Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d79852cc-835c-4a8a-8412-323c0281d4bf.roa
File: d79852cc-835c-4a8a-8412-323c0281d4bf.roa (raw, json)
Hash identifier: eKKY9IkbKb22KA6DGv8jkMgMDGra5rvtYL0t9u9+vOc=
Subject key identifier: 7A:4E:37:62:0A:27:6C:2A:08:A4:B4:EC:2C:F4:BA:14:9C:32:82:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 543D983CD18D060BC039B6CCB0E74623790C10C6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d79852cc-835c-4a8a-8412-323c0281d4bf.roa
Signing time: Wed 30 Jul 2025 20:07:27 +0000
ROA not before: Wed 30 Jul 2025 20:07:27 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:3d:98:3c:d1:8d:06:0b:c0:39:b6:cc:b0:e7:46:23:79:0c:10:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:07:27 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=b149879a44f7eb89e420e9599b9bfaa5c304a7dc1f07fe73564790eecd1212e9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:40:8e:2b:61:7b:1f:43:92:91:0d:6a:e0:ea:
cc:b0:27:66:a0:e8:40:06:1a:15:78:a2:e4:3c:19:
7f:6c:22:2e:07:a4:e9:81:a2:e8:df:32:0e:e7:fe:
43:cd:32:4a:3d:81:cd:1b:5b:70:d8:71:dc:8b:1a:
10:87:67:4a:33:61:bb:f0:3b:32:6d:92:4f:60:43:
72:3a:2a:b0:85:08:f7:40:0a:2a:93:5d:27:a6:98:
19:e1:d5:e8:0e:d5:ca:13:3f:cd:ea:c5:a1:ad:29:
85:df:19:ba:6c:cd:fc:0a:69:71:41:33:17:d7:e4:
32:6c:c0:e2:a7:a2:37:71:1a:f1:ed:bb:29:13:ee:
dd:51:b6:59:25:cf:76:10:fa:54:8c:70:59:70:78:
ff:ba:5e:24:42:79:1d:cf:75:8f:40:3a:8a:54:42:
fb:bf:00:c4:54:a0:9e:3b:0f:b7:6e:1d:03:92:9e:
ff:b2:d1:eb:56:ba:cb:c8:01:ba:e4:c2:f5:d1:da:
d3:57:d4:1a:2c:33:56:9c:6e:f5:b8:09:43:bb:94:
1f:f7:40:14:9b:0c:5a:e0:3f:56:ac:f2:5c:2d:88:
33:93:1c:85:ed:f1:be:22:4c:bf:6c:22:0d:c6:99:
bd:9a:af:fb:39:04:79:88:58:6a:de:83:1e:ee:41:
c9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:4E:37:62:0A:27:6C:2A:08:A4:B4:EC:2C:F4:BA:14:9C:32:82:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d79852cc-835c-4a8a-8412-323c0281d4bf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:6000::/40
Signature Algorithm: sha256WithRSAEncryption
7b:ba:7e:b7:d1:dd:79:75:a4:55:c8:c9:7c:90:d0:b8:53:16:
b1:54:dd:ea:f6:75:ae:08:0d:6f:82:0f:ce:42:0d:74:0a:a8:
a8:65:d5:77:41:aa:e0:28:65:a3:34:24:85:16:b3:73:1e:09:
21:4e:7c:43:08:4a:dc:83:65:f1:d5:fc:87:e9:a1:ed:18:d8:
16:5b:a7:fc:05:1d:d4:60:9a:cc:d9:f8:51:95:ca:62:cf:11:
d0:31:ab:2a:b3:56:74:19:27:80:b8:5a:a2:97:13:f4:f6:91:
50:4b:f0:a7:6b:a5:d7:f8:7c:e9:da:89:9f:f8:1f:86:cc:48:
da:22:c2:75:b2:18:42:72:31:d7:2e:67:5d:65:b0:0f:3c:2e:
19:20:bf:db:50:da:80:50:e4:75:6e:68:f6:f5:1c:59:52:4b:
42:9a:0f:70:5d:0b:68:e4:fa:da:20:c9:85:86:fc:b4:ac:49:
16:82:77:86:83:58:c3:ab:63:8b:15:d2:e0:d8:4f:b7:74:03:
39:5e:5c:ab:c1:96:8c:73:e3:d8:4c:d6:ff:74:5e:dc:1d:cc:
45:ae:34:9d:86:b7:22:f2:f4:28:4e:c2:5b:3a:39:2c:87:e6:
d2:4e:5b:bb:89:b5:6e:c5:5d:26:b7:f7:39:fa:c3:10:16:89:
1a:a4:e1:98
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVD2YPNGNBgvAObbMsOdGI3kMEMYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MzAyMDA3MjdaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxNDk4NzlhNDRmN2ViODllNDIwZTk1OTliOWJmYWE1YzMwNGE3ZGMxZjA3
ZmU3MzU2NDc5MGVlY2QxMjEyZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO5Ajithex9DkpENauDqzLAnZqDoQAYaFXii5DwZf2wiLgek6YGi6N8yDuf+
Q80ySj2BzRtbcNhx3IsaEIdnSjNhu/A7Mm2ST2BDcjoqsIUI90AKKpNdJ6aYGeHV
6A7VyhM/zerFoa0phd8ZumzN/AppcUEzF9fkMmzA4qeiN3Ea8e27KRPu3VG2WSXP
dhD6VIxwWXB4/7peJEJ5Hc91j0A6ilRC+78AxFSgnjsPt24dA5Ke/7LR61a6y8gB
uuTC9dHa01fUGiwzVpxu9bgJQ7uUH/dAFJsMWuA/VqzyXC2IM5Mche3xviJMv2wi
DcaZvZqv+zkEeYhYat6DHu5ByTMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR6Tjdi
CidsKgiktOws9LoUnDKCDDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDc5ODUyY2MtODM1Yy00YThhLTg0MTItMzIzYzAyODFkNGJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Htg
MA0GCSqGSIb3DQEBCwUAA4IBAQB7un630d15daRVyMl8kNC4UxaxVN3q9nWuCA1v
gg/OQg10CqioZdV3QargKGWjNCSFFrNzHgkhTnxDCErcg2Xx1fyH6aHtGNgWW6f8
BR3UYJrM2fhRlcpizxHQMasqs1Z0GSeAuFqilxP09pFQS/Cna6XX+Hzp2omf+B+G
zEjaIsJ1shhCcjHXLmddZbAPPC4ZIL/bUNqAUOR1bmj29RxZUktCmg9wXQto5Pra
IMmFhvy0rEkWgneGg1jDq2OLFdLg2E+3dAM5XlyrwZaMc+PYTNb/dF7cHcxFrjSd
hrci8vQoTsJbOjksh+bSTlu7ibVuxV0mt/c5+sMQFokapOGY
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:40 2025 by rpki-client