Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
File: b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa (raw, json)
Hash identifier: KmSy59SXrSpSEeuqnvuXWWoAqOX50ERmQArc1EAMimo=
Subject key identifier: 26:7D:6F:31:C5:28:98:CD:A1:2F:AD:2A:92:84:52:A2:01:99:96:98
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4EC53C17634057298AEABEB23004F45CB2EF6E8E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
Signing time: Tue 29 Jul 2025 18:30:12 +0000
ROA not before: Tue 29 Jul 2025 18:30:12 +0000
ROA not after: Tue 02 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:c5:3c:17:63:40:57:29:8a:ea:be:b2:30:04:f4:5c:b2:ef:6e:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 29 18:30:12 2025 GMT
Not After : Sep 2 23:59:59 2025 GMT
Subject: serialNumber=d06ae813cf529d1499a5af52e2ce104709fef4178adef978f60f99129c6670cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:67:d7:55:77:79:46:37:a5:01:f8:85:36:e8:
63:5f:0c:37:c4:e3:1b:39:43:24:0f:72:53:05:c7:
66:6b:56:cb:1f:c3:b4:d4:d4:da:ae:7b:0b:60:8f:
f4:3b:b7:19:16:e2:f3:05:5f:56:b5:74:26:15:23:
a2:db:d2:1e:b5:5d:52:28:5d:bb:61:76:61:fc:38:
ac:fe:43:bd:79:9e:5c:50:44:b3:7d:b5:87:3b:b3:
9d:0b:f1:5c:c1:bc:09:23:13:f5:fd:51:b2:2f:29:
5f:67:53:2f:b1:4d:08:14:76:21:db:9d:ac:da:cf:
83:94:90:2f:17:9f:eb:55:0e:79:2c:2d:4c:66:20:
c5:27:93:77:c8:3e:8c:62:bd:65:b6:43:d3:eb:fc:
9b:63:78:00:56:c8:5d:c4:ae:87:6e:7a:d9:89:db:
a0:30:4e:8a:56:43:aa:4e:c1:08:04:27:8a:1e:03:
28:0d:b4:5e:9b:78:ac:94:3a:fd:ca:c5:b0:cd:b5:
c5:c7:28:8c:c5:a1:94:8d:54:7e:f2:1b:8f:b8:d8:
1f:01:b0:8d:bc:df:b5:2c:dd:85:b0:66:2a:1e:2c:
39:5e:17:a1:3e:b5:fd:80:fc:b2:dc:6d:34:be:04:
ff:ee:2a:61:c2:ed:38:f8:59:db:0c:cc:bb:1b:0b:
90:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:7D:6F:31:C5:28:98:CD:A1:2F:AD:2A:92:84:52:A2:01:99:96:98
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
0d:9a:93:31:59:9e:b6:37:28:fd:5d:db:1d:db:5c:6c:e6:db:
fa:c8:4d:8f:6d:3d:77:f7:a3:3e:ce:42:60:81:8a:a4:cb:21:
2d:00:30:b6:21:68:a1:3c:0b:83:41:92:e2:11:61:21:e4:7d:
a6:6e:3b:9f:42:7c:73:77:d5:7b:51:62:b1:75:3b:47:e2:b8:
a2:94:e3:5d:b7:79:fc:6d:50:04:10:a9:e3:93:8a:68:f9:e1:
76:08:ae:e3:87:b1:49:77:09:98:c4:d8:54:18:1a:62:9d:ec:
e2:30:37:95:c0:78:4a:9c:52:5c:0c:da:86:7b:7e:ae:ec:da:
18:4a:6c:c1:c3:cf:76:eb:b3:e0:c9:4f:43:6a:26:76:d1:f4:
1b:d0:6e:15:61:d5:e2:a6:4b:f1:c0:2b:b4:98:b3:b6:24:69:
88:24:03:b1:b7:31:38:93:2d:3b:13:14:26:57:fd:96:a3:f8:
03:bd:01:6d:07:cc:1d:8c:7c:66:e7:09:83:12:ae:ce:95:11:
7d:c9:47:e6:c7:a7:a2:fe:95:c3:71:fb:d5:f7:68:bd:9e:61:
bc:39:e8:9f:fd:eb:76:f4:ef:ce:bb:02:57:e5:ff:95:e0:af:
ca:cd:0b:fc:8c:56:55:58:cb:2e:7a:11:ef:5c:65:a2:5a:0e:
1b:82:5d:3a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTsU8F2NAVymK6r6yMAT0XLLvbo4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjkxODMwMTJaFw0yNTA5MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwNmFlODEzY2Y1MjlkMTQ5OWE1YWY1MmUyY2UxMDQ3MDlmZWY0MTc4YWRl
Zjk3OGY2MGY5OTEyOWM2NjcwY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBn11V3eUY3pQH4hTboY18MN8TjGzlDJA9yUwXHZmtWyx/DtNTU2q57C2CP
9Du3GRbi8wVfVrV0JhUjotvSHrVdUihdu2F2Yfw4rP5DvXmeXFBEs321hzuznQvx
XMG8CSMT9f1Rsi8pX2dTL7FNCBR2IdudrNrPg5SQLxef61UOeSwtTGYgxSeTd8g+
jGK9ZbZD0+v8m2N4AFbIXcSuh2562YnboDBOilZDqk7BCAQnih4DKA20Xpt4rJQ6
/crFsM21xccojMWhlI1UfvIbj7jYHwGwjbzftSzdhbBmKh4sOV4XoT61/YD8stxt
NL4E/+4qYcLtOPhZ2wzMuxsLkJMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQmfW8x
xSiYzaEvrSqShFKiAZmWmDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjYxZjg1OGEtMzFiMS00ODVhLThjZWQtMGMzMjhjZTljNGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9A
MA0GCSqGSIb3DQEBCwUAA4IBAQANmpMxWZ62Nyj9Xdsd21xs5tv6yE2PbT1396M+
zkJggYqkyyEtADC2IWihPAuDQZLiEWEh5H2mbjufQnxzd9V7UWKxdTtH4riilONd
t3n8bVAEEKnjk4po+eF2CK7jh7FJdwmYxNhUGBpineziMDeVwHhKnFJcDNqGe36u
7NoYSmzBw89267PgyU9DaiZ20fQb0G4VYdXipkvxwCu0mLO2JGmIJAOxtzE4ky07
ExQmV/2Wo/gDvQFtB8wdjHxm5wmDEq7OlRF9yUfmx6ei/pXDcfvV92i9nmG8Oeif
/et29O/OuwJX5f+V4K/KzQv8jFZVWMsuehHvXGWiWg4bgl06
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:58:59 2025 by rpki-client