Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1277c797-1181-445f-b798-ef72bbfc284c.roa
File: 1277c797-1181-445f-b798-ef72bbfc284c.roa (raw, json)
Hash identifier: fKjeeSnT3Ek8vGz8D9LL5UDXfp0pWWuo0tLJ4r4DDSE=
Subject key identifier: 38:18:98:DB:0D:B2:85:41:F2:2C:70:9A:B1:68:CE:D9:A4:F8:6C:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 290AD7DFEBEBFEFE2EF8FD936E9F7D118330DAF0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1277c797-1181-445f-b798-ef72bbfc284c.roa
Signing time: Tue 19 Aug 2025 16:50:07 +0000
ROA not before: Tue 19 Aug 2025 16:50:07 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:0a:d7:df:eb:eb:fe:fe:2e:f8:fd:93:6e:9f:7d:11:83:30:da:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:07 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=d1bc7ad46a08868563014eef2ea4e56a388a5f443ece23cfeaa8a7d7fbc90fd9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:68:d2:7e:e3:f6:d9:45:03:31:46:40:03:32:
fb:f2:a3:30:9b:cb:3a:97:ac:b7:c8:90:31:27:6b:
1d:20:b0:fd:ac:96:68:26:a5:56:d0:4d:20:f0:dc:
78:3e:e6:be:9e:d7:7f:a0:04:86:38:4b:fa:d5:20:
3b:1f:f9:7b:57:c0:1b:4c:db:8f:36:68:ec:b6:a5:
65:fe:43:16:a7:a1:ff:0e:5d:50:e6:55:c4:b1:4c:
4b:c2:1e:4c:81:2f:b8:f7:a7:ab:c1:d1:89:ad:74:
77:7c:43:f7:76:e6:a2:31:28:cf:68:9f:a8:83:56:
dc:51:b7:d5:02:46:16:c4:04:16:ba:86:aa:d7:c6:
65:2c:c1:90:62:15:71:78:c3:b9:6d:cf:67:fe:1a:
ff:01:a4:07:2c:ed:64:78:9b:8d:81:6b:f3:f3:f8:
af:b1:e1:02:43:46:54:01:4d:e7:80:80:2c:6f:6e:
d1:da:37:92:3a:1e:6a:fb:6c:f2:71:c8:c1:b7:b2:
80:e9:b6:7c:b0:34:bf:b6:ce:6c:c9:38:14:c1:3e:
d7:a6:c8:50:f2:15:96:67:e2:f8:fc:b9:07:95:1b:
b2:2f:eb:99:ea:22:51:7d:fd:f2:22:65:11:b8:44:
df:51:cc:7f:93:40:1a:35:26:09:aa:d6:aa:3f:2c:
31:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:18:98:DB:0D:B2:85:41:F2:2C:70:9A:B1:68:CE:D9:A4:F8:6C:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1277c797-1181-445f-b798-ef72bbfc284c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:e000::/40
Signature Algorithm: sha256WithRSAEncryption
b3:98:09:17:29:8e:86:4f:34:3c:8f:98:5a:e6:fb:ab:c3:73:
dc:bd:d9:68:ca:c4:5e:4f:06:4f:79:fd:78:ce:83:7b:77:47:
7e:89:a6:b8:6d:7f:0e:27:9a:f9:3b:e2:75:18:43:75:c7:c9:
34:e6:09:8d:b2:1a:09:97:20:6f:5c:63:cd:82:57:48:fc:52:
20:14:e5:fb:3b:d9:5f:78:94:c3:10:77:fc:40:25:5d:5f:3c:
67:71:39:5c:f8:04:f7:e5:8e:74:5e:09:97:f2:7c:e6:0e:06:
80:8a:c9:ae:3a:66:a4:05:0a:93:5d:50:6c:f3:fe:c8:0f:34:
3c:c5:35:08:85:94:10:7d:8a:2f:50:e9:1e:51:0d:db:dc:15:
7c:8e:d9:30:ae:7f:e2:8c:17:1b:27:f7:f7:74:f0:20:3c:ec:
1f:43:96:62:cb:1b:ea:6b:75:b3:7a:5a:e9:87:7b:33:f4:16:
37:87:6b:12:b7:02:ca:6c:ab:e6:c3:6c:7e:11:84:84:04:8a:
09:3f:96:ff:17:66:f8:12:e8:89:1d:35:27:99:30:15:e9:49:
30:4b:bb:b7:f2:2c:49:e0:d7:88:b3:d5:d9:9e:95:a0:b5:d3:
10:0a:cd:44:77:ab:1a:93:88:15:d2:63:4a:74:6f:a9:ce:0c:
be:23:59:76
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKQrX3+vr/v4u+P2Tbp99EYMw2vAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwMDdaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxYmM3YWQ0NmEwODg2ODU2MzAxNGVlZjJlYTRlNTZhMzg4YTVmNDQzZWNl
MjNjZmVhYThhN2Q3ZmJjOTBmZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZo0n7j9tlFAzFGQAMy+/KjMJvLOpest8iQMSdrHSCw/ayWaCalVtBNIPDc
eD7mvp7Xf6AEhjhL+tUgOx/5e1fAG0zbjzZo7LalZf5DFqeh/w5dUOZVxLFMS8Ie
TIEvuPenq8HRia10d3xD93bmojEoz2ifqINW3FG31QJGFsQEFrqGqtfGZSzBkGIV
cXjDuW3PZ/4a/wGkByztZHibjYFr8/P4r7HhAkNGVAFN54CALG9u0do3kjoeavts
8nHIwbeygOm2fLA0v7bObMk4FME+16bIUPIVlmfi+Py5B5Ubsi/rmeoiUX398iJl
EbhE31HMf5NAGjUmCarWqj8sMa0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ4GJjb
DbKFQfIscJqxaM7ZpPhsqjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTI3N2M3OTctMTE4MS00NDVmLWI3OTgtZWY3MmJiZmMyODRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HTg
MA0GCSqGSIb3DQEBCwUAA4IBAQCzmAkXKY6GTzQ8j5ha5vurw3PcvdloysReTwZP
ef14zoN7d0d+iaa4bX8OJ5r5O+J1GEN1x8k05gmNshoJlyBvXGPNgldI/FIgFOX7
O9lfeJTDEHf8QCVdXzxncTlc+AT35Y50XgmX8nzmDgaAismuOmakBQqTXVBs8/7I
DzQ8xTUIhZQQfYovUOkeUQ3b3BV8jtkwrn/ijBcbJ/f3dPAgPOwfQ5Ziyxvqa3Wz
elrph3sz9BY3h2sStwLKbKvmw2x+EYSEBIoJP5b/F2b4EuiJHTUnmTAV6UkwS7u3
8ixJ4NeIs9XZnpWgtdMQCs1Ed6sak4gV0mNKdG+pzgy+I1l2
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:07:42 2025 by rpki-client