Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
File: 1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa (raw, json)
Hash identifier: GM7jKIMLCKDRvhKh64ut+eGjczUNvKjv99KX4rIK13s=
Subject key identifier: D2:DA:27:DA:68:E3:CE:28:D9:0C:FC:A1:F9:AD:97:11:02:A8:1C:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0168B71DB0C6EDB01308993AF7AF80DE9E49607F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
Signing time: Tue 05 Aug 2025 19:22:00 +0000
ROA not before: Tue 05 Aug 2025 19:22:00 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:68:b7:1d:b0:c6:ed:b0:13:08:99:3a:f7:af:80:de:9e:49:60:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:22:00 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=a14c3a6c3ee88346a74b764ffcc937b19dbaffc97b7ef6d14cce09565a8dbda3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6d:0f:5c:c9:d2:c4:2f:ef:ff:81:b3:bf:ec:
5d:71:71:41:67:ee:2d:c4:e3:07:20:5a:95:98:a5:
0a:1f:17:e9:00:6d:e3:ac:81:79:8f:7d:9d:11:5b:
de:45:0b:de:d9:b9:89:be:84:21:b5:44:ef:07:a4:
a4:96:57:41:00:2a:8d:57:dd:74:50:41:b3:eb:ef:
6d:7c:4a:6c:8c:98:c7:0d:32:1b:0e:37:5e:f3:86:
03:ea:3f:fd:ad:40:92:85:0a:43:2f:2e:df:2a:ed:
02:0a:f2:cb:50:f4:c6:e1:15:fe:49:e7:0d:95:2b:
e1:d9:62:59:64:45:8b:df:65:7f:a8:e6:c9:84:ef:
d4:e9:1b:ca:ce:4d:47:61:d6:79:1b:f2:09:24:af:
b7:95:58:e4:21:b1:3e:12:0c:52:4c:49:33:a8:9a:
a0:3a:b1:d9:fa:9f:a1:b6:c9:f5:a8:be:60:d5:a2:
e5:e6:f0:bc:86:14:8d:d9:2d:d4:12:f0:41:c6:79:
c1:b9:d7:11:27:08:1b:bb:ad:26:2e:6a:07:91:3a:
3c:79:c2:32:4b:ce:8a:55:45:81:6a:e6:67:21:e2:
06:da:81:fd:d9:b5:b9:63:ad:a2:b3:57:bd:c4:20:
1d:fb:ec:b5:a5:54:df:7c:8b:40:a2:29:0e:b6:2f:
75:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:DA:27:DA:68:E3:CE:28:D9:0C:FC:A1:F9:AD:97:11:02:A8:1C:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8757a3-5b0e-4473-9a3b-876cc134e2bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e000::/40
Signature Algorithm: sha256WithRSAEncryption
51:36:12:63:af:79:10:6f:57:0d:7c:3a:0d:e8:31:b9:0b:84:
4c:f7:63:52:f4:6c:be:87:de:17:45:8b:6b:50:18:f7:f6:3a:
ce:6e:9c:0e:5d:b5:2f:a3:fd:29:10:62:28:54:f4:16:75:4e:
6a:8e:f4:a3:88:e3:a7:5a:c9:4a:e2:54:2e:ae:cc:98:b0:33:
8a:cd:60:14:99:cb:35:87:f1:fc:fa:90:14:ef:41:7a:3d:55:
78:8e:be:af:a7:f2:85:a9:3b:e3:3b:51:4e:16:41:a0:de:7d:
56:f0:14:1b:55:14:a2:39:82:26:32:da:cb:29:f7:8c:06:d0:
28:0c:7b:c0:d5:1b:e7:f1:fd:bb:2d:2a:7a:1c:3c:29:1d:5e:
21:d4:1f:6b:1f:56:53:f0:3a:f1:0d:ed:ef:37:36:0e:ab:fb:
43:b0:b7:e0:27:e9:da:47:dd:4e:24:dc:e8:5a:1d:a6:3f:f4:
d0:ee:aa:18:f4:21:ba:63:8c:70:2c:29:d3:ff:21:58:d2:7d:
38:69:87:aa:e6:75:19:14:a2:86:7c:9b:8f:eb:58:bd:0a:0a:
e0:2b:38:46:8b:3c:53:6a:42:68:a7:3d:bf:37:99:4d:5c:ee:
0c:52:9d:89:2c:38:82:f5:16:0b:be:e9:af:5c:47:18:da:54:
da:81:85:a1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAWi3HbDG7bATCJk696+A3p5JYH8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIyMDBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGExNGMzYTZjM2VlODgzNDZhNzRiNzY0ZmZjYzkzN2IxOWRiYWZmYzk3Yjdl
ZjZkMTRjY2UwOTU2NWE4ZGJkYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKltD1zJ0sQv7/+Bs7/sXXFxQWfuLcTjByBalZilCh8X6QBt46yBeY99nRFb
3kUL3tm5ib6EIbVE7wekpJZXQQAqjVfddFBBs+vvbXxKbIyYxw0yGw43XvOGA+o/
/a1AkoUKQy8u3yrtAgryy1D0xuEV/knnDZUr4dliWWRFi99lf6jmyYTv1Okbys5N
R2HWeRvyCSSvt5VY5CGxPhIMUkxJM6iaoDqx2fqfobbJ9ai+YNWi5ebwvIYUjdkt
1BLwQcZ5wbnXEScIG7utJi5qB5E6PHnCMkvOilVFgWrmZyHiBtqB/dm1uWOtorNX
vcQgHfvstaVU33yLQKIpDrYvdUUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTS2ifa
aOPOKNkM/KH5rZcRAqgcnDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4NzU3YTMtNWIwZS00NDczLTlhM2ItODc2Y2MxMzRlMmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADg
MA0GCSqGSIb3DQEBCwUAA4IBAQBRNhJjr3kQb1cNfDoN6DG5C4RM92NS9Gy+h94X
RYtrUBj39jrObpwOXbUvo/0pEGIoVPQWdU5qjvSjiOOnWslK4lQursyYsDOKzWAU
mcs1h/H8+pAU70F6PVV4jr6vp/KFqTvjO1FOFkGg3n1W8BQbVRSiOYImMtrLKfeM
BtAoDHvA1Rvn8f27LSp6HDwpHV4h1B9rH1ZT8DrxDe3vNzYOq/tDsLfgJ+naR91O
JNzoWh2mP/TQ7qoY9CG6Y4xwLCnT/yFY0n04aYeq5nUZFKKGfJuP61i9CgrgKzhG
izxTakJopz2/N5lNXO4MUp2JLDiC9RYLvumvXEcY2lTagYWh
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:14 2025 by rpki-client