Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa
File: 0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa (raw, json)
Hash identifier: 7DLbzBxNFeDN0DNqoPIJIUtVLDsI/OB95OXxQpHBLlU=
Subject key identifier: B4:72:9F:0D:7C:2F:E5:AB:96:29:40:BC:9F:59:11:B8:BC:35:3F:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 565CDA4FBA3AA9FD363CE3B9242EF7F6738D8197
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa
Signing time: Tue 05 Aug 2025 18:50:49 +0000
ROA not before: Tue 05 Aug 2025 18:50:49 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:5c:da:4f:ba:3a:a9:fd:36:3c:e3:b9:24:2e:f7:f6:73:8d:81:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:50:49 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=99b05ee4e217887a691be2f1443eceaa852bb24deb7d39c531fe1c7582c2ef61, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e8:66:cf:b9:ff:18:e2:3e:ea:6e:c4:13:79:
a8:61:18:88:4b:55:64:9b:97:86:66:57:fd:4d:2b:
3a:44:7c:a1:80:8f:8c:fd:a3:31:41:7d:e0:97:06:
95:4b:da:d0:9f:42:49:09:4d:c2:38:16:94:19:c6:
16:10:53:3b:a2:77:ef:3a:e4:d8:85:dd:5d:d2:f1:
5d:ac:c1:43:bd:22:21:ca:aa:19:10:07:0c:63:05:
4b:69:8f:29:96:29:cf:45:a4:80:c3:37:18:9c:be:
8e:c3:5d:e7:05:d1:02:4a:1d:e4:2c:3a:cb:8f:4a:
76:66:fe:35:21:bc:d5:cd:8f:86:13:84:7e:5d:0b:
b6:a1:8c:71:e0:89:51:ba:f0:99:84:eb:97:9a:0f:
5c:8a:3a:51:d7:bf:94:1e:a8:c8:83:31:be:c4:f0:
be:9d:b5:8a:5c:e7:9f:27:b3:59:0d:75:d4:eb:f9:
34:e1:2b:5c:64:61:6a:14:c8:5f:87:66:11:0f:b1:
3f:01:0c:9e:7f:e8:db:85:e7:0a:a7:22:50:e9:a6:
ce:e2:16:9e:05:51:92:27:eb:51:b1:d8:d8:e5:e3:
5a:38:56:90:ea:67:38:2e:2e:61:0d:41:39:01:8d:
70:22:5b:1b:f2:69:a0:30:cb:bf:60:d4:09:c4:05:
f7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:72:9F:0D:7C:2F:E5:AB:96:29:40:BC:9F:59:11:B8:BC:35:3F:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
28:86:04:13:67:f3:6d:27:30:6e:2b:17:bf:28:3e:53:40:3b:
73:ee:39:85:58:93:64:54:61:64:57:34:46:6a:a3:c6:a2:fd:
59:a2:6f:2f:78:ff:7f:81:38:71:01:62:9d:2f:d7:56:1d:29:
73:d4:01:e1:f0:84:cb:d4:91:f3:ef:70:8a:bc:0e:3f:11:54:
cf:c1:b4:97:a7:4a:62:69:ee:3c:31:f7:12:55:9a:b5:d2:34:
be:46:f0:80:80:58:af:64:00:16:56:3b:77:50:0a:12:22:95:
bc:65:68:9b:51:fe:20:91:95:0c:b4:6a:52:bf:bc:f0:16:16:
e5:32:a3:24:a6:bf:fd:a6:24:88:4d:e3:e3:f6:5b:06:7c:4d:
1c:94:d5:0b:f4:1a:d3:b1:61:ae:f9:43:94:dd:7f:ff:c2:26:
35:e4:d8:0b:91:69:cf:0b:47:a9:0e:19:41:29:52:a8:59:69:
9a:f4:5c:e7:86:61:a2:ad:88:37:fb:d6:9a:71:bd:ef:ba:ec:
4d:cf:a3:3d:16:18:06:b9:0e:bd:b3:ff:a2:f7:c6:4d:6d:a2:
8b:24:6a:a1:f9:0e:f8:1e:d7:d7:2b:b8:8f:66:d4:d9:aa:0d:
f8:51:be:1a:e2:5c:99:67:60:79:8c:43:2f:03:6a:fa:81:38:
56:f9:0f:76
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVlzaT7o6qf02POO5JC739nONgZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODUwNDlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5YjA1ZWU0ZTIxNzg4N2E2OTFiZTJmMTQ0M2VjZWFhODUyYmIyNGRlYjdk
MzljNTMxZmUxYzc1ODJjMmVmNjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALToZs+5/xjiPupuxBN5qGEYiEtVZJuXhmZX/U0rOkR8oYCPjP2jMUF94JcG
lUva0J9CSQlNwjgWlBnGFhBTO6J37zrk2IXdXdLxXazBQ70iIcqqGRAHDGMFS2mP
KZYpz0WkgMM3GJy+jsNd5wXRAkod5Cw6y49Kdmb+NSG81c2PhhOEfl0LtqGMceCJ
UbrwmYTrl5oPXIo6Ude/lB6oyIMxvsTwvp21ilznnyezWQ111Ov5NOErXGRhahTI
X4dmEQ+xPwEMnn/o24XnCqciUOmmzuIWngVRkifrUbHY2OXjWjhWkOpnOC4uYQ1B
OQGNcCJbG/JpoDDLv2DUCcQF9/sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS0cp8N
fC/lq5YpQLyfWRG4vDU/XzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIyZTMwOWUtZTlkNC00NTQ2LTg5NjktMmQ3YjRiOWQ1MTNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAKIYEE2fzbScwbisXvyg+U0A7c+45hViTZFRh
ZFc0RmqjxqL9WaJvL3j/f4E4cQFinS/XVh0pc9QB4fCEy9SR8+9wirwOPxFUz8G0
l6dKYmnuPDH3ElWatdI0vkbwgIBYr2QAFlY7d1AKEiKVvGVom1H+IJGVDLRqUr+8
8BYW5TKjJKa//aYkiE3j4/ZbBnxNHJTVC/Qa07FhrvlDlN1//8ImNeTYC5FpzwtH
qQ4ZQSlSqFlpmvRc54Zhoq2IN/vWmnG977rsTc+jPRYYBrkOvbP/ovfGTW2iiyRq
ofkO+B7X1yu4j2bU2aoN+FG+GuJcmWdgeYxDLwNq+oE4VvkPdg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:35 2025 by rpki-client