Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3736ec9-491c-43bd-b672-c821fdae78f1.roa
File: f3736ec9-491c-43bd-b672-c821fdae78f1.roa (raw, json)
Hash identifier: SMVlRYdWs7knWE9Ll2VvP0lwsMzLaBD8yddtrNB1dks=
Subject key identifier: A4:C1:8D:28:5A:D1:3B:95:27:6F:82:71:CB:8C:3E:04:4E:7D:D8:47
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 129B9499D1873FF69BB4765261855184669DF7AF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3736ec9-491c-43bd-b672-c821fdae78f1.roa
Signing time: Tue 29 Jul 2025 18:30:13 +0000
ROA not before: Tue 29 Jul 2025 18:30:13 +0000
ROA not after: Tue 02 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:4000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:9b:94:99:d1:87:3f:f6:9b:b4:76:52:61:85:51:84:66:9d:f7:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 29 18:30:13 2025 GMT
Not After : Sep 2 23:59:59 2025 GMT
Subject: serialNumber=b0313309aeb06fd122a31c31480e0e355770dd8ec160cb723ae4fcff16476f45, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:91:1a:a9:06:18:d8:ee:9b:52:b2:9f:dc:ab:
62:74:e2:cb:7b:6a:e2:79:3e:50:56:66:a2:c3:06:
cb:3d:51:4f:53:4e:0e:68:82:53:71:14:a2:b9:2c:
8b:87:c4:cf:5e:fc:39:78:e6:5d:d0:c7:fb:50:79:
5a:47:7c:9e:c0:29:63:ac:99:95:63:87:37:8f:0f:
13:b9:9c:45:02:be:b2:9a:28:49:76:13:cf:7d:78:
df:25:91:5d:69:1d:99:a6:47:e9:49:5a:28:93:73:
61:fe:77:e9:72:a7:4c:4d:38:4a:0a:b0:11:e6:ba:
69:09:19:97:bb:d1:81:8d:8f:b7:52:c6:35:ec:d4:
d9:a8:b1:b5:05:21:57:a3:e4:1e:7a:07:dc:f9:76:
fc:8e:bf:91:0c:b2:23:94:dc:52:db:3f:09:f0:12:
aa:b1:85:cc:34:a5:2f:46:91:6a:f9:39:68:57:3a:
84:3f:a1:c4:9c:f5:53:e0:b5:9a:08:c5:f8:9d:53:
8a:a1:93:d2:18:66:c8:c8:b7:0c:d0:da:d0:fb:09:
3b:55:44:de:2b:8d:2f:7b:cf:da:99:d3:13:61:45:
e8:f3:70:ed:5a:84:bb:01:63:8e:aa:0d:a4:af:f6:
93:86:8f:2f:c4:ef:b9:cf:8c:55:97:6e:d9:21:d4:
d1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:C1:8D:28:5A:D1:3B:95:27:6F:82:71:CB:8C:3E:04:4E:7D:D8:47
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3736ec9-491c-43bd-b672-c821fdae78f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:4000::/48
Signature Algorithm: sha256WithRSAEncryption
a4:25:5b:ce:35:73:cf:03:11:c4:98:7c:e8:b4:45:43:60:e9:
fa:cf:2c:58:ef:30:7e:9e:55:f4:84:23:5c:4e:36:08:c0:b2:
9d:dc:1b:9d:d1:fe:05:c6:06:24:fb:58:19:93:93:02:4d:ce:
6e:6a:a2:c8:f4:ed:d9:d3:24:96:c5:e2:39:fe:a0:64:9b:69:
9d:2d:04:01:66:68:3a:ce:b1:eb:4f:03:d5:b5:c0:fb:a6:d3:
df:15:b5:b4:5d:2e:56:df:92:b6:88:eb:5e:c4:a3:20:98:83:
49:0c:0d:81:70:3a:7a:63:86:7d:1e:96:1d:90:e5:28:7d:58:
25:9b:01:a0:14:94:c1:b4:87:dd:a6:5c:b3:3c:5e:73:22:ed:
6d:b1:8d:da:5a:14:63:39:c3:96:4f:8e:ea:05:e8:ec:98:4f:
aa:61:fb:fd:8a:f2:e8:9c:2b:5c:27:62:22:07:1f:41:19:13:
10:43:d9:fa:f7:68:2e:5d:e6:4f:09:af:20:4f:b7:57:aa:47:
a1:85:cf:99:4c:5d:2b:f4:d2:45:44:db:c2:c5:97:be:9c:b4:
17:dd:26:a6:0c:93:bd:b1:3a:4e:f6:c3:56:60:c4:fe:d9:4d:
55:e5:5b:c8:e6:79:49:0e:17:3d:fb:83:2d:8b:20:ab:81:b8:
b3:10:d3:4e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEpuUmdGHP/abtHZSYYVRhGad968wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjkxODMwMTNaFw0yNTA5MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwMzEzMzA5YWViMDZmZDEyMmEzMWMzMTQ4MGUwZTM1NTc3MGRkOGVjMTYw
Y2I3MjNhZTRmY2ZmMTY0NzZmNDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWRGqkGGNjum1Kyn9yrYnTiy3tq4nk+UFZmosMGyz1RT1NODmiCU3EUorks
i4fEz178OXjmXdDH+1B5Wkd8nsApY6yZlWOHN48PE7mcRQK+spooSXYTz3143yWR
XWkdmaZH6UlaKJNzYf536XKnTE04SgqwEea6aQkZl7vRgY2Pt1LGNezU2aixtQUh
V6PkHnoH3Pl2/I6/kQyyI5TcUts/CfASqrGFzDSlL0aRavk5aFc6hD+hxJz1U+C1
mgjF+J1TiqGT0hhmyMi3DNDa0PsJO1VE3iuNL3vP2pnTE2FF6PNw7VqEuwFjjqoN
pK/2k4aPL8Tvuc+MVZdu2SHU0b8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSkwY0o
WtE7lSdvgnHLjD4ETn3YRzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjM3MzZlYzktNDkxYy00M2JkLWI2NzItYzgyMWZkYWU3OGYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HZA
ADANBgkqhkiG9w0BAQsFAAOCAQEApCVbzjVzzwMRxJh86LRFQ2Dp+s8sWO8wfp5V
9IQjXE42CMCyndwbndH+BcYGJPtYGZOTAk3ObmqiyPTt2dMklsXiOf6gZJtpnS0E
AWZoOs6x608D1bXA+6bT3xW1tF0uVt+StojrXsSjIJiDSQwNgXA6emOGfR6WHZDl
KH1YJZsBoBSUwbSH3aZcszxecyLtbbGN2loUYznDlk+O6gXo7JhPqmH7/Yry6Jwr
XCdiIgcfQRkTEEPZ+vdoLl3mTwmvIE+3V6pHoYXPmUxdK/TSRUTbwsWXvpy0F90m
pgyTvbE6TvbDVmDE/tlNVeVbyOZ5SQ4XPfuDLYsgq4G4sxDTTg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:42 2025 by rpki-client