Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
File: c3736673-707b-4dfc-aca4-88dcbb52a94d.roa (raw, json)
Hash identifier: svp6ZFYGxNab4m9FYiBG0HKbyFQDjmP7d4GuKmphoSI=
Subject key identifier: 65:0B:D8:C9:FB:85:CB:4D:4D:E7:2E:BA:12:9C:84:03:C8:78:00:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 204A79F065F2945B6450FB84193D391BA199B088
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
Signing time: Fri 01 Aug 2025 17:11:03 +0000
ROA not before: Fri 01 Aug 2025 17:11:03 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:4a:79:f0:65:f2:94:5b:64:50:fb:84:19:3d:39:1b:a1:99:b0:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:11:03 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=020f5c496f8554ac38d8f57eb290711d0b4d9dfc370de5c38db8dee30460aea9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4a:5d:27:05:eb:5f:d3:24:39:77:09:07:18:
29:62:bf:7d:14:0e:23:03:0e:b0:44:7b:51:18:12:
c8:4c:e6:cb:f8:04:82:17:76:a8:d6:38:86:fa:81:
0b:38:13:4f:c7:16:b9:9d:81:73:56:cf:6a:2e:d9:
7b:67:92:30:41:eb:20:2b:cb:3c:83:32:4f:36:99:
66:ca:95:2a:de:fb:94:3f:33:c8:08:48:cd:60:c9:
85:97:cb:7e:24:69:52:82:53:83:7e:d6:80:94:1c:
89:e2:02:50:2d:29:f4:cb:72:6a:3d:0f:32:23:e3:
0d:4f:98:4c:c2:68:43:72:05:3e:91:eb:31:27:61:
73:c6:4c:d1:3e:31:89:e6:f5:e0:e6:f0:2a:7b:17:
ba:b9:1c:a2:34:03:1a:3d:d2:aa:67:cc:c8:24:ef:
12:66:44:62:4e:26:40:64:39:09:ef:7d:aa:75:8b:
58:60:53:c1:bd:ba:3d:b3:77:74:2a:6c:3b:69:79:
52:2d:c4:7c:70:b6:62:3e:1a:43:70:3e:4e:93:fb:
73:74:cd:f0:12:67:50:a0:58:76:02:2f:48:6a:dc:
fa:3d:d0:16:c2:85:28:f6:7b:cb:ab:76:8b:d3:20:
1e:09:a1:3e:e0:f8:84:e6:60:9a:34:51:78:5d:89:
e9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:0B:D8:C9:FB:85:CB:4D:4D:E7:2E:BA:12:9C:84:03:C8:78:00:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:800::/40
Signature Algorithm: sha256WithRSAEncryption
8f:95:cc:71:32:4e:7d:3f:1d:1f:49:1d:68:7a:6b:fc:62:54:
63:0c:f9:64:37:d1:e6:ff:03:5a:8f:92:71:89:52:73:a4:66:
45:5a:07:a2:d3:a2:ab:64:81:3a:2c:d2:b0:d3:00:99:75:a4:
ba:7f:6c:3a:f1:33:45:25:87:86:88:24:50:9e:27:06:26:5b:
0a:af:5d:d3:6b:09:f1:c6:df:e1:ea:6a:e2:74:9e:c9:a7:d0:
87:89:af:50:d8:ab:ac:22:82:69:e5:c4:e2:9c:5a:6f:38:9a:
85:e6:8f:79:34:2d:36:c6:3d:d1:3a:aa:61:31:bf:8e:7a:b9:
74:56:eb:72:a5:06:22:48:30:cb:21:9e:09:65:3d:99:84:f4:
54:5e:b3:b1:42:89:4c:73:29:9d:cc:e8:70:68:71:43:99:2c:
e9:37:30:10:57:67:7f:4b:86:19:95:15:07:f1:10:38:61:6e:
db:12:da:92:a1:da:56:69:71:08:54:5f:d0:3f:73:90:93:c0:
a9:46:5d:ae:21:5f:71:4c:dd:89:ca:8f:f9:53:c1:1b:a0:8f:
1a:cd:7b:56:36:eb:68:0f:8b:90:77:68:06:1e:8c:31:55:2e:
9b:c9:19:33:6a:c0:18:7d:fc:a7:25:10:eb:1a:8e:e5:c5:75:
69:56:26:1d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIEp58GXylFtkUPuEGT05G6GZsIgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzExMDNaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyMGY1YzQ5NmY4NTU0YWMzOGQ4ZjU3ZWIyOTA3MTFkMGI0ZDlkZmMzNzBk
ZTVjMzhkYjhkZWUzMDQ2MGFlYTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI5KXScF61/TJDl3CQcYKWK/fRQOIwMOsER7URgSyEzmy/gEghd2qNY4hvqB
CzgTT8cWuZ2Bc1bPai7Ze2eSMEHrICvLPIMyTzaZZsqVKt77lD8zyAhIzWDJhZfL
fiRpUoJTg37WgJQcieICUC0p9Mtyaj0PMiPjDU+YTMJoQ3IFPpHrMSdhc8ZM0T4x
ieb14ObwKnsXurkcojQDGj3SqmfMyCTvEmZEYk4mQGQ5Ce99qnWLWGBTwb26PbN3
dCpsO2l5Ui3EfHC2Yj4aQ3A+TpP7c3TN8BJnUKBYdgIvSGrc+j3QFsKFKPZ7y6t2
i9MgHgmhPuD4hOZgmjRReF2J6a8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRlC9jJ
+4XLTU3nLroSnIQDyHgAaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzM3MzY2NzMtNzA3Yi00ZGZjLWFjYTQtODhkY2JiNTJhOTRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HgI
MA0GCSqGSIb3DQEBCwUAA4IBAQCPlcxxMk59Px0fSR1oemv8YlRjDPlkN9Hm/wNa
j5JxiVJzpGZFWgei06KrZIE6LNKw0wCZdaS6f2w68TNFJYeGiCRQnicGJlsKr13T
awnxxt/h6mridJ7Jp9CHia9Q2KusIoJp5cTinFpvOJqF5o95NC02xj3ROqphMb+O
erl0VutypQYiSDDLIZ4JZT2ZhPRUXrOxQolMcymdzOhwaHFDmSzpNzAQV2d/S4YZ
lRUH8RA4YW7bEtqSodpWaXEIVF/QP3OQk8CpRl2uIV9xTN2Jyo/5U8EboI8azXtW
NutoD4uQd2gGHowxVS6byRkzasAYffynJRDrGo7lxXVpViYd
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:38 2025 by rpki-client