Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
File: f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa (raw, json)
Hash identifier: MZ27/Ks8ypqhFg6k8PoIFDkkaxHk9cnbLigZPpzDndk=
Subject key identifier: AF:EC:C8:D9:15:4A:80:4F:23:37:9F:96:0A:84:2B:24:01:86:0A:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 02637383F3DE7C04FDA1D16ECD834BC54152CA21
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
Signing time: Mon 28 Jul 2025 16:10:14 +0000
ROA not before: Mon 28 Jul 2025 16:10:14 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:63:73:83:f3:de:7c:04:fd:a1:d1:6e:cd:83:4b:c5:41:52:ca:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:14 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=fd51c30eb71c495eff2ceb376e33f64ff5ce830c98ae5845a5b4e82db3a178ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7f:61:d6:75:e6:8a:e5:aa:d9:c6:5e:9f:54:
82:32:15:21:56:79:e8:2d:b9:35:a7:bb:02:03:4f:
17:a5:2a:75:63:e9:2e:42:8e:47:ce:9f:a1:41:ce:
95:44:73:41:fc:a4:96:fa:cc:b4:c1:07:f2:43:f6:
88:80:f3:26:fa:52:79:87:98:3d:dd:b8:f2:24:59:
e5:4c:25:e2:33:14:46:fd:b9:28:9b:d5:bd:57:9d:
6f:ec:cd:1d:ee:0f:ab:a6:08:18:5c:3b:59:3d:3a:
20:21:d0:13:53:d5:ae:ed:ac:d5:50:ff:94:98:08:
28:db:ad:74:0f:ef:55:b9:3a:8f:ef:52:45:43:81:
3f:5d:7e:c0:4c:3c:83:24:ee:18:1b:98:b2:0d:b4:
b8:65:d6:56:d3:db:b0:93:ef:e3:6e:cf:b1:dc:9e:
0d:01:f4:aa:41:0e:69:73:e6:0e:c1:00:0f:97:55:
f9:b7:b6:f2:57:e7:9a:91:69:7a:42:5f:af:c3:49:
e1:af:8a:32:ba:df:fb:89:91:9b:40:58:75:9e:bf:
d7:3f:a2:c3:c7:d6:26:0b:cd:5d:c2:54:86:06:ae:
8d:2d:a3:26:b5:7d:34:c7:ee:9f:18:9f:df:a7:f4:
e0:d6:f1:f8:cd:6e:4f:fa:86:f8:0c:4e:80:9f:da:
4a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:EC:C8:D9:15:4A:80:4F:23:37:9F:96:0A:84:2B:24:01:86:0A:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:e000::/40
Signature Algorithm: sha256WithRSAEncryption
aa:e2:4a:a5:1c:48:22:da:29:b0:f3:92:a4:49:6d:b6:ef:c9:
eb:59:0e:51:c3:79:a0:3e:84:7d:36:82:84:22:5d:f4:ed:4e:
d6:50:8b:61:da:5e:f2:9d:9f:ce:48:4a:3a:2e:28:7e:3c:e0:
cc:72:d9:68:9b:23:ab:6a:64:b2:91:dd:4e:6b:9e:a4:7e:fd:
d8:8d:1b:9e:f0:9d:96:c0:a5:94:07:0a:59:7a:1f:a3:4f:a0:
fc:88:4b:24:34:d9:af:a8:b0:1a:36:aa:9d:3f:aa:12:f7:c1:
54:82:95:b5:43:b9:f5:f5:68:88:91:8d:56:fe:ab:34:ee:8f:
35:33:aa:f3:eb:3f:5e:6e:cb:eb:c1:8d:18:72:b2:e5:d5:36:
dd:96:01:3d:b5:6c:30:ac:09:27:9a:a8:9f:95:4a:56:b4:f5:
dc:39:3c:3c:46:1a:38:c0:52:13:7b:4a:3b:3d:b6:da:d8:00:
11:98:10:6f:c9:3a:95:72:5b:ba:5f:0d:b9:d7:66:95:65:ab:
93:51:96:12:44:03:4b:60:eb:86:ea:e5:b0:35:5a:54:6a:38:
38:77:41:15:62:b7:28:e5:8e:21:d1:81:85:57:40:a9:bf:e6:
6c:9b:01:6e:29:0a:3c:36:0b:d5:2d:98:cd:b0:1d:09:da:6e:
76:97:ca:da
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAmNzg/PefAT9odFuzYNLxUFSyiEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMTRaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkNTFjMzBlYjcxYzQ5NWVmZjJjZWIzNzZlMzNmNjRmZjVjZTgzMGM5OGFl
NTg0NWE1YjRlODJkYjNhMTc4YWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9/YdZ15orlqtnGXp9UgjIVIVZ56C25Nae7AgNPF6UqdWPpLkKOR86foUHO
lURzQfyklvrMtMEH8kP2iIDzJvpSeYeYPd248iRZ5Uwl4jMURv25KJvVvVedb+zN
He4Pq6YIGFw7WT06ICHQE1PVru2s1VD/lJgIKNutdA/vVbk6j+9SRUOBP11+wEw8
gyTuGBuYsg20uGXWVtPbsJPv427PsdyeDQH0qkEOaXPmDsEAD5dV+be28lfnmpFp
ekJfr8NJ4a+KMrrf+4mRm0BYdZ6/1z+iw8fWJgvNXcJUhgaujS2jJrV9NMfunxif
36f04Nbx+M1uT/qG+AxOgJ/aSuMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSv7MjZ
FUqATyM3n5YKhCskAYYKWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdjMTRjYjMtMjRkNS00ODkwLTg4ODktY2I3YzI2MzM4YTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDg
MA0GCSqGSIb3DQEBCwUAA4IBAQCq4kqlHEgi2imw85KkSW2278nrWQ5Rw3mgPoR9
NoKEIl307U7WUIth2l7ynZ/OSEo6Lih+PODMctlomyOramSykd1Oa56kfv3YjRue
8J2WwKWUBwpZeh+jT6D8iEskNNmvqLAaNqqdP6oS98FUgpW1Q7n19WiIkY1W/qs0
7o81M6rz6z9ebsvrwY0YcrLl1TbdlgE9tWwwrAknmqiflUpWtPXcOTw8Rho4wFIT
e0o7Pbba2AARmBBvyTqVclu6Xw2512aVZauTUZYSRANLYOuG6uWwNVpUajg4d0EV
Yrco5Y4h0YGFV0Cpv+ZsmwFuKQo8NgvVLZjNsB0J2m52l8ra
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:27 2025 by rpki-client