdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQI
MA0GCSqGSIb3DQEBCwUAA4IBAQBGxcb4NH6iMh0MmKJevU8H4JgP1eielT1h+rlM
ZdCTQgypXot8c4OBCFbt8y9IkShWFOkJ3waTciLSxhP3GtHcRsLLk4Gh7cn0R2na
cPNHgfbBptgCARylBJC0NYpnr2yA9+1h0AbN9KBpipdT4vKtZysbXLO7D3lDzmQQ
uBSJmct3mSOmRRe8G9LoaQBcXB6IVqNiJr1rYWmO1ZwtFpLpPf78MNx6eykRkDjx
agqqsv3qJZGDKTPKJqX+xo4+4pqHvFLOXEBYEDp3bbVgQSQM/HndV+cXFvdkYRmb
ohSOlfuJEFPRXuaEA0kEh15uHzvFmcqWe5TTRl1uoQW8mEko
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:33 2025 by rpki-client