Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
File: 21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa (raw, json)
Hash identifier: VjyxDFVVsvutRP1i5UEh+sQ8KOPMny6nDEUjgxbNCjs=
Subject key identifier: BF:C2:D0:95:23:03:0A:4A:BC:2D:A7:CA:A3:A4:F8:80:51:6D:03:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3711BDC3E4B813029B04E0B2CA39327B11EA6766
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
Signing time: Tue 05 Aug 2025 19:51:04 +0000
ROA not before: Tue 05 Aug 2025 19:51:04 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:11:bd:c3:e4:b8:13:02:9b:04:e0:b2:ca:39:32:7b:11:ea:67:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:51:04 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=e9307a5d9a46287482779bf734fcce9a1d90bd0a3f2466af8713bd5187d0ddad, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a8:4d:33:1c:dd:41:1f:f5:a5:d7:fc:b7:bc:
a8:37:35:24:50:e2:52:dd:44:04:86:0f:72:4e:1d:
b2:5b:a5:13:f3:38:db:c0:d4:2b:04:97:7a:d6:58:
7c:c0:f0:fc:79:47:71:4b:31:62:0e:8f:6f:ec:42:
6f:6a:06:f9:de:95:a0:82:d0:90:f1:90:1d:e0:ca:
bd:76:2f:70:b8:d6:62:56:9e:1c:48:e3:4d:c8:a9:
0f:c9:35:df:37:56:ba:51:14:74:22:ff:6f:b9:3d:
fc:6b:24:22:6a:02:ef:8c:5a:3a:92:9c:45:a3:6f:
dc:b0:94:8d:3c:e5:9f:4c:75:e4:29:50:26:79:80:
7a:4f:02:c5:9b:83:7a:06:cd:b6:17:19:64:3a:5d:
b4:d3:0f:f4:cd:e2:98:40:da:60:58:8b:f3:14:6f:
28:69:fb:78:75:aa:e4:e0:cf:b7:90:35:8d:b6:34:
4c:24:a8:61:eb:94:33:76:1a:c9:15:4a:aa:70:98:
4e:97:93:35:20:e9:ab:98:b7:cd:d7:d2:c2:cf:4d:
8a:2c:18:87:fd:0f:dd:ea:2f:b5:d6:19:88:0d:01:
21:8b:e1:51:92:21:84:5a:f3:b5:9e:8b:d4:ac:0e:
cb:86:12:4b:6f:c3:8e:5c:03:8a:03:15:7b:aa:44:
fd:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C2:D0:95:23:03:0A:4A:BC:2D:A7:CA:A3:A4:F8:80:51:6D:03:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:4000::/40
Signature Algorithm: sha256WithRSAEncryption
00:6a:b8:de:39:de:41:49:4e:6a:d5:22:95:b1:25:9f:35:85:
bb:a9:ff:07:f6:d1:18:96:25:93:87:0b:b1:65:d0:72:a7:df:
54:76:88:e3:84:7c:6c:07:4a:49:e0:61:1d:2d:a6:bb:67:9a:
ee:79:db:25:e1:c1:97:1f:6e:8b:bb:1b:38:ba:4e:b2:12:8f:
7f:8d:15:b5:bc:62:81:70:a1:3e:01:35:b5:ad:5f:0a:28:b5:
3a:1c:c3:58:c5:81:66:14:6f:58:e8:53:6b:0d:44:ae:fa:32:
14:f9:c3:9b:b8:c9:d2:59:1b:8f:e3:45:05:13:ab:4a:83:87:
a0:ee:40:0d:84:99:59:71:db:24:f2:be:b5:71:36:3e:81:67:
ec:38:b0:c8:77:b0:f5:81:fc:14:59:f7:65:d4:cd:d3:8a:b8:
bf:6f:e0:fa:3b:fd:09:e4:6b:10:f3:35:1d:f0:04:19:3f:6c:
61:12:90:10:73:73:8b:f8:d0:6a:2e:17:9c:d5:19:87:1d:06:
75:25:93:69:00:ef:13:14:e6:ed:e5:93:ab:59:26:ee:05:5b:
47:9c:16:b3:d4:6e:5d:f2:0b:cf:86:5e:e9:e8:b6:05:d8:1a:
bf:65:d7:61:23:ff:59:c5:76:ff:e6:af:11:0a:7b:eb:82:d4:
3a:82:09:f9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNxG9w+S4EwKbBOCyyjkyexHqZ2YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUxMDRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5MzA3YTVkOWE0NjI4NzQ4Mjc3OWJmNzM0ZmNjZTlhMWQ5MGJkMGEzZjI0
NjZhZjg3MTNiZDUxODdkMGRkYWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCoTTMc3UEf9aXX/Le8qDc1JFDiUt1EBIYPck4dslulE/M428DUKwSXetZY
fMDw/HlHcUsxYg6Pb+xCb2oG+d6VoILQkPGQHeDKvXYvcLjWYlaeHEjjTcipD8k1
3zdWulEUdCL/b7k9/GskImoC74xaOpKcRaNv3LCUjTzln0x15ClQJnmAek8CxZuD
egbNthcZZDpdtNMP9M3imEDaYFiL8xRvKGn7eHWq5ODPt5A1jbY0TCSoYeuUM3Ya
yRVKqnCYTpeTNSDpq5i3zdfSws9NiiwYh/0P3eovtdYZiA0BIYvhUZIhhFrztZ6L
1KwOy4YSS2/DjlwDigMVe6pE/cUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS/wtCV
IwMKSrwtp8qjpPiAUW0DcTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjFlMmY1YzgtZTAxMi00NGQwLWE2ZjItYzRhMDY1YjNiOTU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRA
MA0GCSqGSIb3DQEBCwUAA4IBAQAAarjeOd5BSU5q1SKVsSWfNYW7qf8H9tEYliWT
hwuxZdByp99UdojjhHxsB0pJ4GEdLaa7Z5ruedsl4cGXH26Luxs4uk6yEo9/jRW1
vGKBcKE+ATW1rV8KKLU6HMNYxYFmFG9Y6FNrDUSu+jIU+cObuMnSWRuP40UFE6tK
g4eg7kANhJlZcdsk8r61cTY+gWfsOLDId7D1gfwUWfdl1M3Tiri/b+D6O/0J5GsQ
8zUd8AQZP2xhEpAQc3OL+NBqLhec1RmHHQZ1JZNpAO8TFObt5ZOrWSbuBVtHnBaz
1G5d8gvPhl7p6LYF2Bq/ZddhI/9ZxXb/5q8RCnvrgtQ6ggn5
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:19 2025 by rpki-client