Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa
File: 04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa (raw, json)
Hash identifier: 9uKk7bFjys0Yx6ZcaLhRyhsr6Bk8chHgCKI75YZfEqw=
Subject key identifier: E2:BE:F7:40:F5:D5:4B:AD:A9:9D:D0:E5:3B:0C:A9:19:F5:93:D9:0B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13E76491487D45369CF59CC76E9876466977C6A8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa
Signing time: Fri 15 Aug 2025 15:40:52 +0000
ROA not before: Fri 15 Aug 2025 15:40:52 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:e7:64:91:48:7d:45:36:9c:f5:9c:c7:6e:98:76:46:69:77:c6:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:40:52 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=a2d4f89b9194c04128fff424f86e2449b5f6581b09f4a0a78fdf6ec022fbf523, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1e:94:b1:e8:21:29:e2:d2:11:97:6a:c1:e2:
6d:0c:d2:70:ed:f9:25:85:b6:20:70:37:a4:88:b1:
95:e7:39:f9:11:5e:52:0d:00:9c:4d:18:e0:60:64:
b6:87:24:f6:ba:e9:b5:3c:8e:52:22:e9:85:6f:06:
4e:a4:78:76:ee:d1:53:50:38:c3:01:ac:51:04:0e:
d6:87:86:c6:51:c6:af:46:31:f8:27:86:7b:dc:6e:
a5:0f:49:94:fb:d0:65:b6:b9:d7:7b:e2:c2:3c:28:
60:17:97:c0:35:08:9b:63:83:81:b2:57:48:f7:a3:
1d:1d:3d:ba:47:96:1d:27:7e:f3:cc:a9:30:2b:c8:
c7:0d:3d:88:88:d6:bf:d1:3b:f2:90:2e:95:2b:cb:
4c:3d:8f:eb:80:7c:71:a2:ef:6a:35:08:43:9a:24:
68:e9:00:1c:83:9c:96:62:cd:7e:d4:95:be:a8:55:
be:bf:e2:40:4e:7c:63:4f:3b:43:3d:c2:77:00:21:
a7:96:75:e2:12:9d:c3:0e:dc:3c:8b:94:88:c6:ef:
79:b5:9a:ba:35:7b:94:c5:b3:fb:ff:b9:51:fd:0c:
ca:e4:93:1c:ca:b7:7c:8d:0a:4f:c1:dd:36:1a:3d:
6d:e2:47:80:e2:cd:3b:7d:35:93:fa:2f:16:57:ed:
84:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:BE:F7:40:F5:D5:4B:AD:A9:9D:D0:E5:3B:0C:A9:19:F5:93:D9:0B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c000::/40
Signature Algorithm: sha256WithRSAEncryption
c8:0a:c2:1b:98:b6:23:20:69:1e:62:20:d7:96:b0:76:95:b0:
36:32:7f:a6:af:94:c5:50:ce:e8:2b:a6:70:2d:35:5b:7f:75:
17:75:4a:c9:5e:29:7e:a6:be:59:c4:d6:2b:bd:46:11:3d:ae:
ee:ae:27:6f:d1:f4:81:41:7a:05:f7:ff:7f:b6:f2:f4:5e:db:
59:b5:28:40:ce:38:c1:0f:df:dc:5b:54:88:fb:8e:22:76:d1:
73:69:14:26:28:43:01:0d:cb:64:2c:b2:f0:77:bc:1d:16:ad:
79:a1:a0:0c:f6:0d:88:3f:6d:b4:03:56:e2:e3:b7:51:75:2f:
91:96:05:c9:b0:90:74:5b:96:be:d2:11:be:6c:fd:59:2b:f9:
34:88:14:d7:8b:c2:6c:05:1b:9b:dd:1e:c1:52:f4:26:de:23:
9d:46:45:c1:2a:e4:6c:64:ae:ce:9e:39:95:9f:5c:cd:17:13:
47:12:0b:a6:6e:17:10:8d:00:af:cd:24:2f:31:f4:d7:82:4e:
41:de:1f:1b:91:a7:da:6e:e1:a0:a8:27:7c:e3:24:3f:e3:d0:
db:03:ed:94:ae:73:64:f9:c6:0c:05:8d:4d:84:72:2b:47:83:
dd:91:83:f4:ef:de:23:d1:04:53:5e:63:79:13:ff:a1:20:6e:
84:8a:b8:c2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE+dkkUh9RTac9ZzHbph2Rml3xqgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTQwNTJaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyZDRmODliOTE5NGMwNDEyOGZmZjQyNGY4NmUyNDQ5YjVmNjU4MWIwOWY0
YTBhNzhmZGY2ZWMwMjJmYmY1MjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIelLHoISni0hGXasHibQzScO35JYW2IHA3pIixlec5+RFeUg0AnE0Y4GBk
tock9rrptTyOUiLphW8GTqR4du7RU1A4wwGsUQQO1oeGxlHGr0Yx+CeGe9xupQ9J
lPvQZba513viwjwoYBeXwDUIm2ODgbJXSPejHR09ukeWHSd+88ypMCvIxw09iIjW
v9E78pAulSvLTD2P64B8caLvajUIQ5okaOkAHIOclmLNftSVvqhVvr/iQE58Y087
Qz3CdwAhp5Z14hKdww7cPIuUiMbvebWaujV7lMWz+/+5Uf0MyuSTHMq3fI0KT8Hd
Nho9beJHgOLNO301k/ovFlfthIECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTivvdA
9dVLramd0OU7DKkZ9ZPZCzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRjMzRlYTEtY2RkYi00NWFhLTk3OWYtYmZlMWZhMDk5NWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DHA
MA0GCSqGSIb3DQEBCwUAA4IBAQDICsIbmLYjIGkeYiDXlrB2lbA2Mn+mr5TFUM7o
K6ZwLTVbf3UXdUrJXil+pr5ZxNYrvUYRPa7uridv0fSBQXoF9/9/tvL0XttZtShA
zjjBD9/cW1SI+44idtFzaRQmKEMBDctkLLLwd7wdFq15oaAM9g2IP220A1bi47dR
dS+RlgXJsJB0W5a+0hG+bP1ZK/k0iBTXi8JsBRub3R7BUvQm3iOdRkXBKuRsZK7O
njmVn1zNFxNHEgumbhcQjQCvzSQvMfTXgk5B3h8bkafabuGgqCd84yQ/49DbA+2U
rnNk+cYMBY1NhHIrR4PdkYP0794j0QRTXmN5E/+hIG6EirjC
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:56 2025 by rpki-client