Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
File: 12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa (raw, json)
Hash identifier: 3XQh5NEQ7Bkjb0Zkam0P+58JoW3mfGcbPP1ZJKK7cX8=
Subject key identifier: 59:4F:3B:B1:91:E3:AC:20:E0:20:A7:8C:E3:99:CE:30:9D:01:53:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 560EDCBEA3115A899D763286686CB87F998B8C12
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
Signing time: Tue 05 Aug 2025 20:10:17 +0000
ROA not before: Tue 05 Aug 2025 20:10:17 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:0e:dc:be:a3:11:5a:89:9d:76:32:86:68:6c:b8:7f:99:8b:8c:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:10:17 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=a1f32f0a55354a77553c7c56569a914c7501b671f27f0d0ea32529261e84b36f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2d:c6:a3:6c:70:ec:d6:9c:7c:e0:fc:14:bc:
86:ff:1c:f6:a1:d8:07:42:43:f6:a7:93:3c:9c:7e:
96:1a:62:8d:46:06:a6:56:00:9d:d4:7c:17:f7:95:
36:93:1b:93:c6:f0:43:c0:17:4a:2c:89:29:9b:f5:
d1:2e:07:fc:5b:8b:91:c9:26:1b:60:9e:33:4b:86:
1c:7d:0b:bb:97:ef:77:ed:23:4b:ff:21:69:c7:05:
b3:41:22:84:87:d6:35:dd:9a:a1:72:44:49:bd:bc:
1b:c1:7d:75:f4:f3:2c:7a:bf:35:50:2e:6a:cd:91:
d2:10:da:a5:85:bb:4a:41:0d:0b:23:b9:2b:9c:3f:
7b:61:e2:5e:18:49:8d:d4:87:82:70:90:d4:57:0a:
1d:f1:fe:85:f4:c2:86:28:45:f1:ef:68:f9:02:0d:
8a:cf:cd:b2:f2:dc:b5:f8:9e:7c:db:04:3c:cb:01:
b6:90:78:4d:8f:da:a1:7d:eb:da:06:f7:60:97:07:
9d:19:28:dd:5b:90:8e:cb:40:1b:2b:b5:8a:59:6e:
38:21:68:cc:3f:bb:9e:2b:b3:13:24:d6:a7:d9:a0:
99:d4:41:3f:aa:19:f4:02:2e:bd:ad:1b:56:ce:9d:
88:35:42:34:d3:43:cc:19:a5:67:36:bf:00:46:c4:
07:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:4F:3B:B1:91:E3:AC:20:E0:20:A7:8C:E3:99:CE:30:9D:01:53:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011::/38
Signature Algorithm: sha256WithRSAEncryption
bd:94:ef:81:72:8b:7d:7c:9e:67:55:c0:bc:8b:be:2d:c1:87:
87:f1:ea:84:b9:59:19:94:8a:53:ff:d7:06:9c:da:36:f0:52:
0c:e3:fa:de:a0:89:53:98:95:7c:b7:54:e4:88:51:66:db:3f:
2e:e9:05:2a:a2:c1:c2:68:55:72:2d:17:99:81:e4:ba:6e:32:
a1:be:62:d4:c1:eb:59:54:0f:5d:1c:27:42:59:f7:26:0b:56:
6e:06:02:07:ab:18:b4:2d:6c:e9:c5:9a:ee:fe:02:5e:71:66:
a4:47:c3:3f:b4:96:df:ad:10:81:e8:43:06:b9:b5:de:81:63:
d7:68:e0:82:05:28:d1:15:3c:a9:86:eb:99:98:c5:5b:70:13:
1e:00:42:b9:11:d9:24:f8:c1:48:51:dc:01:99:e6:f3:ff:2c:
8a:d0:a5:d1:ca:ac:09:17:5e:06:15:6b:5c:95:77:b7:86:4e:
e4:4a:0a:42:0e:d2:7d:85:1d:b9:7c:f4:9b:56:d2:46:86:7c:
dd:bb:1d:9f:40:56:eb:b6:8c:1d:fa:f4:25:11:11:4b:05:e8:
b2:6a:62:b5:99:96:b8:23:48:f0:93:a0:11:c3:e8:da:03:00:
ec:56:97:90:29:f8:71:bd:30:db:19:b5:bf:9a:72:ef:90:b2:
63:e5:14:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVg7cvqMRWomddjKGaGy4f5mLjBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDEwMTdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGExZjMyZjBhNTUzNTRhNzc1NTNjN2M1NjU2OWE5MTRjNzUwMWI2NzFmMjdm
MGQwZWEzMjUyOTI2MWU4NGIzNmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMItxqNscOzWnHzg/BS8hv8c9qHYB0JD9qeTPJx+lhpijUYGplYAndR8F/eV
NpMbk8bwQ8AXSiyJKZv10S4H/FuLkckmG2CeM0uGHH0Lu5fvd+0jS/8haccFs0Ei
hIfWNd2aoXJESb28G8F9dfTzLHq/NVAuas2R0hDapYW7SkENCyO5K5w/e2HiXhhJ
jdSHgnCQ1FcKHfH+hfTChihF8e9o+QINis/NsvLctfiefNsEPMsBtpB4TY/aoX3r
2gb3YJcHnRko3VuQjstAGyu1illuOCFozD+7niuzEyTWp9mgmdRBP6oZ9AIuva0b
Vs6diDVCNNNDzBmlZza/AEbEB/ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRZTzux
keOsIOAgp4zjmc4wnQFTMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTIwOTliZjUtZjljMS00NjNlLTlmYzktZWFmNzkxZTMzOWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEA
MA0GCSqGSIb3DQEBCwUAA4IBAQC9lO+Bcot9fJ5nVcC8i74twYeH8eqEuVkZlIpT
/9cGnNo28FIM4/reoIlTmJV8t1TkiFFm2z8u6QUqosHCaFVyLReZgeS6bjKhvmLU
wetZVA9dHCdCWfcmC1ZuBgIHqxi0LWzpxZru/gJecWakR8M/tJbfrRCB6EMGubXe
gWPXaOCCBSjRFTyphuuZmMVbcBMeAEK5Edkk+MFIUdwBmebz/yyK0KXRyqwJF14G
FWtclXe3hk7kSgpCDtJ9hR25fPSbVtJGhnzdux2fQFbrtowd+vQlERFLBeiyamK1
mZa4I0jwk6ARw+jaAwDsVpeQKfhxvTDbGbW/mnLvkLJj5RSe
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:50:47 2025 by rpki-client