Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
File: 1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa (raw, json)
Hash identifier: vsyzpBfFixaYYLwKW+hQd0AG2Eb3lbl3QkVHVoqbwB8=
Subject key identifier: AD:3B:20:20:83:B2:40:69:06:F7:6D:48:EF:E6:AC:EF:15:1F:CC:F9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 132975E200C1D2D3BD145954F5EFA588B5A9FAB2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
Signing time: Tue 05 Aug 2025 20:01:36 +0000
ROA not before: Tue 05 Aug 2025 20:01:36 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:29:75:e2:00:c1:d2:d3:bd:14:59:54:f5:ef:a5:88:b5:a9:fa:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:01:36 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=9a465aacc862385fbfa189a0a9891ed7308ae06beb25662f78f38b9074eec06a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c7:07:94:fc:8f:d2:c7:0c:50:8b:76:80:9e:
cb:3c:10:41:bc:0f:bd:15:0b:4a:1d:60:19:bd:44:
b6:f7:9d:ee:ec:8a:9d:d8:62:0a:f7:71:6f:fe:51:
39:ad:93:51:3f:43:96:42:06:17:b1:30:4e:47:c7:
a3:ea:fd:2e:3f:e8:99:1e:94:7e:84:06:91:88:21:
db:06:03:a3:d3:6c:e5:78:61:62:3c:8f:68:b7:09:
18:bd:ee:b0:8b:9c:55:33:53:26:b8:32:e7:79:9c:
28:0f:50:c6:21:10:f2:9f:3d:16:e6:17:29:e3:c8:
e8:18:84:84:6e:9f:37:59:11:83:8f:25:c9:a8:8a:
17:1f:5d:bb:28:07:47:97:44:8d:c5:18:32:8d:f6:
0d:18:63:3f:28:57:16:02:74:a5:44:6e:4a:e3:81:
dc:d0:24:76:c3:14:46:3e:78:ca:88:74:f1:3f:0a:
ad:a0:42:4b:d7:43:44:e4:83:99:92:21:f6:4b:37:
b2:da:0f:8c:33:92:af:f5:15:00:f9:fa:82:6e:4e:
b4:38:76:4f:0e:2d:23:70:6a:b8:67:f7:91:47:a2:
15:e4:c4:6c:8e:b5:b2:dd:bd:c5:40:f7:74:55:a3:
54:c7:03:05:da:c4:48:e0:90:cd:1b:12:5d:51:c0:
a7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:3B:20:20:83:B2:40:69:06:F7:6D:48:EF:E6:AC:EF:15:1F:CC:F9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6000::/40
Signature Algorithm: sha256WithRSAEncryption
12:c7:e4:94:11:09:de:69:2f:f1:0b:c4:41:84:5a:f7:aa:f9:
46:c3:f0:e1:1e:93:3f:59:f6:5c:da:8b:69:70:db:a9:9e:37:
97:54:98:8e:9d:90:fe:45:cb:e2:06:a6:c1:02:af:ad:9e:4b:
62:8f:32:81:a5:80:7e:42:eb:c2:9d:a7:c8:82:a8:37:b6:d0:
c6:a2:4b:58:0e:c5:d2:e6:89:2c:a1:18:ad:16:da:d3:39:ef:
1e:16:c4:5f:ec:de:a5:d3:32:94:26:cb:85:7c:a2:f6:5a:2a:
f7:28:e7:80:d8:da:48:4d:0d:97:fe:c8:1c:e2:07:d1:c9:16:
5d:15:b5:9d:24:c2:40:19:4a:5f:84:23:05:de:b9:11:ca:aa:
fc:42:1a:94:80:f3:f2:be:13:23:73:d8:22:c1:2e:79:71:b1:
67:81:0b:be:62:39:6e:0f:51:65:0b:28:08:53:f2:86:ac:29:
56:26:cb:85:3e:f2:7c:26:da:13:a2:ac:a6:05:fe:1c:1a:8d:
3a:84:6d:eb:d0:16:a9:19:b0:2c:e5:14:81:fa:d4:85:ad:d4:
97:43:60:0f:02:5d:54:25:e5:6f:6c:a0:1e:6f:5b:53:5b:11:
50:5f:99:83:5e:4f:52:19:e5:9e:47:8a:87:b9:95:b4:b8:21:
ad:ed:cd:c9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEyl14gDB0tO9FFlU9e+liLWp+rIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAxMzZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhNDY1YWFjYzg2MjM4NWZiZmExODlhMGE5ODkxZWQ3MzA4YWUwNmJlYjI1
NjYyZjc4ZjM4YjkwNzRlZWMwNmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM3HB5T8j9LHDFCLdoCeyzwQQbwPvRULSh1gGb1Etved7uyKndhiCvdxb/5R
Oa2TUT9DlkIGF7EwTkfHo+r9Lj/omR6UfoQGkYgh2wYDo9Ns5XhhYjyPaLcJGL3u
sIucVTNTJrgy53mcKA9QxiEQ8p89FuYXKePI6BiEhG6fN1kRg48lyaiKFx9duygH
R5dEjcUYMo32DRhjPyhXFgJ0pURuSuOB3NAkdsMURj54yoh08T8KraBCS9dDROSD
mZIh9ks3stoPjDOSr/UVAPn6gm5OtDh2Tw4tI3BquGf3kUeiFeTEbI61st29xUD3
dFWjVMcDBdrESOCQzRsSXVHAp9MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBStOyAg
g7JAaQb3bUjv5qzvFR/M+TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWJhMmQwNjMtOTE1Yi00ZWY1LWIxYjgtMDBkNzNkYzhhMzFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRg
MA0GCSqGSIb3DQEBCwUAA4IBAQASx+SUEQneaS/xC8RBhFr3qvlGw/DhHpM/WfZc
2otpcNupnjeXVJiOnZD+RcviBqbBAq+tnktijzKBpYB+QuvCnafIgqg3ttDGoktY
DsXS5oksoRitFtrTOe8eFsRf7N6l0zKUJsuFfKL2Wir3KOeA2NpITQ2X/sgc4gfR
yRZdFbWdJMJAGUpfhCMF3rkRyqr8QhqUgPPyvhMjc9giwS55cbFngQu+YjluD1Fl
CygIU/KGrClWJsuFPvJ8JtoToqymBf4cGo06hG3r0BapGbAs5RSB+tSFrdSXQ2AP
Al1UJeVvbKAeb1tTWxFQX5mDXk9SGeWeR4qHuZW0uCGt7c3J
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:48:19 2025 by rpki-client