Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
File: 183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa (raw, json)
Hash identifier: ArDFERuHQVLClrGeAWlMFb+XmS21DWn3wvy9yiToEX8=
Subject key identifier: 9A:7B:3E:08:18:AF:8F:F8:06:A4:17:E5:60:89:F6:E2:62:1B:2B:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33A20BCE7DEAB79C29F3DEC48AF7D248108CAA68
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
Signing time: Tue 05 Aug 2025 19:51:28 +0000
ROA not before: Tue 05 Aug 2025 19:51:28 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:a2:0b:ce:7d:ea:b7:9c:29:f3:de:c4:8a:f7:d2:48:10:8c:aa:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:51:28 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=837a8ed26db9b2761615ee0744140532e5608604b75689426c13cd045953d289, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:22:28:c8:30:9c:4d:65:9e:c4:ef:a8:62:d3:
09:50:da:18:33:14:b4:58:79:cb:0c:b3:48:b0:63:
f3:5c:fc:3b:07:76:8c:aa:ba:7f:ef:d6:e0:c5:aa:
1a:26:a1:7e:5a:30:10:be:be:0c:21:21:81:cb:fb:
84:1d:fa:5e:37:49:14:bd:36:0b:22:4b:9f:53:81:
d7:1e:a4:38:d3:ff:54:80:26:84:b9:54:6f:b9:f8:
8a:b9:df:f7:f6:5c:bf:db:74:9a:31:d7:90:80:30:
a7:7a:55:fa:1d:cc:79:25:7d:32:46:ce:d6:10:ad:
4a:bd:a6:70:ee:f5:1d:4e:ec:8d:b5:64:ef:0c:e5:
9c:17:6e:de:da:b1:ff:b6:f8:a6:86:42:2e:c4:a1:
11:f0:27:10:35:6b:96:ac:ec:1a:ca:2b:00:1d:c9:
58:49:5d:7b:c5:5c:10:32:1e:05:96:75:3a:c3:0d:
49:13:d2:09:09:9c:e1:32:31:9f:05:bf:25:d6:9e:
b5:e2:a9:06:97:34:fc:c6:5c:51:8c:11:79:a1:e8:
ab:99:95:6f:c8:18:1d:05:95:6d:46:fb:b9:8f:64:
04:61:03:12:e0:4e:40:7a:d7:74:04:d6:50:c5:4c:
51:a5:ef:23:b3:60:1b:20:14:1b:e4:e5:6f:7d:b0:
3d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:7B:3E:08:18:AF:8F:F8:06:A4:17:E5:60:89:F6:E2:62:1B:2B:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:1000::/40
Signature Algorithm: sha256WithRSAEncryption
0c:29:74:42:6a:12:3a:50:8c:19:7a:82:99:88:1c:0d:71:d2:
44:44:1e:87:46:52:1b:0b:e3:67:56:95:a5:c0:95:db:37:81:
76:3e:c5:a4:1d:1e:43:50:ad:6a:c4:fb:da:75:df:6a:49:d1:
a7:57:08:f0:28:c6:69:f1:cc:16:f0:4d:5a:0e:81:da:b4:35:
ea:a0:36:4e:93:f9:2f:65:de:3b:25:40:43:85:cc:d6:17:fb:
18:35:b1:7d:3a:24:7c:7c:00:9e:5f:e8:d7:39:90:d9:33:7b:
f7:ae:2f:9b:f1:83:6d:b3:fa:d7:04:e6:b8:eb:99:9e:f2:c1:
bd:eb:f9:f0:a5:e5:df:21:c8:a0:89:ed:3f:d3:38:52:4b:0c:
c2:ca:46:51:34:2d:e4:bf:6c:0a:e0:0f:eb:05:a6:da:c6:2e:
24:33:1a:9d:05:f7:37:54:d0:65:4d:07:b3:78:6c:7a:da:f4:
c1:8a:28:43:10:91:a4:33:b4:f5:04:7e:64:9c:cd:7a:1b:58:
e9:ce:bb:fd:cf:9e:08:89:ba:6c:bd:f6:71:3e:81:64:69:9f:
10:21:dd:fc:3e:d5:ee:eb:77:36:84:10:ae:b5:f7:01:d8:ea:
e9:ee:22:59:c5:e0:a6:5b:c1:cd:85:1a:e3:34:7d:8e:60:b3:
a4:25:0b:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM6ILzn3qt5wp897EivfSSBCMqmgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUxMjhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzN2E4ZWQyNmRiOWIyNzYxNjE1ZWUwNzQ0MTQwNTMyZTU2MDg2MDRiNzU2
ODk0MjZjMTNjZDA0NTk1M2QyODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJQiKMgwnE1lnsTvqGLTCVDaGDMUtFh5ywyzSLBj81z8Owd2jKq6f+/W4MWq
GiahflowEL6+DCEhgcv7hB36XjdJFL02CyJLn1OB1x6kONP/VIAmhLlUb7n4irnf
9/Zcv9t0mjHXkIAwp3pV+h3MeSV9MkbO1hCtSr2mcO71HU7sjbVk7wzlnBdu3tqx
/7b4poZCLsShEfAnEDVrlqzsGsorAB3JWElde8VcEDIeBZZ1OsMNSRPSCQmc4TIx
nwW/JdaeteKpBpc0/MZcUYwReaHoq5mVb8gYHQWVbUb7uY9kBGEDEuBOQHrXdATW
UMVMUaXvI7NgGyAUG+Tlb32wPfECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSaez4I
GK+P+AakF+VgifbiYhsrFDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTgzZWI1ODMtM2ZiMy00YzNhLWJhZGItOWZlMGE0ZTUwZmQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAMKXRCahI6UIwZeoKZiBwNcdJERB6HRlIbC+Nn
VpWlwJXbN4F2PsWkHR5DUK1qxPvadd9qSdGnVwjwKMZp8cwW8E1aDoHatDXqoDZO
k/kvZd47JUBDhczWF/sYNbF9OiR8fACeX+jXOZDZM3v3ri+b8YNts/rXBOa465me
8sG96/nwpeXfIcigie0/0zhSSwzCykZRNC3kv2wK4A/rBabaxi4kMxqdBfc3VNBl
TQezeGx62vTBiihDEJGkM7T1BH5knM16G1jpzrv9z54IibpsvfZxPoFkaZ8QId38
PtXu63c2hBCutfcB2Orp7iJZxeCmW8HNhRrjNH2OYLOkJQu5
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:03:54 2025 by rpki-client