Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
File: 0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa (raw, json)
Hash identifier: /MhM+QAqcGJ0npi8NkK4VliN1IhTUmerjVenMx+V548=
Subject key identifier: 02:CE:01:1F:BB:41:22:EA:49:24:4F:D9:04:F9:BF:43:FF:1E:3A:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65D918CDE600A06295A83F8CBCB2DBBA85708F79
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
Signing time: Tue 05 Aug 2025 20:01:39 +0000
ROA not before: Tue 05 Aug 2025 20:01:39 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:d9:18:cd:e6:00:a0:62:95:a8:3f:8c:bc:b2:db:ba:85:70:8f:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:01:39 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=98c4b4b2e73e7f6abfc99c598a4f858e430ca8cf38ba7c842e0593c2900a4b7a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1e:4d:da:50:63:c9:3f:8e:91:a0:35:0c:05:
4f:7b:97:bd:c2:a1:48:16:9b:f7:c9:4c:73:1d:77:
65:70:ee:06:26:b7:a7:3f:46:bb:0d:d6:57:c3:81:
c5:9d:51:59:56:90:ad:8c:da:33:45:b4:43:91:80:
6c:da:e3:12:a2:ba:1d:90:7a:02:ce:ee:9d:8e:7f:
6e:a6:6d:51:b3:2c:51:08:a5:3f:e3:ae:a3:27:b2:
24:0e:1a:bd:54:11:b8:f8:37:18:18:c7:a9:a1:8c:
e1:27:d4:85:12:a2:de:59:67:21:f1:c8:77:d8:8e:
39:b0:29:7c:41:50:0e:97:27:85:a3:3f:fc:52:fc:
ec:78:dc:8a:85:3b:d9:8c:78:b6:dc:19:49:22:8d:
13:e4:da:0b:72:54:2f:13:f4:a8:db:94:53:1f:8d:
d0:d3:0c:00:c0:4b:b5:ed:dc:ce:93:59:72:ff:0e:
a6:31:09:6e:e7:3a:e8:54:f7:41:48:f1:9e:84:36:
bc:1c:1c:8c:34:2e:bb:ea:82:e3:aa:19:e8:d8:5e:
68:a6:e0:a0:d4:af:5f:ad:4c:ff:dc:7f:de:9e:15:
37:16:5a:f9:18:1c:8d:e4:2d:1e:2b:9d:7d:1c:df:
6c:43:d6:4e:a5:08:58:7e:f3:30:3c:1d:1f:e9:09:
13:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:CE:01:1F:BB:41:22:EA:49:24:4F:D9:04:F9:BF:43:FF:1E:3A:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
96:a6:11:ac:69:71:42:72:23:ce:73:d9:7a:d2:c7:14:41:ba:
c8:45:64:b0:2e:0c:ff:b4:b5:d8:04:92:33:25:0d:95:1b:ff:
0a:6e:42:f9:11:c9:06:b6:9f:6b:cb:f3:2f:aa:b1:d2:c6:91:
53:95:48:db:8e:e7:6f:df:e3:80:20:68:fb:fa:87:25:8e:4c:
96:2a:4b:10:d7:d9:9a:df:85:fd:d3:98:2f:51:ab:13:ee:99:
0b:7a:e7:49:9c:40:44:d7:64:0f:3f:9b:56:2c:0e:11:67:54:
41:e8:cb:21:82:c4:1d:bf:1c:f7:9a:1c:71:60:13:3f:58:de:
a3:11:74:f4:1e:67:7f:2e:b3:75:1a:b5:18:06:28:4d:6a:ea:
b4:22:a2:1d:69:84:b3:3f:d6:68:0e:37:40:6d:82:3c:f3:d2:
54:4d:87:84:53:8e:53:9d:ec:6e:f3:de:07:77:86:07:38:36:
9b:01:3c:7b:f6:55:75:14:86:6f:0e:c5:a6:62:95:10:18:f6:
b9:2b:92:36:4d:72:0e:aa:e2:56:17:3b:24:0b:a0:fd:e1:6a:
94:b0:f5:2f:10:23:9e:fa:a3:e2:8d:07:9a:1f:ca:30:df:3e:
56:b7:df:d4:39:c0:51:ea:62:8f:a4:18:86:09:fe:aa:11:eb:
66:13:ae:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZdkYzeYAoGKVqD+MvLLbuoVwj3kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAxMzlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4YzRiNGIyZTczZTdmNmFiZmM5OWM1OThhNGY4NThlNDMwY2E4Y2YzOGJh
N2M4NDJlMDU5M2MyOTAwYTRiN2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKseTdpQY8k/jpGgNQwFT3uXvcKhSBab98lMcx13ZXDuBia3pz9Guw3WV8OB
xZ1RWVaQrYzaM0W0Q5GAbNrjEqK6HZB6As7unY5/bqZtUbMsUQilP+OuoyeyJA4a
vVQRuPg3GBjHqaGM4SfUhRKi3llnIfHId9iOObApfEFQDpcnhaM//FL87HjcioU7
2Yx4ttwZSSKNE+TaC3JULxP0qNuUUx+N0NMMAMBLte3czpNZcv8OpjEJbuc66FT3
QUjxnoQ2vBwcjDQuu+qC46oZ6NheaKbgoNSvX61M/9x/3p4VNxZa+RgcjeQtHiud
fRzfbEPWTqUIWH7zMDwdH+kJE0ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQCzgEf
u0Ei6kkkT9kE+b9D/x46ZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGUwODI1MzctNmUzNi00NzRhLTlmZjgtYjdkM2JjYWFiYjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Drg
MA0GCSqGSIb3DQEBCwUAA4IBAQCWphGsaXFCciPOc9l60scUQbrIRWSwLgz/tLXY
BJIzJQ2VG/8KbkL5EckGtp9ry/MvqrHSxpFTlUjbjudv3+OAIGj7+ocljkyWKksQ
19ma34X905gvUasT7pkLeudJnEBE12QPP5tWLA4RZ1RB6MshgsQdvxz3mhxxYBM/
WN6jEXT0Hmd/LrN1GrUYBihNauq0IqIdaYSzP9ZoDjdAbYI889JUTYeEU45Tnexu
894Hd4YHODabATx79lV1FIZvDsWmYpUQGPa5K5I2TXIOquJWFzskC6D94WqUsPUv
ECOe+qPijQeaH8ow3z5Wt9/UOcBR6mKPpBiGCf6qEetmE65U
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:32 2025 by rpki-client