Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
File: 1ec007f6-6684-43b6-8751-2e5b258a98b3.roa (raw, json)
Hash identifier: KLwob91JLqvPAhzVCvf7Tp7DrVYpSPoIR+GteIKPdOY=
Subject key identifier: 2E:B3:50:63:82:95:F6:14:16:6B:E9:F8:C9:68:AA:A7:47:84:A4:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B964362324DC863607A40FF54AC78C9B278F4C4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
Signing time: Tue 05 Aug 2025 19:41:08 +0000
ROA not before: Tue 05 Aug 2025 19:41:08 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:96:43:62:32:4d:c8:63:60:7a:40:ff:54:ac:78:c9:b2:78:f4:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:41:08 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=8c3b9b2c28613799fa160275646251f8ed3cfdfe8004fa09a8d930fdb3e53399, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b6:7a:b4:e5:0f:95:97:ab:88:d5:9c:cf:14:
59:b6:6b:f6:91:04:e5:36:96:90:29:53:bb:0d:e3:
46:67:d5:ec:f5:06:96:81:05:bc:1e:27:bf:1c:3b:
79:ba:42:76:5a:af:07:e3:b7:a1:57:ce:34:dd:39:
53:c5:ba:6d:bb:af:6f:4e:19:08:4d:1b:9e:30:63:
51:f2:65:62:e9:7b:13:59:26:47:28:c6:3c:c5:93:
1e:62:8b:f2:cb:21:48:b6:4a:bf:7a:7d:a0:f5:f7:
c9:8d:9a:3b:82:cf:93:f7:5a:1e:b0:44:10:e5:92:
24:24:b1:54:0a:04:1f:c8:51:af:f2:95:77:81:9f:
37:cf:9e:06:81:52:c8:09:a2:42:75:e0:a3:d2:cb:
97:81:56:f3:61:3f:d9:71:02:56:8f:23:3e:01:bc:
e5:35:45:7c:30:31:4f:83:4a:92:b7:e1:8e:23:eb:
24:66:2e:5d:57:8e:5e:61:23:07:84:d7:29:bd:62:
b3:04:50:9e:3b:02:a5:39:03:62:cc:14:6b:32:d1:
ca:2a:f3:f5:ec:7a:95:43:78:c7:13:4e:5e:c2:c3:
73:b7:88:fd:e9:7f:25:02:25:47:1b:b1:66:99:2d:
d6:63:06:a5:5f:9a:87:87:86:b6:97:5c:d8:73:a2:
aa:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:B3:50:63:82:95:F6:14:16:6B:E9:F8:C9:68:AA:A7:47:84:A4:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:2000::/40
Signature Algorithm: sha256WithRSAEncryption
62:b3:c6:d2:17:20:68:56:c0:b3:69:1a:54:7a:2d:86:42:0d:
e4:a2:2a:ef:6a:b9:fa:6d:5f:9b:55:14:07:14:58:38:cb:6d:
a4:1b:80:2c:40:1f:22:5f:1b:e9:77:9d:96:52:55:19:91:ed:
bc:46:fb:36:70:96:7b:f7:90:e8:e8:68:cd:56:99:68:b7:a3:
b4:78:7b:8f:eb:4f:05:26:75:a6:87:6b:ae:2b:97:3c:c7:c0:
5d:53:01:07:6e:5f:76:36:01:eb:9f:38:db:69:69:a4:68:ec:
43:d3:4d:2f:10:37:11:9c:32:75:ef:d2:9d:27:47:a7:58:ba:
9a:72:07:c3:11:7d:cd:2f:86:d0:fb:7a:49:dd:d2:ac:c3:cd:
2a:bf:d7:eb:42:51:bc:88:d9:b2:25:69:c1:f7:5e:03:f8:93:
f8:af:17:81:a0:2a:3d:12:f9:6d:20:a8:c8:38:d1:bc:86:0f:
e3:58:54:49:08:3b:2a:ad:a0:55:ab:bd:e8:40:5a:98:fe:f5:
ff:11:60:88:8b:80:5f:3f:38:cc:4f:37:4b:e0:36:de:f5:f4:
a7:ad:e5:3f:92:6b:60:99:44:5b:6f:e9:d2:a5:53:f9:27:52:
e9:e0:77:8b:2a:ee:0f:ef:0b:1a:09:a1:d8:c3:9c:82:01:0d:
b0:86:1d:73
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC5ZDYjJNyGNgekD/VKx4ybJ49MQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQxMDhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjM2I5YjJjMjg2MTM3OTlmYTE2MDI3NTY0NjI1MWY4ZWQzY2ZkZmU4MDA0
ZmEwOWE4ZDkzMGZkYjNlNTMzOTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKK2erTlD5WXq4jVnM8UWbZr9pEE5TaWkClTuw3jRmfV7PUGloEFvB4nvxw7
ebpCdlqvB+O3oVfONN05U8W6bbuvb04ZCE0bnjBjUfJlYul7E1kmRyjGPMWTHmKL
8sshSLZKv3p9oPX3yY2aO4LPk/daHrBEEOWSJCSxVAoEH8hRr/KVd4GfN8+eBoFS
yAmiQnXgo9LLl4FW82E/2XECVo8jPgG85TVFfDAxT4NKkrfhjiPrJGYuXVeOXmEj
B4TXKb1iswRQnjsCpTkDYswUazLRyirz9ex6lUN4xxNOXsLDc7eI/el/JQIlRxux
Zpkt1mMGpV+ah4eGtpdc2HOiqucCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQus1Bj
gpX2FBZr6fjJaKqnR4SkYjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWVjMDA3ZjYtNjY4NC00M2I2LTg3NTEtMmU1YjI1OGE5OGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DQg
MA0GCSqGSIb3DQEBCwUAA4IBAQBis8bSFyBoVsCzaRpUei2GQg3koirvarn6bV+b
VRQHFFg4y22kG4AsQB8iXxvpd52WUlUZke28Rvs2cJZ795Do6GjNVplot6O0eHuP
608FJnWmh2uuK5c8x8BdUwEHbl92NgHrnzjbaWmkaOxD000vEDcRnDJ179KdJ0en
WLqacgfDEX3NL4bQ+3pJ3dKsw80qv9frQlG8iNmyJWnB914D+JP4rxeBoCo9Evlt
IKjIONG8hg/jWFRJCDsqraBVq73oQFqY/vX/EWCIi4BfPzjMTzdL4Dbe9fSnreU/
kmtgmURbb+nSpVP5J1Lp4HeLKu4P7wsaCaHYw5yCAQ2whh1z
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:10 2025 by rpki-client