Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
File: 10e25f26-1142-4a43-8091-69f9ddd435c1.roa (raw, json)
Hash identifier: fYBzIRAqiZ9LpscxU4WNS8SkZqZDUer9SCFEOEmt6b4=
Subject key identifier: 2C:DC:8B:0E:8C:43:32:2B:13:95:24:34:06:87:6A:B9:F0:1E:5D:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3ABBA62B4B14037D7CDBF36EB70028B59BD1BF1F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
Signing time: Tue 05 Aug 2025 19:51:37 +0000
ROA not before: Tue 05 Aug 2025 19:51:37 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:bb:a6:2b:4b:14:03:7d:7c:db:f3:6e:b7:00:28:b5:9b:d1:bf:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:51:37 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=9e1893310de8f611f9cbbfa584bfa4610464625399594a3e10803838db71216a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:74:64:2e:04:f5:10:88:ec:ae:c3:b5:66:b3:
bb:02:0f:ce:04:65:d7:c3:ec:90:fa:5f:ad:75:59:
5d:61:d6:c1:d2:fb:c4:0f:33:df:fe:95:84:ee:25:
d0:0b:2d:ce:9b:b0:48:f0:6e:d3:15:58:12:d5:d0:
3b:2a:93:36:bb:1c:c3:c3:37:97:20:86:bb:ab:bc:
1b:fd:05:18:a3:9a:d8:23:5d:40:48:33:9f:a3:70:
23:51:86:7c:ea:7c:81:fd:cb:da:13:e4:44:b5:d1:
b6:51:62:82:42:ca:02:eb:bf:67:2a:04:0f:3c:27:
f7:78:75:62:27:e7:8e:19:b7:53:09:a4:9a:7c:11:
2b:ea:01:3e:d3:a5:f1:35:de:3d:c5:5d:45:c9:88:
fe:be:6d:9f:61:4f:60:1c:03:fc:68:cf:df:a8:b3:
f2:74:fc:1b:a7:a8:71:a4:e7:e0:a5:00:ba:04:4e:
1e:19:17:b1:cd:2c:ad:02:cd:24:2f:b0:8a:9a:69:
40:75:70:ee:b3:3d:a0:95:8f:56:c4:3b:48:79:ac:
60:c1:11:be:14:d7:90:02:31:b2:83:31:fd:25:bf:
f3:5e:ba:5b:0a:92:c8:f1:01:fe:9e:1e:1f:3a:21:
94:72:6c:f2:02:3e:ad:6d:93:3e:33:e4:d4:f2:80:
ab:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:DC:8B:0E:8C:43:32:2B:13:95:24:34:06:87:6A:B9:F0:1E:5D:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:1000::/40
Signature Algorithm: sha256WithRSAEncryption
20:36:05:bd:10:c2:68:f2:20:6f:3f:65:52:5c:30:d5:be:11:
25:0d:81:13:1b:33:70:18:14:2e:8b:d3:15:37:df:56:be:cc:
a3:c9:96:84:65:46:b0:74:4e:06:49:e7:b6:5a:1e:f8:96:05:
3a:6a:50:9d:4b:f9:cf:80:2d:56:b0:6e:62:43:43:89:c0:0f:
58:70:c9:a8:8f:e2:1b:86:7d:9a:91:33:55:ec:3a:7f:75:aa:
ed:31:0e:bd:5f:f0:dd:94:ba:e4:9c:9d:bb:e4:e3:d9:4e:48:
4b:13:d9:8b:45:8b:90:b9:27:a5:5f:c5:0b:fe:e6:c3:f3:a4:
03:4a:05:b3:9a:79:16:a9:bf:e6:1f:4b:ef:ce:cf:b3:95:57:
9d:95:d4:0a:21:56:21:a3:07:94:26:a4:63:14:ee:71:3e:74:
0e:24:96:c7:9a:1a:0e:65:09:bf:3e:c6:a4:ca:14:1c:d9:09:
0a:b2:fd:21:ff:3d:79:7e:62:87:87:56:0a:29:ff:ab:7c:ea:
08:88:e0:b8:e6:da:d4:63:c4:c7:ac:9c:c9:0f:43:77:c3:ba:
b2:e2:c2:01:e3:00:5c:c2:ae:a7:c7:99:7a:12:12:4c:dd:94:
dc:b6:4f:28:4f:a0:f8:22:67:18:f0:13:a1:af:fd:d5:a5:96:
00:3d:82:fd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOrumK0sUA3182/NutwAotZvRvx8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUxMzdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDllMTg5MzMxMGRlOGY2MTFmOWNiYmZhNTg0YmZhNDYxMDQ2NDYyNTM5OTU5
NGEzZTEwODAzODM4ZGI3MTIxNmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALx0ZC4E9RCI7K7DtWazuwIPzgRl18PskPpfrXVZXWHWwdL7xA8z3/6VhO4l
0AstzpuwSPBu0xVYEtXQOyqTNrscw8M3lyCGu6u8G/0FGKOa2CNdQEgzn6NwI1GG
fOp8gf3L2hPkRLXRtlFigkLKAuu/ZyoEDzwn93h1Yifnjhm3UwmkmnwRK+oBPtOl
8TXePcVdRcmI/r5tn2FPYBwD/GjP36iz8nT8G6eocaTn4KUAugROHhkXsc0srQLN
JC+wipppQHVw7rM9oJWPVsQ7SHmsYMERvhTXkAIxsoMx/SW/8166WwqSyPEB/p4e
HzohlHJs8gI+rW2TPjPk1PKAqxcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQs3IsO
jEMyKxOVJDQGh2q58B5d5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTBlMjVmMjYtMTE0Mi00YTQzLTgwOTEtNjlmOWRkZDQzNWMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAgNgW9EMJo8iBvP2VSXDDVvhElDYETGzNwGBQu
i9MVN99WvsyjyZaEZUawdE4GSee2Wh74lgU6alCdS/nPgC1WsG5iQ0OJwA9YcMmo
j+Ibhn2akTNV7Dp/dartMQ69X/DdlLrknJ275OPZTkhLE9mLRYuQuSelX8UL/ubD
86QDSgWzmnkWqb/mH0vvzs+zlVedldQKIVYhoweUJqRjFO5xPnQOJJbHmhoOZQm/
PsakyhQc2QkKsv0h/z15fmKHh1YKKf+rfOoIiOC45trUY8THrJzJD0N3w7qy4sIB
4wBcwq6nx5l6EhJM3ZTctk8oT6D4ImcY8BOhr/3VpZYAPYL9
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:44 2025 by rpki-client