Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
File: 288fb7c1-6c49-475a-9dd0-2637b4e09492.roa (raw, json)
Hash identifier: briwL+Agx5m8nnNYVjiFynmPEdc1Mqw4mVWGPbcldqE=
Subject key identifier: 01:16:91:7A:E5:2B:68:59:DB:F0:50:86:C3:AD:FF:07:61:C8:B8:12
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6131A3A0DEDA06D61B56C0EC421654E0E5B17D13
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
Signing time: Tue 05 Aug 2025 20:10:05 +0000
ROA not before: Tue 05 Aug 2025 20:10:05 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:31:a3:a0:de:da:06:d6:1b:56:c0:ec:42:16:54:e0:e5:b1:7d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:10:05 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=3ebc4614e709c4b1a7c0cedaa64508731d19dfa1e27bb17d734153eef6fa2d98, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:1f:57:00:00:e1:1a:c9:a4:52:ee:b4:ff:57:
c7:14:6d:f1:3f:83:0a:45:9c:15:be:98:68:05:6e:
cb:24:08:3d:a6:70:cb:5e:69:5f:76:57:d9:ff:1e:
ee:93:3b:7a:37:8f:25:41:a9:88:98:4d:d0:df:4e:
1f:32:44:1c:61:6c:ab:39:f0:e8:ff:8c:b7:3c:5a:
f7:bd:7c:b8:86:d6:31:2e:08:96:13:2d:bf:0b:ee:
4f:27:da:19:19:dc:e2:a4:40:bd:b1:15:ec:54:43:
73:bf:d5:a9:0a:51:a3:06:a3:4f:ec:80:26:ec:f2:
89:9c:22:1a:41:a6:88:78:8f:b4:48:89:8c:6e:df:
93:83:25:e8:cc:da:38:ac:47:cd:14:1c:e3:40:7c:
62:29:6b:55:02:31:aa:15:87:35:5f:bb:92:fe:64:
c8:62:fb:8b:f4:db:53:50:05:92:78:97:2f:28:21:
a7:65:7d:1b:b8:ec:a3:66:10:5d:1d:c2:dc:c9:33:
8e:a1:c6:a1:5c:48:16:ce:59:41:d5:52:0f:49:df:
9f:0f:3f:63:06:c2:68:d1:0c:15:0c:63:2a:78:5a:
62:ca:04:2a:a8:f0:2d:b4:f3:6a:33:c1:bf:56:88:
2b:1a:a2:0a:71:33:96:88:c1:47:34:e7:b3:14:11:
f3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:16:91:7A:E5:2B:68:59:DB:F0:50:86:C3:AD:FF:07:61:C8:B8:12
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/288fb7c1-6c49-475a-9dd0-2637b4e09492.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:400::/38
Signature Algorithm: sha256WithRSAEncryption
90:83:70:a3:81:e6:28:79:89:11:33:92:e9:db:e1:97:0b:25:
bc:77:b3:b2:e9:28:9c:52:86:0e:3c:7b:e7:6f:8c:16:9f:f6:
30:da:b4:0e:b0:3b:5a:99:0e:32:ad:69:b5:32:e6:d7:f6:2e:
24:0d:67:64:9e:f4:5f:33:d7:e1:1a:7a:91:05:d5:bf:92:f5:
a9:9d:6c:07:cf:cc:8d:dc:a8:ab:24:cf:2a:df:a9:8a:bd:9c:
2c:ba:fd:02:86:f7:f9:23:12:43:6e:9b:5f:b0:09:d3:62:5e:
55:14:ac:f6:78:1e:c5:d4:e5:b4:cc:40:ff:10:72:60:18:3e:
fb:9d:66:93:87:d0:da:25:17:36:57:15:07:00:10:31:8d:92:
71:08:f7:a3:cd:14:5e:b1:72:6d:ee:d2:24:eb:08:b9:4e:ab:
af:0c:54:31:cb:63:d8:10:78:0e:de:74:9d:2a:7a:dd:bb:84:
a8:83:de:8a:67:ac:58:e0:02:7b:4b:fb:74:fe:b6:0d:70:ed:
56:ba:f1:dd:31:dc:19:3f:97:90:00:15:72:fa:9f:3b:49:0a:
b7:9b:28:5f:18:20:ae:f9:32:20:79:12:b9:c4:3d:a1:f5:05:
da:94:9b:7b:5f:70:d0:34:93:bc:e9:f1:ee:31:f1:ec:82:8c:
69:27:b4:41
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYTGjoN7aBtYbVsDsQhZU4OWxfRMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDEwMDVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlYmM0NjE0ZTcwOWM0YjFhN2MwY2VkYWE2NDUwODczMWQxOWRmYTFlMjdi
YjE3ZDczNDE1M2VlZjZmYTJkOTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOIfVwAA4RrJpFLutP9XxxRt8T+DCkWcFb6YaAVuyyQIPaZwy15pX3ZX2f8e
7pM7ejePJUGpiJhN0N9OHzJEHGFsqznw6P+Mtzxa9718uIbWMS4IlhMtvwvuTyfa
GRnc4qRAvbEV7FRDc7/VqQpRowajT+yAJuzyiZwiGkGmiHiPtEiJjG7fk4Ml6Mza
OKxHzRQc40B8YilrVQIxqhWHNV+7kv5kyGL7i/TbU1AFkniXLyghp2V9G7jso2YQ
XR3C3MkzjqHGoVxIFs5ZQdVSD0nfnw8/YwbCaNEMFQxjKnhaYsoEKqjwLbTzajPB
v1aIKxqiCnEzlojBRzTnsxQR81UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQBFpF6
5StoWdvwUIbDrf8HYci4EjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjg4ZmI3YzEtNmM0OS00NzVhLTlkZDAtMjYzN2I0ZTA5NDkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4E
MA0GCSqGSIb3DQEBCwUAA4IBAQCQg3CjgeYoeYkRM5Lp2+GXCyW8d7Oy6SicUoYO
PHvnb4wWn/Yw2rQOsDtamQ4yrWm1MubX9i4kDWdknvRfM9fhGnqRBdW/kvWpnWwH
z8yN3KirJM8q36mKvZwsuv0Chvf5IxJDbptfsAnTYl5VFKz2eB7F1OW0zED/EHJg
GD77nWaTh9DaJRc2VxUHABAxjZJxCPejzRResXJt7tIk6wi5TquvDFQxy2PYEHgO
3nSdKnrdu4Sog96KZ6xY4AJ7S/t0/rYNcO1WuvHdMdwZP5eQABVy+p87SQq3myhf
GCCu+TIgeRK5xD2h9QXalJt7X3DQNJO86fHuMfHsgoxpJ7RB
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:25 2025 by rpki-client