Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a74aaa95-252d-4e97-92fa-1c779bc72adc.roa
File: a74aaa95-252d-4e97-92fa-1c779bc72adc.roa (raw, json)
Hash identifier: CZkijyEdQzP5XH+GQE4E4m/v7j+WBLz92GledCtoJ1s=
Subject key identifier: B6:62:B8:6C:85:71:34:8B:F0:65:34:55:50:DB:2C:2F:06:38:D2:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4999ABCFAE469CB706DBA37A44EAB26EF568B67A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a74aaa95-252d-4e97-92fa-1c779bc72adc.roa
Signing time: Mon 21 Jul 2025 16:40:47 +0000
ROA not before: Mon 21 Jul 2025 16:40:47 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:8080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:99:ab:cf:ae:46:9c:b7:06:db:a3:7a:44:ea:b2:6e:f5:68:b6:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:40:47 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=afd17acce953501117d3d431da161be9ea54bb42688bb3eec350860daf7c8789, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:8f:fb:69:7a:f2:f1:87:b2:a5:92:16:e6:2e:
6c:f3:89:22:6f:2d:cc:1e:b1:7c:d5:68:4d:32:01:
c3:0c:35:83:1e:9d:81:3c:8b:8c:59:57:07:f8:9d:
8e:28:d9:b4:e6:01:80:4b:5d:d4:6f:21:07:df:b5:
ae:a7:e8:ee:2c:d1:ea:ef:57:c0:bf:8e:ff:9e:6e:
2f:9d:df:29:e6:bf:62:e1:5a:e1:30:4f:6b:4f:25:
7f:27:05:0f:b5:16:b9:d5:43:8d:0f:17:d3:0b:bb:
b8:9d:f2:9f:54:53:c8:b6:0e:51:20:7d:56:0c:9c:
8b:b9:d0:b1:71:0a:1d:77:d0:e8:0d:03:c5:8c:69:
96:db:ef:06:0a:14:8f:84:a3:52:19:5f:07:46:23:
c7:fa:a3:5d:b4:ce:3e:68:8f:02:7e:3d:43:b0:02:
3c:b8:8b:03:2e:35:2a:73:22:1f:af:b7:c9:7c:fa:
6b:3a:db:21:6f:2f:6d:8e:f1:88:06:21:50:91:18:
ca:a5:87:25:16:1b:b7:cc:f1:09:09:db:36:5c:3e:
22:43:3b:70:08:48:b5:e0:4f:83:49:70:b8:ee:51:
36:bd:5c:d3:5e:66:46:56:1a:3d:ba:c0:c5:b1:89:
b3:f2:60:47:42:26:33:5e:99:ea:20:b6:61:79:51:
c2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:62:B8:6C:85:71:34:8B:F0:65:34:55:50:DB:2C:2F:06:38:D2:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a74aaa95-252d-4e97-92fa-1c779bc72adc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:8080::/46
Signature Algorithm: sha256WithRSAEncryption
41:89:35:01:4f:16:3b:cd:d2:75:a5:1d:26:64:50:49:4d:dc:
c8:78:ef:27:7e:a6:87:42:dd:4f:78:11:0a:ab:26:a1:54:73:
f3:23:4a:0b:49:42:93:e6:29:18:57:2b:93:e9:21:00:98:05:
3f:27:e6:35:c2:22:0e:c5:af:52:05:4a:57:1e:6a:d1:bd:28:
bb:e5:42:ab:d1:ef:e3:48:03:01:ff:46:bc:01:a0:fe:00:09:
63:c7:1a:8f:aa:37:16:74:4d:d0:4c:12:34:1d:ca:e9:7b:b9:
b6:be:ef:e6:d9:e1:d9:30:46:ef:cc:25:f4:c8:c8:35:73:94:
1d:e8:65:77:15:69:45:39:98:a9:ef:ae:4e:56:87:9c:e9:d1:
e0:b2:ae:67:0a:44:67:60:16:c7:2c:45:ff:f9:27:db:a1:e8:
b4:75:c4:ac:4e:66:20:76:f0:6b:59:b1:a5:87:76:e7:b7:ac:
38:c7:e6:41:a7:e4:fd:0e:87:fa:53:48:2e:4a:d3:8b:7f:d9:
26:b6:14:1f:03:c4:cd:53:cf:f4:1d:a2:d7:30:7f:7e:39:d3:
89:12:19:21:82:ab:0a:19:e1:51:78:f7:a4:e5:92:87:f2:db:
fb:33:a4:f8:2d:05:a5:7b:02:00:ad:06:96:a3:c1:b6:d0:2f:
04:6e:4c:43
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSZmrz65GnLcG26N6ROqybvVotnowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjQwNDdaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmZDE3YWNjZTk1MzUwMTExN2QzZDQzMWRhMTYxYmU5ZWE1NGJiNDI2ODhi
YjNlZWMzNTA4NjBkYWY3Yzg3ODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANeP+2l68vGHsqWSFuYubPOJIm8tzB6xfNVoTTIBwww1gx6dgTyLjFlXB/id
jijZtOYBgEtd1G8hB9+1rqfo7izR6u9XwL+O/55uL53fKea/YuFa4TBPa08lfycF
D7UWudVDjQ8X0wu7uJ3yn1RTyLYOUSB9Vgyci7nQsXEKHXfQ6A0DxYxpltvvBgoU
j4SjUhlfB0Yjx/qjXbTOPmiPAn49Q7ACPLiLAy41KnMiH6+3yXz6azrbIW8vbY7x
iAYhUJEYyqWHJRYbt8zxCQnbNlw+IkM7cAhIteBPg0lwuO5RNr1c015mRlYaPbrA
xbGJs/JgR0ImM16Z6iC2YXlRwrcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS2Yrhs
hXE0i/BlNFVQ2ywvBjjSSzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc0YWFhOTUtMjUyZC00ZTk3LTkyZmEtMWM3NzliYzcyYWRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOA
gDANBgkqhkiG9w0BAQsFAAOCAQEAQYk1AU8WO83SdaUdJmRQSU3cyHjvJ36mh0Ld
T3gRCqsmoVRz8yNKC0lCk+YpGFcrk+khAJgFPyfmNcIiDsWvUgVKVx5q0b0ou+VC
q9Hv40gDAf9GvAGg/gAJY8caj6o3FnRN0EwSNB3K6Xu5tr7v5tnh2TBG78wl9MjI
NXOUHehldxVpRTmYqe+uTlaHnOnR4LKuZwpEZ2AWxyxF//kn26HotHXErE5mIHbw
a1mxpYd257esOMfmQafk/Q6H+lNILkrTi3/ZJrYUHwPEzVPP9B2i1zB/fjnTiRIZ
IYKrChnhUXj3pOWSh/Lb+zOk+C0FpXsCAK0GlqPBttAvBG5MQw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:47 2025 by rpki-client