Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
File: b83c6ff3-492f-409c-86bf-cb90ca64f452.roa (raw, json)
Hash identifier: FG6juwOq5Lex3IwZtb2Rp3ebjl0lLUDkbohR03wjTrE=
Subject key identifier: 1E:D4:88:B2:DE:C9:18:B0:60:85:C2:1A:26:CD:1B:40:9D:E2:A4:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E65B5424FABE1BB1935C98CCFAA72FB07A4D0B7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
Signing time: Fri 25 Jul 2025 16:50:40 +0000
ROA not before: Fri 25 Jul 2025 16:50:40 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:65:b5:42:4f:ab:e1:bb:19:35:c9:8c:cf:aa:72:fb:07:a4:d0:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:50:40 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=c7320c8298b732f8a027e377cc72068d26540709380674a350ba4e2cc2b749ea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d8:dd:7a:72:9b:44:4a:8b:88:3a:1c:56:a3:
a4:c8:64:4d:69:aa:a2:8b:ca:39:7a:0b:26:ec:12:
fe:f3:dc:7a:11:8f:74:2e:51:62:e0:16:92:25:da:
24:e8:dc:ae:53:9e:1e:5b:fe:c2:eb:4f:20:1f:a1:
3e:bf:f5:8d:fd:aa:b4:2f:94:2e:d7:5e:64:0f:be:
66:31:ff:24:85:47:3b:9d:b5:11:27:61:ce:e0:4c:
7e:d9:5c:f2:f3:2b:27:5c:3f:14:dd:23:14:5c:4d:
9a:8a:3d:82:19:23:f1:db:90:54:c2:cb:6f:32:3c:
39:ce:fa:8d:0e:a6:55:af:bf:f4:21:4f:6f:a9:d4:
ce:4e:95:d7:e9:90:48:e2:d5:dc:6d:d2:bb:a2:7b:
65:2b:a7:5e:3a:5a:9d:e5:d7:1d:90:07:3f:66:de:
98:62:34:51:03:4c:41:d7:33:a5:a4:64:46:bb:c0:
1b:9c:f9:16:e8:52:a8:33:8d:c2:7b:80:ec:8c:46:
c8:d2:9b:97:3e:75:1f:50:c3:6a:d7:a7:0f:ae:4f:
74:34:86:39:07:7b:c0:c7:41:ce:6e:66:6f:22:14:
55:23:7d:e9:7d:69:c9:b7:6f:06:d9:da:f3:62:a2:
4d:37:5a:3d:7e:ee:f7:ac:49:81:b1:ea:f7:32:80:
a8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D4:88:B2:DE:C9:18:B0:60:85:C2:1A:26:CD:1B:40:9D:E2:A4:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:e000::/40
Signature Algorithm: sha256WithRSAEncryption
4b:09:69:af:fd:4a:89:c4:b6:08:47:f7:a7:01:cf:c3:5d:8d:
f4:1a:f4:3c:2c:6a:bf:a6:87:e0:aa:28:57:d9:ae:44:f8:b3:
6b:85:c4:dc:54:27:6d:ad:3c:8a:03:37:15:a5:30:12:65:3e:
ee:5b:91:38:e2:7d:6f:72:ff:f7:46:0c:0c:1d:b1:f5:fd:a1:
0a:c8:8a:f1:42:57:90:1c:b1:1b:fb:49:5d:a0:69:0d:79:fd:
a6:7e:06:4a:73:78:00:20:4d:97:82:62:26:a8:42:cd:6e:99:
b3:2e:1f:72:fe:57:14:2b:f0:a2:1c:9c:69:c0:4c:e3:52:6d:
ba:ad:e1:e5:c1:ec:60:e6:4a:f7:e1:f8:41:55:bc:85:d5:9c:
a7:19:8e:d4:7d:b1:26:51:5b:7f:c5:67:d1:2b:ec:e0:99:dd:
76:5a:b0:b1:44:5c:0e:36:fc:47:6a:48:20:45:4b:a4:9e:ab:
70:28:89:90:34:48:f9:90:38:e7:16:80:59:a2:f1:7d:f0:ea:
06:20:84:fc:19:fd:d0:f0:07:63:b1:10:83:9d:0e:90:03:a5:
0b:ee:c3:57:42:5e:2b:40:90:45:63:0c:fd:b1:bd:dd:82:42:
1c:21:12:34:40:1b:1e:78:f4:9a:7b:72:14:ad:52:28:d2:ad:
4f:17:3b:a0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfmW1Qk+r4bsZNcmMz6py+wek0LcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUwNDBaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3MzIwYzgyOThiNzMyZjhhMDI3ZTM3N2NjNzIwNjhkMjY1NDA3MDkzODA2
NzRhMzUwYmE0ZTJjYzJiNzQ5ZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHY3Xpym0RKi4g6HFajpMhkTWmqoovKOXoLJuwS/vPcehGPdC5RYuAWkiXa
JOjcrlOeHlv+wutPIB+hPr/1jf2qtC+ULtdeZA++ZjH/JIVHO521ESdhzuBMftlc
8vMrJ1w/FN0jFFxNmoo9ghkj8duQVMLLbzI8Oc76jQ6mVa+/9CFPb6nUzk6V1+mQ
SOLV3G3Su6J7ZSunXjpaneXXHZAHP2bemGI0UQNMQdczpaRkRrvAG5z5FuhSqDON
wnuA7IxGyNKblz51H1DDatenD65PdDSGOQd7wMdBzm5mbyIUVSN96X1pybdvBtna
82KiTTdaPX7u96xJgbHq9zKAqEMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQe1Iiy
3skYsGCFwhomzRtAneKkpjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjgzYzZmZjMtNDkyZi00MDljLTg2YmYtY2I5MGNhNjRmNDUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fng
MA0GCSqGSIb3DQEBCwUAA4IBAQBLCWmv/UqJxLYIR/enAc/DXY30GvQ8LGq/pofg
qihX2a5E+LNrhcTcVCdtrTyKAzcVpTASZT7uW5E44n1vcv/3RgwMHbH1/aEKyIrx
QleQHLEb+0ldoGkNef2mfgZKc3gAIE2XgmImqELNbpmzLh9y/lcUK/CiHJxpwEzj
Um26reHlwexg5kr34fhBVbyF1ZynGY7UfbEmUVt/xWfRK+zgmd12WrCxRFwONvxH
akggRUuknqtwKImQNEj5kDjnFoBZovF98OoGIIT8Gf3Q8AdjsRCDnQ6QA6UL7sNX
Ql4rQJBFYwz9sb3dgkIcIRI0QBseePSae3IUrVIo0q1PFzug
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:06 2025 by rpki-client