Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
File: fc452689-b0a6-4816-a48a-8c8854d225f8.roa (raw, json)
Hash identifier: a1q9X0ejyrHiKU8/m+KooHM0ro4Uup8WRQM63Vv6VIM=
Subject key identifier: D6:06:F7:D8:7C:81:0A:F3:A5:54:D1:8B:4F:BB:3D:36:21:80:F0:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C97289590B87E652255F0C7C64D8C8E7FB6760A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
Signing time: Fri 25 Jul 2025 16:50:46 +0000
ROA not before: Fri 25 Jul 2025 16:50:46 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:97:28:95:90:b8:7e:65:22:55:f0:c7:c6:4d:8c:8e:7f:b6:76:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:50:46 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=75c8639496739c9745265bd4da6b1ae9176d7d0f43b6d916f085aa9f8d20857e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:32:41:36:aa:2a:c9:2e:ff:5e:f9:48:76:7b:
33:24:65:31:25:17:f8:f8:b8:95:43:1f:af:e2:83:
1b:88:93:c1:7b:48:2f:0b:25:c8:8c:a2:a4:7b:7c:
f9:06:3d:53:85:0e:33:c7:27:3f:7d:9d:88:b8:4d:
34:62:a9:41:ac:76:68:23:b3:2e:82:c4:2d:7a:52:
a7:19:b9:c9:fa:b9:a2:e2:69:07:80:c3:05:78:21:
b4:9f:a9:32:46:92:b5:3c:25:af:af:85:5b:1b:0c:
07:35:c6:a8:93:00:69:be:92:60:b1:63:85:fd:6b:
d7:f3:5b:b6:44:3b:f7:a9:e8:c5:e9:dd:36:e7:d6:
df:34:d5:0a:0e:d5:5b:75:3d:09:77:ec:a3:65:e9:
de:5d:32:66:85:16:ad:3a:e0:23:13:67:1c:9a:bf:
13:0b:35:63:2b:8b:e8:aa:f5:cf:17:5e:21:0c:5b:
a6:4e:eb:7f:1e:2f:1c:40:50:e0:8e:a7:cb:9e:b9:
a5:81:f9:d3:95:22:93:89:f8:1f:ca:eb:5d:44:da:
b1:ba:36:81:26:3e:9d:c3:cd:9f:53:d9:ee:12:6d:
8d:70:d5:94:d6:42:c1:b7:ed:ea:49:60:f6:8b:cf:
75:2a:3a:6a:7e:c7:a4:a8:19:7c:8d:18:98:e9:6b:
c7:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:06:F7:D8:7C:81:0A:F3:A5:54:D1:8B:4F:BB:3D:36:21:80:F0:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc452689-b0a6-4816-a48a-8c8854d225f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c000::/40
Signature Algorithm: sha256WithRSAEncryption
28:ce:b3:0c:37:11:9d:53:d0:76:22:59:77:6a:c2:c4:ce:8c:
e0:f5:72:e6:95:f6:f2:cc:cd:6e:ae:5e:01:9e:55:f3:6e:20:
4f:ad:75:ce:43:5d:48:c8:9b:0a:93:ad:c8:5a:25:0e:f3:b6:
88:a8:76:7f:dd:50:b6:d5:d9:27:b4:12:a9:f7:a3:0b:a3:aa:
5f:8e:47:b7:57:e3:b0:b7:ca:e2:f5:92:0c:24:34:3f:70:ef:
fc:f2:a3:74:52:86:be:91:64:0c:7f:ed:92:a8:9f:fa:40:96:
2c:7d:33:4d:b5:06:2c:c1:b1:fa:96:f3:e8:35:50:c8:21:c0:
c6:d2:6d:58:e0:11:e3:14:20:85:19:d4:32:c1:c1:16:6c:14:
38:df:a0:72:a4:c1:6c:b5:60:ab:e1:a4:9e:49:96:c1:a1:f1:
cc:4d:73:5f:39:3e:de:88:d6:2f:40:75:d2:74:0a:6e:ba:db:
b8:56:b5:2f:70:36:61:5a:17:cf:5f:17:5b:e0:22:db:da:bf:
66:d6:64:c5:a9:0d:3e:31:3f:ea:fe:b4:74:02:16:2a:64:f1:
76:0e:eb:c2:45:6c:6e:8e:0e:22:88:1e:cb:82:25:fc:ca:c2:
5d:ec:c5:88:e0:aa:0c:83:3e:c3:d0:a3:f1:57:08:78:d5:5e:
51:b3:57:93
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHJcolZC4fmUiVfDHxk2Mjn+2dgowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUwNDZaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1Yzg2Mzk0OTY3MzljOTc0NTI2NWJkNGRhNmIxYWU5MTc2ZDdkMGY0M2I2
ZDkxNmYwODVhYTlmOGQyMDg1N2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIyQTaqKsku/175SHZ7MyRlMSUX+Pi4lUMfr+KDG4iTwXtILwslyIyipHt8
+QY9U4UOM8cnP32diLhNNGKpQax2aCOzLoLELXpSpxm5yfq5ouJpB4DDBXghtJ+p
MkaStTwlr6+FWxsMBzXGqJMAab6SYLFjhf1r1/NbtkQ796noxendNufW3zTVCg7V
W3U9CXfso2Xp3l0yZoUWrTrgIxNnHJq/Ews1YyuL6Kr1zxdeIQxbpk7rfx4vHEBQ
4I6ny565pYH505Uik4n4H8rrXUTasbo2gSY+ncPNn1PZ7hJtjXDVlNZCwbft6klg
9ovPdSo6an7HpKgZfI0YmOlrx1cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTWBvfY
fIEK86VU0YtPuz02IYDwIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM0NTI2ODktYjBhNi00ODE2LWE0OGEtOGM4ODU0ZDIyNWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTA
MA0GCSqGSIb3DQEBCwUAA4IBAQAozrMMNxGdU9B2Ill3asLEzozg9XLmlfbyzM1u
rl4BnlXzbiBPrXXOQ11IyJsKk63IWiUO87aIqHZ/3VC21dkntBKp96MLo6pfjke3
V+Owt8ri9ZIMJDQ/cO/88qN0Uoa+kWQMf+2SqJ/6QJYsfTNNtQYswbH6lvPoNVDI
IcDG0m1Y4BHjFCCFGdQywcEWbBQ436BypMFstWCr4aSeSZbBofHMTXNfOT7eiNYv
QHXSdApuutu4VrUvcDZhWhfPXxdb4CLb2r9m1mTFqQ0+MT/q/rR0AhYqZPF2DuvC
RWxujg4iiB7LgiX8ysJd7MWI4KoMgz7D0KPxVwh41V5Rs1eT
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:16 2025 by rpki-client