Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
File: 27140a0d-612c-4da4-a60a-55c28faff6fe.roa (raw, json)
Hash identifier: fkpfkKY0fBjXNCtoqy0Naw3oFzqzPf8KWxWmtAUXmHQ=
Subject key identifier: CC:E8:60:F7:27:66:6D:CF:28:C9:DC:CA:C2:EB:FC:4A:8F:00:A3:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46EE0B889D5887AE5CE2ABEF655252DF9B7D7CA9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
Signing time: Wed 06 Aug 2025 00:51:29 +0000
ROA not before: Wed 06 Aug 2025 00:51:29 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:ee:0b:88:9d:58:87:ae:5c:e2:ab:ef:65:52:52:df:9b:7d:7c:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:51:29 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=34a8e40cf48fd36b8600cfaf4aeb9ddd5310d0c32f186efb3749e59cf5e031fd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:32:79:33:61:91:77:67:73:8e:0e:29:3c:13:
c6:7b:97:0c:d8:1b:2e:d7:14:43:d6:02:1e:f8:f9:
62:84:d9:75:e4:21:e1:50:52:fb:ee:c1:44:89:38:
58:e9:f7:08:f1:58:1f:d3:3b:18:19:7b:46:39:1f:
9d:c2:f3:07:d4:f4:a2:26:1a:66:03:b8:50:22:ac:
af:2b:f0:13:f5:ea:39:04:3d:a9:15:a9:2f:93:06:
95:eb:87:f9:55:5f:23:9f:c5:23:48:27:b4:84:9a:
ed:2d:c9:94:01:9d:05:f4:f5:90:6a:53:c1:5d:39:
52:40:c4:f3:95:da:d4:f9:2c:d6:8f:57:2c:b0:35:
97:32:04:d4:c3:07:6f:17:5b:0e:a2:78:3d:8b:bb:
46:77:a6:2e:45:b2:16:d0:ca:1e:2a:3d:2d:65:de:
74:13:00:a1:d4:07:3b:a3:3b:20:9b:25:9a:5c:82:
a6:6f:8c:3f:3f:3f:a3:82:ec:ca:84:55:6c:db:3f:
42:4f:ee:70:af:fd:cd:be:ee:e7:46:a4:36:0a:80:
8a:df:d0:e5:d3:6f:48:54:0c:d9:b0:1b:16:e6:88:
9b:03:d6:4e:63:fa:79:7d:93:b9:3e:d2:56:5e:8c:
d6:8a:be:8a:d0:73:14:d7:62:95:11:d6:49:7a:44:
c7:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:E8:60:F7:27:66:6D:CF:28:C9:DC:CA:C2:EB:FC:4A:8F:00:A3:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
c5:99:ce:cc:72:ba:a5:96:65:fe:17:ab:ef:6c:6c:70:7b:f9:
ee:a3:75:8c:8c:f6:35:d0:f1:df:c7:95:11:3d:87:fa:07:81:
74:4d:50:1a:dc:39:ea:32:59:5f:92:9e:94:d7:6b:99:20:44:
bf:7a:52:d3:e3:7d:ee:a3:ea:49:b0:b8:1d:06:76:6a:6b:0d:
40:99:8a:3f:17:de:64:3a:44:fd:60:20:cf:98:d6:de:4b:46:
d7:d4:11:40:5c:3d:03:c1:94:5e:28:8d:4d:e4:54:51:07:79:
36:c9:fc:5e:71:11:f2:01:dc:f3:b4:b3:19:53:ce:6c:90:f3:
65:3c:b4:a4:1e:f4:60:72:b3:46:20:55:02:49:77:3a:68:72:
5d:39:23:c9:65:69:07:cc:66:24:57:32:29:61:26:38:ca:80:
2e:92:e1:28:fe:45:25:be:ac:e5:63:77:78:58:20:2e:3e:49:
92:88:82:1b:8c:62:52:ab:84:1d:a2:53:d4:fa:82:d8:8f:a0:
bf:48:e0:4f:89:e4:12:7d:18:dd:90:cb:02:6c:3c:50:43:8b:
34:e3:ce:df:8f:0e:a8:dd:63:4f:02:43:34:f5:67:02:70:43:
3d:e0:66:fd:fe:ad:1c:55:de:d7:f9:e3:d8:64:39:24:4b:7d:
d5:f9:26:8c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURu4LiJ1Yh65c4qvvZVJS35t9fKkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUxMjlaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0YThlNDBjZjQ4ZmQzNmI4NjAwY2ZhZjRhZWI5ZGRkNTMxMGQwYzMyZjE4
NmVmYjM3NDllNTljZjVlMDMxZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4yeTNhkXdnc44OKTwTxnuXDNgbLtcUQ9YCHvj5YoTZdeQh4VBS++7BRIk4
WOn3CPFYH9M7GBl7RjkfncLzB9T0oiYaZgO4UCKsryvwE/XqOQQ9qRWpL5MGleuH
+VVfI5/FI0gntISa7S3JlAGdBfT1kGpTwV05UkDE85Xa1Pks1o9XLLA1lzIE1MMH
bxdbDqJ4PYu7RnemLkWyFtDKHio9LWXedBMAodQHO6M7IJslmlyCpm+MPz8/o4Ls
yoRVbNs/Qk/ucK/9zb7u50akNgqAit/Q5dNvSFQM2bAbFuaImwPWTmP6eX2TuT7S
Vl6M1oq+itBzFNdilRHWSXpEx5MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTM6GD3
J2ZtzyjJ3MrC6/xKjwCjzjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjcxNDBhMGQtNjEyYy00ZGE0LWE2MGEtNTVjMjhmYWZmNmZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQDFmc7McrqllmX+F6vvbGxwe/nuo3WMjPY10PHf
x5URPYf6B4F0TVAa3DnqMllfkp6U12uZIES/elLT433uo+pJsLgdBnZqaw1AmYo/
F95kOkT9YCDPmNbeS0bX1BFAXD0DwZReKI1N5FRRB3k2yfxecRHyAdzztLMZU85s
kPNlPLSkHvRgcrNGIFUCSXc6aHJdOSPJZWkHzGYkVzIpYSY4yoAukuEo/kUlvqzl
Y3d4WCAuPkmSiIIbjGJSq4QdolPU+oLYj6C/SOBPieQSfRjdkMsCbDxQQ4s0487f
jw6o3WNPAkM09WcCcEM94Gb9/q0cVd7X+ePYZDkkS33V+SaM
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:50:53 2025 by rpki-client