Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5f344a4-fbcf-4285-a32d-8dce04a2290e.roa
File: a5f344a4-fbcf-4285-a32d-8dce04a2290e.roa (raw, json)
Hash identifier: TddK1abtM22IFqqRYHaBcE8rQFi222E25OrsXtT5LMc=
Subject key identifier: EF:59:56:1B:B8:9F:77:C1:60:C7:BF:EB:A3:68:3B:6B:00:7F:9D:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67FDA0586CD57E7C582FE2FA3193E577AFC56D4D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5f344a4-fbcf-4285-a32d-8dce04a2290e.roa
Signing time: Wed 30 Jul 2025 20:07:22 +0000
ROA not before: Wed 30 Jul 2025 20:07:22 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:fd:a0:58:6c:d5:7e:7c:58:2f:e2:fa:31:93:e5:77:af:c5:6d:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:07:22 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=4ae86c290aaaf9ffbaf2a9095ad7a313805c7a0ba440b95c00e3d34703074573, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c0:41:2d:12:7d:ec:e6:98:0e:ae:64:4d:d8:
11:97:11:cb:db:81:8d:c1:3d:e3:3f:a6:60:5e:ae:
d8:40:7d:ef:64:a7:55:7d:b1:95:a5:84:13:08:25:
69:23:23:ed:fa:8e:a4:3b:e2:59:81:bb:73:c8:13:
21:3b:d8:52:2e:4a:ee:cb:72:27:66:db:d8:f2:70:
6e:03:5e:f6:95:fb:f9:ac:95:6e:c5:1a:30:a6:93:
fb:3b:f0:e4:81:ff:f4:ea:35:4d:d4:dc:28:94:9a:
fb:b9:87:0f:c8:5d:5a:98:48:e9:05:ac:bc:dc:2d:
b2:60:c2:a5:ae:24:a5:c7:bc:98:30:2c:bb:e9:d3:
c1:9e:3f:10:b6:59:e7:cd:71:d8:67:4e:2b:eb:25:
70:83:9e:ec:04:4f:a6:e7:54:38:2c:62:03:6d:3a:
c1:03:42:c2:a8:6a:78:86:28:7a:68:ab:22:e2:46:
19:a8:e6:6e:34:3c:31:46:20:91:be:f8:ac:3d:c1:
fa:e2:93:28:df:6d:e1:7b:08:82:c3:f2:81:07:17:
71:11:00:32:80:94:a7:0e:37:6c:bb:3f:37:53:6c:
1c:19:97:0a:3b:e4:15:5f:84:b6:06:05:2d:ba:49:
26:67:56:a1:f1:2c:1c:bb:75:21:cf:e2:4d:ea:53:
f6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:59:56:1B:B8:9F:77:C1:60:C7:BF:EB:A3:68:3B:6B:00:7F:9D:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5f344a4-fbcf-4285-a32d-8dce04a2290e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:e000::/40
Signature Algorithm: sha256WithRSAEncryption
23:b5:5b:52:58:1a:c1:de:c1:27:30:70:8c:6e:40:72:97:4a:
75:5e:e3:40:75:1f:c5:cf:06:f4:76:58:1e:6b:c7:7f:3a:27:
48:aa:e5:30:bd:f5:9e:92:be:46:1c:99:1d:e4:73:14:24:d5:
9f:93:f2:2e:7a:2f:19:ac:af:fe:ad:8b:6e:a9:e9:49:08:ce:
41:3b:a9:ee:3e:b1:99:16:25:9b:ac:0c:ef:eb:3f:48:50:63:
40:df:ac:ea:69:f8:9d:82:f4:b9:96:f8:b8:0a:1a:92:74:5d:
0b:87:06:92:88:c1:1c:99:50:89:bb:54:ec:05:9e:d6:0a:e1:
31:44:a4:ce:42:da:2d:56:31:2e:fc:a0:f6:0f:84:6a:07:55:
57:b5:d4:3e:65:53:8a:9a:9a:ec:e0:36:c5:0a:26:a8:fe:69:
c4:df:af:ae:4d:40:3a:68:9f:18:da:8c:08:aa:97:47:2f:54:
01:0b:86:ac:f3:9d:c7:8e:1a:c8:fd:3c:31:aa:59:1d:fe:4b:
84:f9:42:80:31:13:45:5a:5c:59:07:74:f2:03:ab:6a:e9:ce:
08:14:94:27:b1:e9:2f:16:0b:3a:f1:98:78:af:c4:ad:83:f0:
18:e3:40:0c:92:7c:61:e2:0b:d0:43:5c:8d:25:00:3b:f7:74:
58:c2:37:99
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZ/2gWGzVfnxYL+L6MZPld6/FbU0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MzAyMDA3MjJaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhZTg2YzI5MGFhYWY5ZmZiYWYyYTkwOTVhZDdhMzEzODA1YzdhMGJhNDQw
Yjk1YzAwZTNkMzQ3MDMwNzQ1NzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKLAQS0SfezmmA6uZE3YEZcRy9uBjcE94z+mYF6u2EB972SnVX2xlaWEEwgl
aSMj7fqOpDviWYG7c8gTITvYUi5K7styJ2bb2PJwbgNe9pX7+ayVbsUaMKaT+zvw
5IH/9Oo1TdTcKJSa+7mHD8hdWphI6QWsvNwtsmDCpa4kpce8mDAsu+nTwZ4/ELZZ
581x2GdOK+slcIOe7ARPpudUOCxiA206wQNCwqhqeIYoemirIuJGGajmbjQ8MUYg
kb74rD3B+uKTKN9t4XsIgsPygQcXcREAMoCUpw43bLs/N1NsHBmXCjvkFV+EtgYF
LbpJJmdWofEsHLt1Ic/iTepT9rECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTvWVYb
uJ93wWDHv+ujaDtrAH+dAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTVmMzQ0YTQtZmJjZi00Mjg1LWEzMmQtOGRjZTA0YTIyOTBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DXg
MA0GCSqGSIb3DQEBCwUAA4IBAQAjtVtSWBrB3sEnMHCMbkByl0p1XuNAdR/Fzwb0
dlgea8d/OidIquUwvfWekr5GHJkd5HMUJNWfk/Iuei8ZrK/+rYtuqelJCM5BO6nu
PrGZFiWbrAzv6z9IUGNA36zqafidgvS5lvi4ChqSdF0LhwaSiMEcmVCJu1TsBZ7W
CuExRKTOQtotVjEu/KD2D4RqB1VXtdQ+ZVOKmprs4DbFCiao/mnE36+uTUA6aJ8Y
2owIqpdHL1QBC4as853HjhrI/Twxqlkd/kuE+UKAMRNFWlxZB3TyA6tq6c4IFJQn
sekvFgs68Zh4r8Stg/AY40AMknxh4gvQQ1yNJQA793RYwjeZ
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:52 2025 by rpki-client