Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
File: d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa (raw, json)
Hash identifier: iVokm6p2BG+GCxUCnxEm3GthLEflDI9pIVbrvCNe63I=
Subject key identifier: 7A:D4:BD:6C:9A:AF:D1:3F:6D:49:C3:0E:6A:04:C6:AA:27:7C:70:EF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 451AB7A917789FD4D07EB2D731A2EB852B6265CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
Signing time: Mon 21 Jul 2025 16:50:15 +0000
ROA not before: Mon 21 Jul 2025 16:50:15 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:c040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:1a:b7:a9:17:78:9f:d4:d0:7e:b2:d7:31:a2:eb:85:2b:62:65:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:50:15 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=2acada2454da319f9147c03b71c259520b1838d354a02e2065045101f10711f2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2b:92:98:e4:38:52:1c:13:ad:89:03:fc:f0:
f0:42:9e:29:d7:06:65:04:3b:ac:13:90:f4:1e:11:
09:96:7d:f3:be:ec:10:fa:62:3d:e5:98:c7:da:27:
ab:fa:c4:2b:0e:ec:c8:8d:8f:c7:39:6d:bb:34:eb:
f8:ad:cc:59:9b:5a:73:8b:65:54:60:4e:5f:69:0d:
14:da:cd:17:8f:8c:be:66:0d:a6:bb:40:0b:8a:da:
a4:ef:57:1d:21:12:cd:f8:d0:48:4e:cc:94:79:0e:
9f:d2:3a:cb:40:e3:f2:e3:45:a0:a4:b6:28:a9:87:
44:00:01:4e:40:8d:3b:46:7a:17:d8:06:51:0d:35:
dd:ed:df:c5:ce:cd:65:39:ac:99:3e:3b:94:96:da:
ba:76:a4:d2:3f:74:39:73:fb:d5:2a:5c:de:b5:6a:
b4:be:27:db:9f:bb:cd:ed:df:21:d2:47:52:be:61:
83:39:b5:52:d0:b5:31:83:9e:79:72:29:d4:8b:34:
89:46:de:d3:0e:97:30:ef:c0:f8:32:b4:ca:36:a0:
11:af:d8:d5:0b:36:83:cb:db:e5:9b:02:fc:bf:e6:
2a:ec:03:2c:fc:73:88:ee:5c:b9:6e:80:be:41:43:
59:e7:f6:c0:08:f9:fa:43:d4:8c:e4:1d:4f:45:33:
51:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:D4:BD:6C:9A:AF:D1:3F:6D:49:C3:0E:6A:04:C6:AA:27:7C:70:EF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:c040::/46
Signature Algorithm: sha256WithRSAEncryption
8b:be:92:73:66:33:e2:f7:89:23:f2:2d:3a:ac:de:98:10:ad:
57:35:2d:07:c3:44:0b:53:33:ef:1b:1f:af:63:55:55:c8:c6:
8a:2f:2f:f6:89:4f:f6:78:b8:3b:4a:db:e9:72:1f:bc:e8:5a:
71:bf:f6:da:b5:c3:99:f3:dc:3b:fe:b3:b7:ee:28:da:87:a1:
bd:9b:5b:13:ce:be:58:72:83:3b:f9:aa:4a:ae:cc:e8:17:4d:
be:b2:76:c0:0e:59:4b:e6:cb:f5:d1:3b:18:6f:1a:38:ed:eb:
3f:db:2a:a4:72:f1:6a:ae:25:3f:cd:35:98:0e:66:c0:52:29:
95:3c:43:00:9d:6e:cd:24:5b:34:04:1a:00:3f:e8:4a:25:42:
eb:80:8f:87:db:8b:1a:cb:24:6a:8d:fd:b7:a8:f5:c6:65:6b:
18:00:f6:70:68:94:81:85:8a:61:3d:ae:18:26:0d:ce:a5:6c:
0e:e4:45:b8:10:4d:66:f4:db:fa:d8:40:9b:6a:ed:e5:6d:99:
b4:fa:3a:23:ef:8f:b5:40:a5:3f:cc:e5:34:47:5c:3e:c9:17:
05:e7:62:6b:b9:a0:15:e6:db:f7:09:ff:eb:06:da:45:31:63:
f8:0b:74:d6:59:63:07:b5:b0:ea:2e:3a:25:af:10:95:49:b5:
1d:70:59:76
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURRq3qRd4n9TQfrLXMaLrhStiZcswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjUwMTVaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhY2FkYTI0NTRkYTMxOWY5MTQ3YzAzYjcxYzI1OTUyMGIxODM4ZDM1NGEw
MmUyMDY1MDQ1MTAxZjEwNzExZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkrkpjkOFIcE62JA/zw8EKeKdcGZQQ7rBOQ9B4RCZZ9877sEPpiPeWYx9on
q/rEKw7syI2PxzltuzTr+K3MWZtac4tlVGBOX2kNFNrNF4+MvmYNprtAC4rapO9X
HSESzfjQSE7MlHkOn9I6y0Dj8uNFoKS2KKmHRAABTkCNO0Z6F9gGUQ013e3fxc7N
ZTmsmT47lJbaunak0j90OXP71Spc3rVqtL4n25+7ze3fIdJHUr5hgzm1UtC1MYOe
eXIp1Is0iUbe0w6XMO/A+DK0yjagEa/Y1Qs2g8vb5ZsC/L/mKuwDLPxziO5cuW6A
vkFDWef2wAj5+kPUjOQdT0UzUe0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR61L1s
mq/RP21Jww5qBMaqJ3xw7zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDFjMDFjOTItNGEyZS00MGM4LTliNzItZTY1M2FjOTg5NmNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPA
QDANBgkqhkiG9w0BAQsFAAOCAQEAi76Sc2Yz4veJI/ItOqzemBCtVzUtB8NEC1Mz
7xsfr2NVVcjGii8v9olP9ni4O0rb6XIfvOhacb/22rXDmfPcO/6zt+4o2oehvZtb
E86+WHKDO/mqSq7M6BdNvrJ2wA5ZS+bL9dE7GG8aOO3rP9sqpHLxaq4lP801mA5m
wFIplTxDAJ1uzSRbNAQaAD/oSiVC64CPh9uLGsskao39t6j1xmVrGAD2cGiUgYWK
YT2uGCYNzqVsDuRFuBBNZvTb+thAm2rt5W2ZtPo6I++PtUClP8zlNEdcPskXBedi
a7mgFebb9wn/6wbaRTFj+At01lljB7Ww6i46Ja8QlUm1HXBZdg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:59:05 2025 by rpki-client