Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
File: ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa (raw, json)
Hash identifier: Tra6GbARR8BAIsac6Cuxi5p6GiK7gAgFG7a3Kq50x5s=
Subject key identifier: E9:F7:3D:C0:39:0B:93:47:3D:C2:CB:40:D6:CA:8E:02:CB:6B:83:72
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 247115AFBE29135741E6EA39C05B3366C55E9B00
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
Signing time: Mon 28 Jul 2025 16:11:13 +0000
ROA not before: Mon 28 Jul 2025 16:11:13 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:71:15:af:be:29:13:57:41:e6:ea:39:c0:5b:33:66:c5:5e:9b:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:11:13 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=d4319e7b713161bea302989205ab60af89b2ee9a73f02d583674d441df07e0af, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9f:00:58:84:5b:ce:86:0f:53:38:17:94:b0:
a8:87:5a:62:0a:2c:c0:9a:66:ea:8c:6d:d0:9a:15:
fd:aa:60:f7:a0:86:ec:d4:94:75:fd:56:89:51:03:
80:9c:46:55:7e:95:24:14:f9:18:f5:2c:ac:4e:98:
2b:10:a8:8c:e3:41:d1:08:0b:a3:b4:0b:53:04:5d:
11:da:6a:b8:2f:65:d7:3c:3f:52:a6:74:41:dc:4b:
aa:17:c3:71:f9:1e:64:9b:6d:a2:82:3b:8a:db:e5:
e8:34:46:08:cb:b8:eb:ef:3a:8e:f4:2f:a6:90:73:
a6:c4:b7:bf:65:50:86:0d:8e:a1:df:04:1b:2f:07:
82:4c:7c:cf:0a:96:b6:c2:6a:b8:0e:fb:32:84:3b:
92:d6:31:15:b2:d6:36:e4:94:98:44:7a:cb:ae:54:
83:8a:80:ec:49:26:37:28:2f:f5:f3:db:22:8e:f3:
3a:5b:2b:1f:a6:f6:96:15:7c:f6:85:4b:93:2f:aa:
a6:25:f3:bd:fb:11:e8:b4:d8:02:6f:e4:d7:7c:a7:
6c:f9:45:ae:7b:bd:b8:ed:dd:2e:98:f7:eb:a8:18:
2e:fa:a5:a3:cd:0a:19:fd:ac:70:63:7e:62:6f:55:
64:82:d5:48:59:6a:d2:e2:db:7b:6d:87:7b:eb:21:
21:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F7:3D:C0:39:0B:93:47:3D:C2:CB:40:D6:CA:8E:02:CB:6B:83:72
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8000::/40
Signature Algorithm: sha256WithRSAEncryption
30:d1:44:a5:83:fe:64:c3:cd:74:1c:75:6e:d6:ff:16:af:41:
22:c7:8b:61:4f:f6:b9:00:ce:c4:f9:e9:77:38:12:e5:08:d2:
50:c9:10:50:c9:21:d4:aa:13:28:f1:50:c9:be:fc:e5:b6:78:
8a:db:e3:39:70:80:00:e9:4a:ba:2c:78:ea:30:e1:ee:b0:89:
3d:70:97:7d:97:88:bf:a6:01:d7:22:31:56:fe:ff:4b:0d:fe:
75:c7:18:0a:4f:be:27:df:27:11:92:6a:cd:56:f2:5e:46:2a:
ad:a1:23:91:8d:39:c7:ff:3f:ce:be:4a:b3:f6:f8:24:3d:ad:
36:3b:c3:89:3c:f4:50:fc:5e:d7:23:58:23:c4:10:25:a8:ca:
58:52:a5:70:f0:1c:48:77:fa:e4:03:6d:84:98:da:8f:2e:32:
8c:b2:d3:db:63:6f:fc:fe:02:99:bd:7c:4b:fb:26:98:b7:63:
ca:be:0a:94:87:be:f5:76:93:d0:9b:76:b0:00:7d:55:90:f0:
0e:7c:18:09:9a:2c:33:75:18:26:10:81:3c:16:99:49:98:69:
62:a7:5d:50:46:47:47:18:67:35:58:48:10:54:4c:91:4b:57:
b3:c6:cb:bc:bd:53:26:b5:8e:cb:12:cf:8c:07:0b:4c:e3:9e:
cf:64:2c:d2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJHEVr74pE1dB5uo5wFszZsVemwAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjExMTNaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0MzE5ZTdiNzEzMTYxYmVhMzAyOTg5MjA1YWI2MGFmODliMmVlOWE3M2Yw
MmQ1ODM2NzRkNDQxZGYwN2UwYWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALefAFiEW86GD1M4F5SwqIdaYgoswJpm6oxt0JoV/apg96CG7NSUdf1WiVED
gJxGVX6VJBT5GPUsrE6YKxCojONB0QgLo7QLUwRdEdpquC9l1zw/UqZ0QdxLqhfD
cfkeZJttooI7itvl6DRGCMu46+86jvQvppBzpsS3v2VQhg2Ood8EGy8Hgkx8zwqW
tsJquA77MoQ7ktYxFbLWNuSUmER6y65Ug4qA7EkmNygv9fPbIo7zOlsrH6b2lhV8
9oVLky+qpiXzvfsR6LTYAm/k13ynbPlFrnu9uO3dLpj366gYLvqlo80KGf2scGN+
Ym9VZILVSFlq0uLbe22He+shITMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTp9z3A
OQuTRz3Cy0DWyo4Cy2uDcjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWM3ZDE2NTMtMmZhMy00ODE3LThlMDAtODdlNmMzZjJhOWMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSA
MA0GCSqGSIb3DQEBCwUAA4IBAQAw0USlg/5kw810HHVu1v8Wr0Eix4thT/a5AM7E
+el3OBLlCNJQyRBQySHUqhMo8VDJvvzltniK2+M5cIAA6Uq6LHjqMOHusIk9cJd9
l4i/pgHXIjFW/v9LDf51xxgKT74n3ycRkmrNVvJeRiqtoSORjTnH/z/Ovkqz9vgk
Pa02O8OJPPRQ/F7XI1gjxBAlqMpYUqVw8BxId/rkA22EmNqPLjKMstPbY2/8/gKZ
vXxL+yaYt2PKvgqUh771dpPQm3awAH1VkPAOfBgJmiwzdRgmEIE8FplJmGlip11Q
RkdHGGc1WEgQVEyRS1ezxsu8vVMmtY7LEs+MBwtM457PZCzS
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:53 2025 by rpki-client