Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa
File: 22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa (raw, json)
Hash identifier: gIENYEMOZbMPI4pwuA4OtHE++w442CiAlxiDttb+UL4=
Subject key identifier: 3D:BC:32:1C:1E:0D:92:26:60:7B:C7:FB:7A:69:0D:82:56:AA:77:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12567CCADFFFD6E0C98F9C6F590BCD30BBB73EBA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa
Signing time: Tue 05 Aug 2025 20:01:26 +0000
ROA not before: Tue 05 Aug 2025 20:01:26 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:56:7c:ca:df:ff:d6:e0:c9:8f:9c:6f:59:0b:cd:30:bb:b7:3e:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:01:26 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=d68ca53fced9bffea679eae0d2c7de354ee1ebc0b9196d25f69c5fd010eba2e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:62:d8:af:a6:3e:41:4b:06:96:a4:4e:8c:17:
b8:c6:67:96:b0:49:02:5b:88:85:89:87:5f:c6:6e:
fc:82:65:07:82:c1:bc:b6:05:a7:e5:24:76:f6:4c:
cc:54:37:74:de:8b:26:ff:9f:95:b2:61:53:42:d5:
ef:78:c7:b4:5b:39:4c:24:b5:a8:2e:61:b4:c1:17:
3c:e7:38:dc:e9:cd:ee:37:55:85:55:b3:5d:31:d0:
31:db:c4:8b:2e:6f:33:13:a8:37:f2:14:fd:28:2d:
06:79:e4:af:de:d6:7a:28:79:dd:72:86:92:f7:f1:
7a:cd:e3:f8:ef:6d:72:68:99:44:9c:9a:a5:23:2a:
30:89:92:60:d6:29:9b:5e:7c:9a:3d:5c:99:8e:f2:
f7:62:be:60:9a:25:67:ce:a9:a1:9a:f7:ec:a0:ee:
98:46:0f:72:df:8a:0a:1c:69:de:60:31:6e:fb:2d:
3e:69:01:7e:b1:f2:03:10:0c:83:8c:d8:6c:fd:5e:
5f:f3:c9:ce:a1:2f:b0:78:a7:e8:28:d1:8f:3e:2c:
a6:26:a4:fb:09:37:b0:7d:de:49:fa:ab:f1:4e:dc:
8d:f5:b1:0e:7d:25:65:ad:55:b4:ad:d4:aa:7d:d0:
75:a4:39:aa:20:d7:35:1f:25:ec:67:58:ca:89:65:
19:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:BC:32:1C:1E:0D:92:26:60:7B:C7:FB:7A:69:0D:82:56:AA:77:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:4000::/40
Signature Algorithm: sha256WithRSAEncryption
61:f6:05:3a:12:18:de:35:7c:c8:09:28:9a:13:1b:84:2c:a6:
ed:61:8c:95:f8:8b:b7:1b:26:62:41:74:44:59:c6:f6:43:20:
50:34:45:1a:6a:a4:1a:f8:0a:a6:5f:9b:42:b6:0b:1e:53:20:
b2:ea:ba:0b:48:aa:1a:ca:18:bb:13:a2:51:07:07:54:6d:30:
9a:ab:7b:b7:09:e2:16:92:08:51:15:d3:6c:2b:d4:d1:e0:88:
5c:75:7c:e6:43:d0:3a:98:9e:98:3e:3c:73:09:97:99:0a:84:
6f:16:19:0a:1f:e0:2b:e4:95:09:b3:cd:2c:bc:a2:ec:04:8f:
a0:a9:d6:4c:ea:5a:ce:db:a9:03:e5:ad:2a:d0:18:12:8f:96:
e8:be:c5:cb:7a:c4:29:2a:88:62:31:5e:0e:56:eb:47:35:8d:
41:6d:7d:65:c5:98:be:71:59:a2:ae:47:86:f6:32:51:c4:f9:
f7:c7:a4:ae:78:6f:22:31:54:e9:87:09:f2:3d:bd:4c:8b:34:
fc:4a:48:60:e4:bd:ba:34:ea:cd:38:bc:01:1d:cb:b2:e3:c9:
6e:d3:58:2b:c6:e1:0f:f8:e6:bf:81:07:48:d3:c1:f8:f8:94:
51:3a:15:10:bf:25:bd:bc:30:62:26:75:3f:99:b0:fb:92:b9:
a0:95:0b:b7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUElZ8yt//1uDJj5xvWQvNMLu3ProwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAxMjZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2OGNhNTNmY2VkOWJmZmVhNjc5ZWFlMGQyYzdkZTM1NGVlMWViYzBiOTE5
NmQyNWY2OWM1ZmQwMTBlYmEyZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAORi2K+mPkFLBpakTowXuMZnlrBJAluIhYmHX8Zu/IJlB4LBvLYFp+UkdvZM
zFQ3dN6LJv+flbJhU0LV73jHtFs5TCS1qC5htMEXPOc43OnN7jdVhVWzXTHQMdvE
iy5vMxOoN/IU/SgtBnnkr97Weih53XKGkvfxes3j+O9tcmiZRJyapSMqMImSYNYp
m158mj1cmY7y92K+YJolZ86poZr37KDumEYPct+KChxp3mAxbvstPmkBfrHyAxAM
g4zYbP1eX/PJzqEvsHin6CjRjz4spiak+wk3sH3eSfqr8U7cjfWxDn0lZa1VtK3U
qn3QdaQ5qiDXNR8l7GdYyollGRUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9vDIc
Hg2SJmB7x/t6aQ2CVqp3VzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjJjYjIwYmMtODA2My00MTY5LTllNGItYTNhZDI5YWVlZGM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FBA
MA0GCSqGSIb3DQEBCwUAA4IBAQBh9gU6EhjeNXzICSiaExuELKbtYYyV+Iu3GyZi
QXREWcb2QyBQNEUaaqQa+AqmX5tCtgseUyCy6roLSKoayhi7E6JRBwdUbTCaq3u3
CeIWkghRFdNsK9TR4IhcdXzmQ9A6mJ6YPjxzCZeZCoRvFhkKH+Ar5JUJs80svKLs
BI+gqdZM6lrO26kD5a0q0BgSj5bovsXLesQpKohiMV4OVutHNY1BbX1lxZi+cVmi
rkeG9jJRxPn3x6SueG8iMVTphwnyPb1MizT8Skhg5L26NOrNOLwBHcuy48lu01gr
xuEP+Oa/gQdI08H4+JRROhUQvyW9vDBiJnU/mbD7krmglQu3
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:10 2025 by rpki-client