Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd75b960-96a2-4735-8f78-a99099ccb684.roa
File: bd75b960-96a2-4735-8f78-a99099ccb684.roa (raw, json)
Hash identifier: krtrzFlqY74oKdiJRqCMd/bdQjE8I8H3xAg48+iWYko=
Subject key identifier: 75:14:38:18:0A:28:E4:6B:C3:00:4A:00:F4:4A:C6:B9:EB:31:3C:42
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77741E2D6B4FCE0B8C2AFD226B70A27DF91AF134
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd75b960-96a2-4735-8f78-a99099ccb684.roa
Signing time: Mon 21 Jul 2025 16:51:36 +0000
ROA not before: Mon 21 Jul 2025 16:51:36 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:74:1e:2d:6b:4f:ce:0b:8c:2a:fd:22:6b:70:a2:7d:f9:1a:f1:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:51:36 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=8477655f9f0b2fcbf5fd221429e058acc44816ef186e7e31ec3e4eb491db0702, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4a:94:fb:c7:68:52:0a:3d:a6:0b:3b:6f:34:
8f:8b:9e:da:84:8a:68:5a:2c:b1:dd:a6:2a:36:20:
b5:05:88:12:33:e7:d0:13:16:67:d4:7d:75:89:be:
85:2a:58:7f:87:f7:01:ef:f8:da:30:54:4a:34:2b:
6c:49:7e:32:17:98:31:24:7c:df:fa:0f:c0:ed:bf:
61:4c:59:52:7e:f2:78:89:b2:42:b0:d3:21:43:c5:
49:42:35:c6:b3:8e:fc:63:50:f1:af:62:86:88:ca:
10:db:5f:2c:35:2e:7c:b0:bf:76:fe:bc:0b:fb:f8:
24:c8:31:23:b2:3f:aa:5a:7e:0a:cf:dc:e1:74:2a:
68:b7:c6:67:30:37:45:d5:05:65:ea:70:dd:33:a5:
f9:67:9c:36:16:97:47:1c:d6:03:d8:40:b5:91:cb:
56:6c:ff:ac:e8:bd:34:92:9d:8c:09:35:0e:41:8a:
31:b6:f4:e1:9d:58:37:f1:62:e7:6a:d6:f9:38:c5:
53:cf:3c:55:84:c2:8a:4c:a7:a5:89:ac:5b:a1:af:
82:f3:63:2a:8b:6a:80:94:c4:c4:df:95:f6:12:f2:
48:04:ec:43:18:76:1e:35:dd:34:a2:38:a5:d8:74:
50:8a:0a:75:42:9b:1e:2b:4e:f2:90:95:45:45:b8:
8e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:14:38:18:0A:28:E4:6B:C3:00:4A:00:F4:4A:C6:B9:EB:31:3C:42
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd75b960-96a2-4735-8f78-a99099ccb684.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:1000::/40
Signature Algorithm: sha256WithRSAEncryption
3f:1e:b3:c3:f4:e8:bf:26:ba:5b:f3:18:9b:4b:4f:9d:c3:a2:
90:b2:c0:b2:b0:d8:6b:c7:e5:0e:d6:0f:79:43:6c:ab:ad:93:
6f:79:b8:5f:34:0e:25:85:b0:cc:63:20:35:3d:4d:bb:cb:6d:
46:1b:bb:5c:4d:3d:af:d2:e9:a4:14:f2:fe:06:42:a8:05:b9:
5d:1f:dc:8e:8f:6c:5d:e3:43:a4:ac:0d:85:93:3f:e8:a5:73:
32:23:44:10:54:c6:5d:15:02:4a:e9:d1:0e:76:f7:c6:bf:8f:
8c:0d:ef:bc:20:2e:a4:0c:78:66:d5:62:6b:8a:51:d9:30:5c:
4d:a8:e8:68:3b:04:58:c0:f9:22:df:e7:30:87:fa:45:25:47:
a5:ab:d8:42:ca:90:29:98:f0:83:c3:53:20:af:e3:f1:86:56:
5a:a2:84:82:24:9f:91:0b:ad:c7:78:18:b1:7f:19:f1:ad:a5:
92:49:4c:c2:92:95:81:b6:7e:55:7a:5e:48:cf:c2:aa:75:fc:
39:1c:34:93:a5:b4:4a:b5:e4:e6:14:f9:0f:ac:70:78:dc:9e:
3d:cf:18:b6:65:6a:e5:d6:af:bb:6a:8f:c0:8d:1c:d0:99:c1:
c4:2c:e4:39:3e:ce:f0:de:21:c6:d6:95:b5:86:e1:16:42:b8:
e6:bd:7c:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd3QeLWtPzguMKv0ia3Ciffka8TQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjUxMzZaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0Nzc2NTVmOWYwYjJmY2JmNWZkMjIxNDI5ZTA1OGFjYzQ0ODE2ZWYxODZl
N2UzMWVjM2U0ZWI0OTFkYjA3MDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpKlPvHaFIKPaYLO280j4ue2oSKaFossd2mKjYgtQWIEjPn0BMWZ9R9dYm+
hSpYf4f3Ae/42jBUSjQrbEl+MheYMSR83/oPwO2/YUxZUn7yeImyQrDTIUPFSUI1
xrOO/GNQ8a9ihojKENtfLDUufLC/dv68C/v4JMgxI7I/qlp+Cs/c4XQqaLfGZzA3
RdUFZepw3TOl+WecNhaXRxzWA9hAtZHLVmz/rOi9NJKdjAk1DkGKMbb04Z1YN/Fi
52rW+TjFU888VYTCikynpYmsW6GvgvNjKotqgJTExN+V9hLySATsQxh2HjXdNKI4
pdh0UIoKdUKbHitO8pCVRUW4jokCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR1FDgY
Cijka8MASgD0Ssa56zE8QjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmQ3NWI5NjAtOTZhMi00NzM1LThmNzgtYTk5MDk5Y2NiNjg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HMQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA/HrPD9Oi/Jrpb8xibS0+dw6KQssCysNhrx+UO
1g95Q2yrrZNvebhfNA4lhbDMYyA1PU27y21GG7tcTT2v0umkFPL+BkKoBbldH9yO
j2xd40OkrA2Fkz/opXMyI0QQVMZdFQJK6dEOdvfGv4+MDe+8IC6kDHhm1WJrilHZ
MFxNqOhoOwRYwPki3+cwh/pFJUelq9hCypApmPCDw1Mgr+PxhlZaooSCJJ+RC63H
eBixfxnxraWSSUzCkpWBtn5Vel5Iz8Kqdfw5HDSTpbRKteTmFPkPrHB43J49zxi2
ZWrl1q+7ao/AjRzQmcHELOQ5Ps7w3iHG1pW1huEWQrjmvXx0
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:21:48 2025 by rpki-client