Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de12834a-9370-4c63-969f-bf8eef4cd73b.roa
File: de12834a-9370-4c63-969f-bf8eef4cd73b.roa (raw, json)
Hash identifier: EvP1BAjgVW7zRv7/vKoqBV9ZJnqH6dQOq5vbXNeYAv0=
Subject key identifier: 46:DE:5C:DE:E2:99:77:51:54:2B:EE:DE:20:16:37:54:43:37:41:B1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65D453E44EEF25AFE7015233099E161DC0E4D2E9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de12834a-9370-4c63-969f-bf8eef4cd73b.roa
Signing time: Tue 29 Jul 2025 18:30:11 +0000
ROA not before: Tue 29 Jul 2025 18:30:11 +0000
ROA not after: Tue 02 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:d4:53:e4:4e:ef:25:af:e7:01:52:33:09:9e:16:1d:c0:e4:d2:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 29 18:30:11 2025 GMT
Not After : Sep 2 23:59:59 2025 GMT
Subject: serialNumber=b4f2e2aa533eb6b355e2ee8c324417f0c60917f75758f3450e1cb66305557a09, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b7:47:ab:ac:40:1d:45:e5:4a:9b:5e:b2:38:
11:41:36:fd:04:1c:74:f0:a2:55:51:ff:cd:49:bc:
db:4d:5a:80:4e:92:ea:a5:37:30:37:1c:bf:f8:09:
75:9c:45:05:8d:55:b0:11:f7:1b:ff:14:ba:60:5b:
c2:d7:8e:ae:84:67:22:2c:cc:ff:7b:b9:80:cb:1e:
1c:ee:cc:cd:88:b8:59:2f:7f:5b:6b:af:a5:e5:db:
a4:5a:dc:1f:ca:9b:f8:75:d0:68:5e:e4:41:05:2d:
f3:f5:48:24:85:25:60:90:d2:f8:b5:9a:f4:0b:1f:
d3:e0:d7:83:b4:8f:e3:23:68:17:7d:50:5d:b7:e6:
95:c5:bc:a7:58:c9:10:2d:70:63:91:2f:77:17:b3:
f4:69:ab:83:05:ce:4c:55:a7:da:65:04:b8:c0:d5:
b4:82:e9:06:b2:9a:8d:fc:04:fc:b0:5c:ae:53:bc:
05:05:d0:d1:5a:25:a6:de:b4:b0:42:fd:92:c9:06:
0c:4b:8d:60:55:47:7e:9a:0f:af:0c:10:ec:37:4a:
89:cd:8d:30:3f:6b:85:e5:08:b5:93:8e:7e:4f:d7:
a1:7f:da:ca:a3:4f:d9:32:a8:6e:0a:ac:c0:67:6e:
af:73:58:9a:2a:9c:cf:9a:17:37:03:0b:33:2d:c3:
8b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:DE:5C:DE:E2:99:77:51:54:2B:EE:DE:20:16:37:54:43:37:41:B1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de12834a-9370-4c63-969f-bf8eef4cd73b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4010::/48
Signature Algorithm: sha256WithRSAEncryption
58:56:e5:8d:64:f2:01:3e:1a:b3:b1:40:4a:8a:64:0e:8a:8c:
26:20:95:9a:81:09:3b:b8:d9:f8:1e:2c:58:ef:94:e0:d6:78:
80:09:12:cb:13:ed:73:a9:c5:23:ec:9a:2b:a3:cc:df:e0:00:
cf:21:35:2b:93:3b:34:7a:a5:52:f7:d2:91:24:e8:6b:de:01:
78:ff:f7:e9:48:91:51:10:d5:f7:2b:e3:d5:ac:a6:aa:4a:9c:
e5:b4:8c:64:01:94:0d:c0:01:3c:08:dd:5c:ee:0b:8c:f2:07:
fb:a6:5c:da:b6:c9:56:a3:a6:4a:8d:f7:2e:d1:5f:08:f7:63:
8e:ab:86:1e:0b:b2:7a:02:67:31:62:a4:73:14:ca:0d:2a:bd:
a1:79:30:fc:f0:d7:82:76:9e:5b:19:df:7d:1c:5b:ed:ef:c6:
d3:a2:00:dc:20:68:5c:e1:96:0e:0a:b6:8d:00:10:80:83:bf:
07:08:c1:1b:d4:5d:42:70:59:61:16:8e:b0:a7:02:67:68:78:
0d:a9:43:5e:3c:74:94:d7:77:8c:b5:9f:53:fc:27:bb:60:0d:
f9:1d:b1:c6:51:56:50:14:3a:3c:17:67:b5:ed:bd:55:25:ae:
9d:69:77:23:35:7f:95:45:c0:f8:e5:58:ee:26:25:cc:e0:5d:
b9:82:ef:82
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZdRT5E7vJa/nAVIzCZ4WHcDk0ukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjkxODMwMTFaFw0yNTA5MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0ZjJlMmFhNTMzZWI2YjM1NWUyZWU4YzMyNDQxN2YwYzYwOTE3Zjc1NzU4
ZjM0NTBlMWNiNjYzMDU1NTdhMDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMa3R6usQB1F5UqbXrI4EUE2/QQcdPCiVVH/zUm8201agE6S6qU3MDccv/gJ
dZxFBY1VsBH3G/8UumBbwteOroRnIizM/3u5gMseHO7MzYi4WS9/W2uvpeXbpFrc
H8qb+HXQaF7kQQUt8/VIJIUlYJDS+LWa9Asf0+DXg7SP4yNoF31QXbfmlcW8p1jJ
EC1wY5Evdxez9GmrgwXOTFWn2mUEuMDVtILpBrKajfwE/LBcrlO8BQXQ0Volpt60
sEL9kskGDEuNYFVHfpoPrwwQ7DdKic2NMD9rheUItZOOfk/XoX/ayqNP2TKobgqs
wGdur3NYmiqcz5oXNwMLMy3Di/sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRG3lze
4pl3UVQr7t4gFjdUQzdBsTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGUxMjgzNGEtOTM3MC00YzYzLTk2OWYtYmY4ZWVmNGNkNzNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
EDANBgkqhkiG9w0BAQsFAAOCAQEAWFbljWTyAT4as7FASopkDoqMJiCVmoEJO7jZ
+B4sWO+U4NZ4gAkSyxPtc6nFI+yaK6PM3+AAzyE1K5M7NHqlUvfSkSToa94BeP/3
6UiRURDV9yvj1aymqkqc5bSMZAGUDcABPAjdXO4LjPIH+6Zc2rbJVqOmSo33LtFf
CPdjjquGHguyegJnMWKkcxTKDSq9oXkw/PDXgnaeWxnffRxb7e/G06IA3CBoXOGW
Dgq2jQAQgIO/BwjBG9RdQnBZYRaOsKcCZ2h4DalDXjx0lNd3jLWfU/wnu2AN+R2x
xlFWUBQ6PBdnte29VSWunWl3IzV/lUXA+OVY7iYlzOBduYLvgg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:59:06 2025 by rpki-client