Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216e1c1f-35c3-4c02-a0c3-0b5815c016d7.roa
File: 216e1c1f-35c3-4c02-a0c3-0b5815c016d7.roa (raw, json)
Hash identifier: v73UHRy33KaCRlbiR2sYQcCOFAc9t/QtZKAZGkuiuKI=
Subject key identifier: FE:89:CD:B9:74:D0:FD:B2:7E:54:D8:82:A9:7E:45:7D:AC:B7:06:61
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B6D324D5B31693F98EDC3F589332472C3CEDEF8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216e1c1f-35c3-4c02-a0c3-0b5815c016d7.roa
Signing time: Tue 05 Aug 2025 18:50:03 +0000
ROA not before: Tue 05 Aug 2025 18:50:03 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:6d:32:4d:5b:31:69:3f:98:ed:c3:f5:89:33:24:72:c3:ce:de:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:50:03 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=4066a001b0fe31f3c00c95b84cd14b1bd7939c894a775fab0373b40394c5084e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:98:16:9f:c6:cc:33:b1:b6:31:af:ce:5c:06:
ce:47:05:4f:10:70:55:9b:96:dc:06:ef:9b:ed:6e:
ad:b0:43:bc:e2:43:1d:a8:f8:69:e1:4e:f3:e0:f0:
9d:12:41:5e:cb:95:59:f0:57:7a:7b:bb:82:26:47:
b9:d1:35:46:b8:2a:20:f3:47:7c:07:59:3c:a0:04:
32:6c:b1:8d:15:cf:4a:c9:9e:2b:15:28:e7:92:c8:
55:4f:31:58:a7:27:bd:89:03:56:da:f9:b7:ac:7d:
41:65:7d:b3:8c:f5:8d:8a:1c:f5:2a:cd:2e:a6:d4:
cf:d8:ea:54:3b:51:0e:c0:46:fc:b5:94:d8:8d:a4:
18:59:38:28:1c:4c:04:26:0b:5f:6e:55:ae:9d:64:
9c:ac:e8:e0:b4:d5:eb:a0:de:7c:b5:e6:99:9e:58:
4c:63:8f:ed:5a:6f:87:65:c2:30:52:58:a3:a8:f1:
29:c0:a0:a1:2e:2f:91:83:f3:f0:bc:24:93:14:f2:
c5:2c:a9:56:e8:7f:9b:a2:e7:d0:62:07:33:62:fc:
2a:97:86:07:c0:03:94:3d:60:f0:b9:1b:80:71:1d:
e7:4e:79:aa:7c:be:b0:ff:81:9a:2a:c2:db:00:33:
fe:8a:6a:01:1e:b0:b7:95:ed:c8:16:23:96:e4:46:
60:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:89:CD:B9:74:D0:FD:B2:7E:54:D8:82:A9:7E:45:7D:AC:B7:06:61
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216e1c1f-35c3-4c02-a0c3-0b5815c016d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
5f:75:05:f9:51:6f:ed:0f:64:74:11:48:a6:8a:77:b8:c7:27:
62:64:41:62:de:d9:a9:52:f3:23:96:54:8f:7e:ee:74:dd:ad:
df:72:74:87:e6:ee:3c:3c:9b:c8:61:1e:f6:29:38:c5:5d:9b:
cd:6f:c2:41:a2:8c:8b:02:98:a6:fb:94:ff:e9:4f:93:3f:72:
4f:7d:12:09:04:5c:41:cf:d2:fa:5d:eb:84:e3:98:b3:7b:ac:
5d:91:83:30:c4:e8:9f:1b:20:84:fa:2e:35:7c:ff:e3:a5:42:
e3:7b:80:5b:d2:24:1b:4a:c8:70:7b:11:52:cf:42:ec:de:a2:
eb:a1:50:60:21:33:4d:31:76:07:56:03:14:72:90:41:d4:da:
03:ea:cd:3b:43:6c:a2:a8:96:a6:e3:43:17:00:37:0c:e3:09:
f2:2b:88:8b:92:b6:7d:92:d7:c7:8e:b7:14:88:81:2e:30:5f:
e7:b4:e1:5a:5a:ea:9d:43:52:c7:1d:3b:33:7c:cb:be:8c:ec:
e5:2f:73:f1:ea:be:09:78:f7:33:1d:67:4f:de:79:f5:f6:5c:
9e:6e:09:6b:9b:be:f0:7b:0c:7f:be:79:56:e7:9c:50:22:ac:
81:34:90:92:02:07:66:25:54:b6:68:b1:00:84:7c:ce:25:0c:
41:17:a3:66
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUK20yTVsxaT+Y7cP1iTMkcsPO3vgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODUwMDNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwNjZhMDAxYjBmZTMxZjNjMDBjOTViODRjZDE0YjFiZDc5MzljODk0YTc3
NWZhYjAzNzNiNDAzOTRjNTA4NGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKYFp/GzDOxtjGvzlwGzkcFTxBwVZuW3Abvm+1urbBDvOJDHaj4aeFO8+Dw
nRJBXsuVWfBXenu7giZHudE1RrgqIPNHfAdZPKAEMmyxjRXPSsmeKxUo55LIVU8x
WKcnvYkDVtr5t6x9QWV9s4z1jYoc9SrNLqbUz9jqVDtRDsBG/LWU2I2kGFk4KBxM
BCYLX25Vrp1knKzo4LTV66DefLXmmZ5YTGOP7Vpvh2XCMFJYo6jxKcCgoS4vkYPz
8LwkkxTyxSypVuh/m6Ln0GIHM2L8KpeGB8ADlD1g8LkbgHEd5055qny+sP+BmirC
2wAz/opqAR6wt5XtyBYjluRGYJMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT+ic25
dND9sn5U2IKpfkV9rLcGYTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjE2ZTFjMWYtMzVjMy00YzAyLWEwYzMtMGI1ODE1YzAxNmQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
wDANBgkqhkiG9w0BAQsFAAOCAQEAX3UF+VFv7Q9kdBFIpop3uMcnYmRBYt7ZqVLz
I5ZUj37udN2t33J0h+buPDybyGEe9ik4xV2bzW/CQaKMiwKYpvuU/+lPkz9yT30S
CQRcQc/S+l3rhOOYs3usXZGDMMTonxsghPouNXz/46VC43uAW9IkG0rIcHsRUs9C
7N6i66FQYCEzTTF2B1YDFHKQQdTaA+rNO0NsoqiWpuNDFwA3DOMJ8iuIi5K2fZLX
x463FIiBLjBf57ThWlrqnUNSxx07M3zLvozs5S9z8eq+CXj3Mx1nT9559fZcnm4J
a5u+8HsMf755VuecUCKsgTSQkgIHZiVUtmixAIR8ziUMQRejZg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:54:00 2025 by rpki-client