Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
File: 248ea861-facc-4167-976d-1e65c556b074.roa (raw, json)
Hash identifier: utoKaRBfxn1jIj/r4yd/yCMn+d7i6KTqwhu+CRJCZqg=
Subject key identifier: D4:FD:AC:BA:13:15:30:A3:9D:13:6A:55:91:1E:80:6C:58:8E:2D:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F3D31D2B27D742E398634608C739D125D969C93
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
Signing time: Tue 05 Aug 2025 19:51:29 +0000
ROA not before: Tue 05 Aug 2025 19:51:29 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:3d:31:d2:b2:7d:74:2e:39:86:34:60:8c:73:9d:12:5d:96:9c:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:51:29 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=7ec35ba74d9e91d27abd33d475487b55bedfe8649878afd3901cd5a705ac0a3d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:bc:46:3f:76:ea:47:80:b2:45:c4:ae:55:1c:
99:8a:34:cf:5e:44:50:94:a2:43:dc:97:18:0e:73:
7f:f5:7d:8d:21:f8:de:f8:61:d2:81:ea:8c:fa:c2:
8b:b7:c1:95:d9:4b:38:39:6c:26:9a:61:87:b9:08:
90:6e:e3:5e:61:dd:64:b6:78:c6:50:05:0c:ea:bb:
f5:e1:6d:e5:ae:25:c3:fb:a1:84:ae:e1:df:26:6a:
58:91:d1:1e:d8:b4:d4:08:df:b4:e8:f2:e9:bf:7f:
40:7c:8b:68:f1:0d:e4:c8:32:67:34:0c:31:14:8b:
67:c1:1b:ba:65:a0:2d:ed:4d:c5:8e:e7:56:64:a3:
47:6e:4b:17:2f:5b:51:4a:0a:81:05:84:c3:27:00:
b9:ca:e9:b0:97:50:42:f3:59:a1:5a:f2:a9:2b:9a:
09:70:69:95:9b:ad:50:43:bf:19:4f:28:c0:c0:2d:
e8:ac:fc:71:83:0e:72:be:f1:a8:a7:61:1a:6b:cb:
7b:ee:2e:92:51:ab:d0:87:48:af:a3:d6:15:e9:78:
77:56:f0:64:26:19:3b:c8:3c:2c:a6:ec:a9:7a:7f:
ac:cf:02:a9:ae:26:9a:b9:07:47:90:f9:03:fc:36:
d6:c6:46:88:6d:16:a1:2e:8d:f8:a1:47:b3:fc:8d:
91:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:FD:AC:BA:13:15:30:A3:9D:13:6A:55:91:1E:80:6C:58:8E:2D:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/248ea861-facc-4167-976d-1e65c556b074.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:1000::/40
Signature Algorithm: sha256WithRSAEncryption
9f:e0:03:2f:6f:8d:c1:41:5b:78:65:71:d4:42:f9:9e:f1:5d:
88:dc:29:95:5a:0e:a3:31:2c:09:88:72:6a:a0:42:c8:db:7b:
c5:ca:73:dc:af:fa:04:2b:58:94:47:60:d0:1f:3f:de:75:36:
fc:e1:db:98:4f:a9:26:0c:55:f0:33:65:01:89:a9:cb:1c:2d:
db:05:8a:1d:42:81:9a:11:6b:6d:16:52:5a:ec:fd:ff:01:d1:
ed:27:f2:ae:03:63:28:ea:a9:07:8b:6c:94:16:ee:40:29:37:
84:a2:60:a9:9f:08:a4:c1:dc:ee:f4:16:5d:d1:8b:1d:cc:60:
e9:fe:2a:47:cf:e7:84:0b:8f:7f:54:b7:31:37:cf:6a:76:05:
3c:d5:bb:e0:ad:77:ff:07:2c:da:b8:c7:8b:01:e1:8f:dc:8b:
ee:88:dc:96:04:8c:fe:83:c2:1c:72:14:3e:1e:a6:36:78:42:
51:d4:6d:fb:54:c0:01:84:be:03:26:66:1d:05:41:e8:66:67:
53:7b:cb:d3:01:bb:00:55:a7:c8:5f:6d:86:be:07:43:09:17:
65:00:8b:4d:0c:2e:1b:57:84:04:19:21:d0:2f:57:70:54:95:
62:1b:e8:f1:44:d6:f5:b9:28:64:81:3a:54:9a:5b:cb:e0:51:
f3:88:83:18
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHz0x0rJ9dC45hjRgjHOdEl2WnJMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUxMjlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlYzM1YmE3NGQ5ZTkxZDI3YWJkMzNkNDc1NDg3YjU1YmVkZmU4NjQ5ODc4
YWZkMzkwMWNkNWE3MDVhYzBhM2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOK8Rj926keAskXErlUcmYo0z15EUJSiQ9yXGA5zf/V9jSH43vhh0oHqjPrC
i7fBldlLODlsJpphh7kIkG7jXmHdZLZ4xlAFDOq79eFt5a4lw/uhhK7h3yZqWJHR
Hti01AjftOjy6b9/QHyLaPEN5MgyZzQMMRSLZ8EbumWgLe1NxY7nVmSjR25LFy9b
UUoKgQWEwycAucrpsJdQQvNZoVryqSuaCXBplZutUEO/GU8owMAt6Kz8cYMOcr7x
qKdhGmvLe+4uklGr0IdIr6PWFel4d1bwZCYZO8g8LKbsqXp/rM8Cqa4mmrkHR5D5
A/w21sZGiG0WoS6N+KFHs/yNkXUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTU/ay6
ExUwo50TalWRHoBsWI4tKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjQ4ZWE4NjEtZmFjYy00MTY3LTk3NmQtMWU2NWM1NTZiMDc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCf4AMvb43BQVt4ZXHUQvme8V2I3CmVWg6jMSwJ
iHJqoELI23vFynPcr/oEK1iUR2DQHz/edTb84duYT6kmDFXwM2UBianLHC3bBYod
QoGaEWttFlJa7P3/AdHtJ/KuA2Mo6qkHi2yUFu5AKTeEomCpnwikwdzu9BZd0Ysd
zGDp/ipHz+eEC49/VLcxN89qdgU81bvgrXf/ByzauMeLAeGP3IvuiNyWBIz+g8Ic
chQ+HqY2eEJR1G37VMABhL4DJmYdBUHoZmdTe8vTAbsAVafIX22GvgdDCRdlAItN
DC4bV4QEGSHQL1dwVJViG+jxRNb1uShkgTpUmlvL4FHziIMY
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:11 2025 by rpki-client