Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7f51085-242e-4975-929d-5a48b9aa7650.roa
File: b7f51085-242e-4975-929d-5a48b9aa7650.roa (raw, json)
Hash identifier: +5J46TiBpqaPx5xZZzA1lNxaWRk3yyuNZrVqFinh1eQ=
Subject key identifier: B3:3E:04:94:0A:D9:98:91:F2:EF:28:3C:4D:AB:8F:FA:0F:71:C4:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4AD7DF1F410B985FA658554D37D8DE7EA5CD8D7D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7f51085-242e-4975-929d-5a48b9aa7650.roa
Signing time: Wed 30 Jul 2025 20:07:26 +0000
ROA not before: Wed 30 Jul 2025 20:07:26 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:d7:df:1f:41:0b:98:5f:a6:58:55:4d:37:d8:de:7e:a5:cd:8d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:07:26 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=61ec1aeccbdaee010da7ccf69b73f2243900fe48cab7a53e126eab418601bbd5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ec:83:95:a2:20:5d:ea:91:d3:4f:98:cd:30:
04:35:a5:9f:65:f1:45:59:23:38:d2:7a:13:97:dc:
0c:76:45:70:bc:0e:8e:af:4b:12:30:3d:26:5e:f5:
9c:97:ae:08:46:68:02:f4:b5:56:b7:a0:28:a9:91:
d0:29:a9:73:29:4f:74:c5:4f:b9:6f:d7:d8:d6:f8:
59:c7:5e:95:84:ae:5c:ae:88:82:8e:fa:8d:e8:4e:
a9:e7:5e:3b:a3:b9:93:ed:b0:dd:14:0c:d5:aa:89:
0c:d1:6b:bc:13:a8:82:48:4b:1d:2b:44:b1:b3:fb:
d4:7d:74:90:85:bb:c9:e0:28:a1:3d:06:5f:8e:56:
b3:bc:0b:c4:8d:71:1a:ba:77:9b:21:b4:01:df:cf:
c8:bb:25:76:f5:8c:5c:0d:eb:a4:a4:99:4d:dc:bd:
f1:43:7b:8e:72:40:3e:4a:bc:a1:db:6d:7e:93:62:
13:8f:d8:00:ee:86:23:df:d5:c2:5e:91:35:cc:a8:
21:70:43:2a:c5:e0:36:f6:f5:6c:22:89:73:40:90:
17:b3:69:d3:76:80:12:21:2e:40:c0:25:72:7c:0e:
d2:7b:4a:ac:c8:51:51:fb:42:f2:37:90:32:c7:2c:
3d:c9:4e:b2:0f:a5:fb:de:9a:29:04:46:ce:c9:b1:
1d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3E:04:94:0A:D9:98:91:F2:EF:28:3C:4D:AB:8F:FA:0F:71:C4:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7f51085-242e-4975-929d-5a48b9aa7650.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:5000::/40
Signature Algorithm: sha256WithRSAEncryption
25:38:60:a1:14:57:ec:d5:08:0a:35:ef:b3:5e:50:96:0c:cb:
54:eb:9c:40:c8:57:2b:99:36:3d:fb:07:2b:95:73:85:bc:4c:
d6:4a:94:68:84:19:32:e1:1a:19:92:e4:c1:07:2c:a5:53:33:
c5:a8:b0:68:a9:cc:6a:06:eb:f6:11:4c:cf:cc:77:18:04:61:
af:f8:9f:9f:a4:34:c6:05:01:e3:9e:9b:b1:95:35:20:08:a0:
cc:1b:51:a2:5d:1c:d2:96:fe:21:26:eb:31:d4:7f:06:78:ca:
e4:e9:75:db:15:83:65:d3:cb:15:c1:2e:16:87:98:a9:36:1f:
78:bd:75:9c:7d:a6:b6:9c:a8:ff:ca:83:d2:f6:8e:b6:a7:df:
1f:fd:b7:c2:37:52:02:65:cf:5d:22:46:11:d6:5d:4b:c3:3d:
33:1d:86:32:ce:d7:cf:64:7c:00:1f:1f:11:ac:95:86:f6:be:
4f:a1:d2:a5:26:25:b4:af:69:fe:cc:ac:91:d9:4e:a5:ad:58:
7f:f9:06:50:f4:bc:cd:66:82:fe:02:19:3a:39:2a:ce:b9:fc:
29:d1:a6:9c:74:69:c6:ac:67:d6:fd:7d:6d:54:f5:fa:5c:d3:
09:9b:ba:41:93:4f:5e:b4:f0:08:41:f5:48:8c:e0:f3:4f:2d:
9a:b8:6d:18
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUStffH0ELmF+mWFVNN9jefqXNjX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MzAyMDA3MjZaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxZWMxYWVjY2JkYWVlMDEwZGE3Y2NmNjliNzNmMjI0MzkwMGZlNDhjYWI3
YTUzZTEyNmVhYjQxODYwMWJiZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3sg5WiIF3qkdNPmM0wBDWln2XxRVkjONJ6E5fcDHZFcLwOjq9LEjA9Jl71
nJeuCEZoAvS1VregKKmR0CmpcylPdMVPuW/X2Nb4WcdelYSuXK6Igo76jehOqede
O6O5k+2w3RQM1aqJDNFrvBOogkhLHStEsbP71H10kIW7yeAooT0GX45Ws7wLxI1x
Grp3myG0Ad/PyLsldvWMXA3rpKSZTdy98UN7jnJAPkq8odttfpNiE4/YAO6GI9/V
wl6RNcyoIXBDKsXgNvb1bCKJc0CQF7Np03aAEiEuQMAlcnwO0ntKrMhRUftC8jeQ
MscsPclOsg+l+96aKQRGzsmxHf8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSzPgSU
CtmYkfLvKDxNq4/6D3HEfzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjdmNTEwODUtMjQyZS00OTc1LTkyOWQtNWE0OGI5YWE3NjUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HtQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAlOGChFFfs1QgKNe+zXlCWDMtU65xAyFcrmTY9
+wcrlXOFvEzWSpRohBky4RoZkuTBByylUzPFqLBoqcxqBuv2EUzPzHcYBGGv+J+f
pDTGBQHjnpuxlTUgCKDMG1GiXRzSlv4hJusx1H8GeMrk6XXbFYNl08sVwS4Wh5ip
Nh94vXWcfaa2nKj/yoPS9o62p98f/bfCN1ICZc9dIkYR1l1Lwz0zHYYyztfPZHwA
Hx8RrJWG9r5PodKlJiW0r2n+zKyR2U6lrVh/+QZQ9LzNZoL+Ahk6OSrOufwp0aac
dGnGrGfW/X1tVPX6XNMJm7pBk09etPAIQfVIjODzTy2auG0Y
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:21:15 2025 by rpki-client