Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf7e464d-77bb-4302-aa9f-93906a5dcddf.roa
File: cf7e464d-77bb-4302-aa9f-93906a5dcddf.roa (raw, json)
Hash identifier: wWj6mhZd7Z408brfhqk2ydknCWbuWOnBAmyXILzLIEU=
Subject key identifier: B5:C6:08:AE:D2:35:92:D8:01:51:F8:45:21:A7:EF:A0:46:07:B6:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0213377AF62CE0F48464B698B5ABE520E85B5B73
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf7e464d-77bb-4302-aa9f-93906a5dcddf.roa
Signing time: Wed 30 Jul 2025 20:07:28 +0000
ROA not before: Wed 30 Jul 2025 20:07:28 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:13:37:7a:f6:2c:e0:f4:84:64:b6:98:b5:ab:e5:20:e8:5b:5b:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:07:28 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=877883b5002e59f9049ab17381f430b8897146c3ad8e44359501da604a6145a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c0:f7:c1:a6:ef:b5:81:99:ea:58:d0:02:18:
54:10:13:64:40:27:d1:f3:11:9b:a4:38:f3:5a:3e:
5c:e5:b2:3c:c4:01:f1:e7:f0:81:f4:e5:e7:67:2e:
d1:35:7c:45:9f:8e:e0:ad:f9:3c:fd:a0:a7:16:ba:
d5:ec:08:a9:ec:1e:b3:48:6f:75:05:65:24:23:23:
2a:17:a3:f6:d7:f3:42:97:f8:d4:e3:c9:4b:bb:ec:
47:fc:f1:11:8d:89:bc:eb:36:36:71:11:8b:8c:24:
31:ac:da:f9:e8:1f:97:37:8b:0e:62:43:1e:20:a5:
7a:28:da:60:c7:5f:67:8f:b8:f4:8c:1c:01:bb:7f:
46:80:8d:9e:41:ad:46:c6:46:19:13:3b:05:8d:7e:
d5:cf:ce:e8:0e:f3:8f:4b:76:9e:86:aa:ce:33:3b:
e1:83:2e:2d:ef:e0:97:a3:02:91:91:19:c7:4f:5b:
ff:81:c6:e9:a6:ef:d8:f7:b4:d4:c7:7b:d3:03:9e:
e9:85:38:33:72:28:17:9a:6e:49:52:fd:94:42:c9:
bf:ae:b3:55:88:c8:84:48:d4:2f:b1:fc:2e:ac:c5:
bb:d6:01:33:36:e2:94:44:0f:18:cb:40:52:34:56:
99:60:14:a5:74:f8:de:09:06:29:e0:3c:b6:2a:bb:
15:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C6:08:AE:D2:35:92:D8:01:51:F8:45:21:A7:EF:A0:46:07:B6:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf7e464d-77bb-4302-aa9f-93906a5dcddf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:8000::/40
Signature Algorithm: sha256WithRSAEncryption
b7:4c:28:9c:cd:36:70:f1:dd:cc:e7:f4:58:77:1c:fc:2c:cf:
37:74:40:1f:e8:cc:98:00:ca:11:80:69:a2:90:34:05:32:2c:
e8:27:08:da:70:b3:9c:88:53:8f:4b:17:76:2d:c0:77:31:98:
2c:5b:31:3a:31:29:71:c1:84:ed:28:5e:1b:5a:bf:d7:22:dc:
f1:6c:24:0c:57:88:fe:a0:c7:0a:36:96:15:33:b1:8c:5b:47:
da:b1:74:26:da:09:c9:29:83:8c:8e:e4:e4:92:08:81:9d:6b:
3d:15:4e:43:89:5c:dc:9f:87:1f:e8:c4:93:a2:c9:50:6e:eb:
e5:4f:f3:44:fa:94:84:f5:18:9b:cf:1b:ee:79:78:8d:96:7f:
4c:19:51:85:c0:df:5e:bb:a1:1c:62:c1:2e:2f:c5:95:70:29:
c3:bb:f2:73:9f:37:14:1c:ac:0b:14:c9:65:01:c7:a6:26:56:
f7:68:b8:ab:89:7a:ab:24:d5:a6:96:14:3e:54:14:6d:07:76:
95:a5:25:0b:38:32:41:37:21:d6:26:e7:b9:81:d5:42:90:b2:
af:bc:60:6c:2d:e0:4c:50:30:6f:05:1b:a2:06:18:b9:3c:1f:
04:f1:1d:8f:22:c6:78:fc:3f:1b:b6:f1:5b:d6:68:0e:d4:49:
5c:2d:3a:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAhM3evYs4PSEZLaYtavlIOhbW3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MzAyMDA3MjhaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3Nzg4M2I1MDAyZTU5ZjkwNDlhYjE3MzgxZjQzMGI4ODk3MTQ2YzNhZDhl
NDQzNTk1MDFkYTYwNGE2MTQ1YTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALrA98Gm77WBmepY0AIYVBATZEAn0fMRm6Q481o+XOWyPMQB8efwgfTl52cu
0TV8RZ+O4K35PP2gpxa61ewIqewes0hvdQVlJCMjKhej9tfzQpf41OPJS7vsR/zx
EY2JvOs2NnERi4wkMaza+egflzeLDmJDHiCleijaYMdfZ4+49IwcAbt/RoCNnkGt
RsZGGRM7BY1+1c/O6A7zj0t2noaqzjM74YMuLe/gl6MCkZEZx09b/4HG6abv2Pe0
1Md70wOe6YU4M3IoF5puSVL9lELJv66zVYjIhEjUL7H8LqzFu9YBMzbilEQPGMtA
UjRWmWAUpXT43gkGKeA8tiq7FWsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS1xgiu
0jWS2AFR+EUhp++gRge2gDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y3ZTQ2NGQtNzdiYi00MzAyLWFhOWYtOTM5MDZhNWRjZGRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HuA
MA0GCSqGSIb3DQEBCwUAA4IBAQC3TCiczTZw8d3M5/RYdxz8LM83dEAf6MyYAMoR
gGmikDQFMizoJwjacLOciFOPSxd2LcB3MZgsWzE6MSlxwYTtKF4bWr/XItzxbCQM
V4j+oMcKNpYVM7GMW0fasXQm2gnJKYOMjuTkkgiBnWs9FU5DiVzcn4cf6MSToslQ
buvlT/NE+pSE9RibzxvueXiNln9MGVGFwN9eu6EcYsEuL8WVcCnDu/JznzcUHKwL
FMllAcemJlb3aLiriXqrJNWmlhQ+VBRtB3aVpSULODJBNyHWJue5gdVCkLKvvGBs
LeBMUDBvBRuiBhi5PB8E8R2PIsZ4/D8btvFb1mgO1ElcLTqO
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:57 2025 by rpki-client