Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2270e26b-c2b1-4cc3-800b-33825c0d723b.roa
File: 2270e26b-c2b1-4cc3-800b-33825c0d723b.roa (raw, json)
Hash identifier: 7agT916rFvfN5liQg6o1bzDP90KQLc4ytzVbrHV8us8=
Subject key identifier: C4:7A:50:E1:EC:4C:46:31:1E:D3:64:32:22:5A:14:31:8B:6D:81:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C3164BFC865ED958F91A8E12C7C965CA21F1D28
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2270e26b-c2b1-4cc3-800b-33825c0d723b.roa
Signing time: Wed 06 Aug 2025 00:50:54 +0000
ROA not before: Wed 06 Aug 2025 00:50:54 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:31:64:bf:c8:65:ed:95:8f:91:a8:e1:2c:7c:96:5c:a2:1f:1d:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:54 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=59cdce801ce5e7813cb53e6f821757c4a135d8e99d79de3377785214df60ba7b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:95:8a:9f:ec:e0:f6:a6:76:f9:42:b0:1e:4a:
dd:e4:18:9e:0e:e9:ea:e5:9d:d9:ef:ff:39:d8:72:
7d:48:4d:1c:20:96:2b:f5:e3:1e:3a:11:49:ed:6f:
90:87:f8:63:c6:5a:06:47:eb:6a:30:c0:44:2a:49:
a1:5a:0d:be:d9:ae:ee:a1:ca:dd:1b:f7:5b:d4:80:
e4:22:68:37:43:b3:0a:4a:5d:5a:c9:06:6f:06:6d:
e4:6a:e5:57:ab:19:52:de:51:23:59:1a:0f:aa:fb:
ec:61:ff:6c:64:aa:00:cb:3e:3d:34:91:92:c5:dd:
b1:4d:30:10:80:cf:f5:c7:0d:dc:60:02:7a:d0:2e:
6e:c4:ba:1f:36:7d:40:ed:48:3f:eb:40:4d:6a:27:
61:3b:19:c2:b3:f4:5d:ad:76:63:53:2d:c1:1b:ab:
71:0b:40:f1:a1:55:d0:33:2d:a6:ac:1c:e0:4b:4f:
2e:54:1f:a4:57:e0:26:08:56:fc:c9:4c:61:14:78:
3b:f8:82:3a:b6:31:fb:93:5d:59:ea:47:a6:87:b3:
0d:6d:ed:e8:4c:5d:7a:5b:13:37:25:5a:05:53:bc:
16:0b:a0:5a:e9:ff:00:fc:d4:15:95:88:cd:34:13:
08:15:31:0b:d7:8b:af:4a:f0:30:71:e2:f9:b1:83:
61:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:7A:50:E1:EC:4C:46:31:1E:D3:64:32:22:5A:14:31:8B:6D:81:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2270e26b-c2b1-4cc3-800b-33825c0d723b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
8c:17:a1:ef:88:70:a9:8a:e9:d2:f3:93:65:fb:b2:8c:dc:52:
b6:89:42:d5:35:f1:a0:8b:97:5e:29:69:69:d0:ae:01:7a:36:
bc:33:94:9b:94:5b:35:b1:10:0c:3f:12:bc:f2:e8:d4:81:03:
89:fa:cf:93:53:cb:49:12:70:96:84:4c:dd:9f:ba:35:91:7b:
35:9e:4e:41:b5:ae:74:fe:43:2d:83:1b:2d:e7:71:1f:f7:28:
5e:31:f2:d2:70:c5:20:ad:fa:ae:41:ab:d8:61:42:74:76:05:
86:05:48:36:33:d7:18:00:51:b0:35:07:42:76:1c:ee:08:c6:
51:46:72:58:08:2e:8a:ed:f6:74:16:bd:4f:65:4b:4c:f1:fa:
d7:c6:da:0a:41:1e:8a:67:48:f8:42:a8:9b:ae:11:8d:63:1a:
fd:a5:46:a6:d8:d3:af:d3:93:71:bc:6d:bb:59:d8:0d:ea:52:
b1:5d:dc:0f:0a:ae:17:43:82:bf:2c:95:ef:2c:04:bc:23:9c:
f4:f8:39:de:c7:5e:0e:46:7a:e3:2c:54:a4:0f:34:07:10:c6:
11:1e:e7:ca:fc:be:c1:ea:a8:b5:fb:d5:2c:2b:11:f9:00:65:
82:e3:61:93:22:ad:38:82:79:bd:8c:8f:e1:4f:e5:f4:a5:c9:
38:85:2c:f2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTDFkv8hl7ZWPkajhLHyWXKIfHSgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwNTRaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5Y2RjZTgwMWNlNWU3ODEzY2I1M2U2ZjgyMTc1N2M0YTEzNWQ4ZTk5ZDc5
ZGUzMzc3Nzg1MjE0ZGY2MGJhN2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGVip/s4PamdvlCsB5K3eQYng7p6uWd2e//OdhyfUhNHCCWK/XjHjoRSe1v
kIf4Y8ZaBkfrajDARCpJoVoNvtmu7qHK3Rv3W9SA5CJoN0OzCkpdWskGbwZt5Grl
V6sZUt5RI1kaD6r77GH/bGSqAMs+PTSRksXdsU0wEIDP9ccN3GACetAubsS6HzZ9
QO1IP+tATWonYTsZwrP0Xa12Y1MtwRurcQtA8aFV0DMtpqwc4EtPLlQfpFfgJghW
/MlMYRR4O/iCOrYx+5NdWepHpoezDW3t6ExdelsTNyVaBVO8FgugWun/APzUFZWI
zTQTCBUxC9eLr0rwMHHi+bGDYWMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTEelDh
7ExGMR7TZDIiWhQxi22BXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjI3MGUyNmItYzJiMS00Y2MzLTgwMGItMzM4MjVjMGQ3MjNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+w
MA0GCSqGSIb3DQEBCwUAA4IBAQCMF6HviHCpiunS85Nl+7KM3FK2iULVNfGgi5de
KWlp0K4Beja8M5SblFs1sRAMPxK88ujUgQOJ+s+TU8tJEnCWhEzdn7o1kXs1nk5B
ta50/kMtgxst53Ef9yheMfLScMUgrfquQavYYUJ0dgWGBUg2M9cYAFGwNQdCdhzu
CMZRRnJYCC6K7fZ0Fr1PZUtM8frXxtoKQR6KZ0j4QqibrhGNYxr9pUam2NOv05Nx
vG27WdgN6lKxXdwPCq4XQ4K/LJXvLAS8I5z0+Dnex14ORnrjLFSkDzQHEMYRHufK
/L7B6qi1+9UsKxH5AGWC42GTIq04gnm9jI/hT+X0pck4hSzy
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:29 2025 by rpki-client