Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c42c966b-1b62-4165-bbfb-62aaaca567ad.roa
File: c42c966b-1b62-4165-bbfb-62aaaca567ad.roa (raw, json)
Hash identifier: lNttoMjtoZvD2cyDiFZKbohvx5SnUq+GEpdYtj1RUmc=
Subject key identifier: 70:93:89:BB:5F:34:47:F2:9A:45:C1:03:34:F2:5D:53:E3:EC:D7:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 401064E6D0CB711B111041BADE1884BD81F78009
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c42c966b-1b62-4165-bbfb-62aaaca567ad.roa
Signing time: Wed 30 Jul 2025 20:07:09 +0000
ROA not before: Wed 30 Jul 2025 20:07:09 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:10:64:e6:d0:cb:71:1b:11:10:41:ba:de:18:84:bd:81:f7:80:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:07:09 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=e413ee1f859a0009527e625c3ae5925e29f4042d9f512504dacdcb352ad79c0f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:af:67:25:fc:68:a8:b9:50:66:e9:d2:55:b8:
99:37:a5:d1:34:46:83:d6:19:be:58:22:df:ec:34:
9a:b2:6c:69:f2:aa:37:4b:05:e8:06:ee:ef:09:27:
a1:41:55:30:99:56:3c:1c:4d:c9:0c:40:77:41:89:
0b:1a:fa:70:f0:a2:2f:7b:3e:e7:96:d2:23:42:81:
c4:09:25:b2:79:89:ff:ab:45:37:fe:f1:75:65:35:
df:d8:c8:88:14:ec:f5:d6:74:68:7f:3b:60:29:ad:
4d:cd:68:c2:0f:b3:fe:3f:76:af:2d:56:a8:e7:da:
df:04:48:62:28:8e:e3:d8:ab:e7:5e:fa:7c:1a:06:
71:42:d1:ae:f1:6c:a0:91:b5:71:3f:e3:08:db:7d:
24:92:01:89:31:4a:5b:35:82:a4:d6:87:da:d7:2b:
cc:db:00:90:95:f5:22:54:b1:87:eb:fa:2a:3f:fb:
54:98:01:24:e0:43:8b:41:6a:cf:83:c4:6d:79:fc:
29:da:ba:62:d5:46:25:d5:2c:16:7b:12:26:77:64:
09:96:ff:cb:64:1d:f6:f2:fd:97:99:61:a5:b4:58:
64:05:df:8d:7f:65:86:8f:04:6a:89:3d:59:2b:44:
85:64:f8:22:e9:f5:2c:41:31:44:44:26:d5:81:8f:
3e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:93:89:BB:5F:34:47:F2:9A:45:C1:03:34:F2:5D:53:E3:EC:D7:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c42c966b-1b62-4165-bbfb-62aaaca567ad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077::/32
Signature Algorithm: sha256WithRSAEncryption
68:f5:f1:e1:e2:86:02:1f:15:10:f8:67:ad:8d:ba:ed:72:df:
b8:9e:c7:16:f6:ac:f5:1f:26:b6:ee:c7:f2:32:5c:25:6a:25:
43:82:e1:3a:56:59:76:22:67:97:2d:de:c3:d3:ce:b7:e5:dd:
7e:3b:0f:27:90:ee:ff:cc:31:cc:a1:0a:1c:d5:4f:82:ec:f8:
0f:6f:0d:65:c3:0e:49:43:b6:53:80:5e:87:85:d4:f0:a1:dd:
9c:fa:77:b4:8d:72:64:2f:1c:e2:69:54:04:23:da:53:8e:94:
c8:f4:da:42:47:13:13:e2:cb:4a:bc:d4:63:70:88:87:12:d3:
52:cd:43:42:e4:05:53:73:97:d5:0f:23:7a:5d:3b:e3:28:23:
be:f6:e7:c7:7b:3b:11:19:ce:23:05:65:6b:d3:62:a5:06:04:
d1:7f:9a:37:e3:cc:cc:98:6e:33:74:81:09:83:a6:99:4d:1e:
ae:26:fb:4a:3a:bf:0b:23:55:05:0d:43:43:ba:e1:28:b1:6c:
60:64:ec:ee:62:7c:d7:b4:b3:02:e2:15:e0:c4:65:a8:81:50:
74:11:a5:81:c9:bf:fe:ab:0b:4c:9c:65:1c:0f:27:38:74:a1:
41:f6:e1:1e:7d:93:ba:87:a0:ad:12:32:a2:fb:dd:89:54:fb:
fd:0f:9a:b9
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUQBBk5tDLcRsREEG63hiEvYH3gAkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MzAyMDA3MDlaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0MTNlZTFmODU5YTAwMDk1MjdlNjI1YzNhZTU5MjVlMjlmNDA0MmQ5ZjUx
MjUwNGRhY2RjYjM1MmFkNzljMGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPKvZyX8aKi5UGbp0lW4mTel0TRGg9YZvlgi3+w0mrJsafKqN0sF6Abu7wkn
oUFVMJlWPBxNyQxAd0GJCxr6cPCiL3s+55bSI0KBxAklsnmJ/6tFN/7xdWU139jI
iBTs9dZ0aH87YCmtTc1owg+z/j92ry1WqOfa3wRIYiiO49ir5176fBoGcULRrvFs
oJG1cT/jCNt9JJIBiTFKWzWCpNaH2tcrzNsAkJX1IlSxh+v6Kj/7VJgBJOBDi0Fq
z4PEbXn8Kdq6YtVGJdUsFnsSJndkCZb/y2Qd9vL9l5lhpbRYZAXfjX9lho8Eaok9
WStEhWT4Iun1LEExREQm1YGPPm8CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRwk4m7
XzRH8ppFwQM08l1T4+zX4TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzQyYzk2NmItMWI2Mi00MTY1LWJiZmItNjJhYWFjYTU2N2FkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hcw
DQYJKoZIhvcNAQELBQADggEBAGj18eHihgIfFRD4Z62Nuu1y37iexxb2rPUfJrbu
x/IyXCVqJUOC4TpWWXYiZ5ct3sPTzrfl3X47DyeQ7v/MMcyhChzVT4Ls+A9vDWXD
DklDtlOAXoeF1PCh3Zz6d7SNcmQvHOJpVAQj2lOOlMj02kJHExPiy0q81GNwiIcS
01LNQ0LkBVNzl9UPI3pdO+MoI77258d7OxEZziMFZWvTYqUGBNF/mjfjzMyYbjN0
gQmDpplNHq4m+0o6vwsjVQUNQ0O64SixbGBk7O5ifNe0swLiFeDEZaiBUHQRpYHJ
v/6rC0ycZRwPJzh0oUH24R59k7qHoK0SMqL73YlU+/0Pmrk=
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:27 2025 by rpki-client